Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://onetomany.cu...

windows10-2004-x64

1

Analysis

  • max time kernel
    146s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/08/2023, 07:32 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://onetomany.cumulo9.com/ch/41024/1nth2/2887901/BoChYkAz434lfOCcTEySGRvdxYQy41thfBFjtLpw.html

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://onetomany.cumulo9.com/ch/41024/1nth2/2887901/BoChYkAz434lfOCcTEySGRvdxYQy41thfBFjtLpw.html
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3896
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff03df46f8,0x7fff03df4708,0x7fff03df4718
      2⤵
        PID:3420
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,17170183336403372162,14867847930593954690,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2108 /prefetch:2
        2⤵
          PID:4612
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2084,17170183336403372162,14867847930593954690,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:1544
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2084,17170183336403372162,14867847930593954690,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2892 /prefetch:8
          2⤵
            PID:452
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,17170183336403372162,14867847930593954690,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3356 /prefetch:1
            2⤵
              PID:2356
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,17170183336403372162,14867847930593954690,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3380 /prefetch:1
              2⤵
                PID:3288
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,17170183336403372162,14867847930593954690,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4768 /prefetch:1
                2⤵
                  PID:2444
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,17170183336403372162,14867847930593954690,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5388 /prefetch:8
                  2⤵
                    PID:3952
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2084,17170183336403372162,14867847930593954690,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5388 /prefetch:8
                    2⤵
                    • Suspicious behavior: EnumeratesProcesses
                    PID:4144
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,17170183336403372162,14867847930593954690,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5504 /prefetch:1
                    2⤵
                      PID:3560
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,17170183336403372162,14867847930593954690,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1
                      2⤵
                        PID:4336
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,17170183336403372162,14867847930593954690,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4764 /prefetch:1
                        2⤵
                          PID:4700
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2084,17170183336403372162,14867847930593954690,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
                          2⤵
                            PID:4724
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2084,17170183336403372162,14867847930593954690,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1784 /prefetch:2
                            2⤵
                            • Suspicious behavior: EnumeratesProcesses
                            PID:1836
                        • C:\Windows\System32\CompPkgSrv.exe
                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                          1⤵
                            PID:4796
                          • C:\Windows\System32\CompPkgSrv.exe
                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                            1⤵
                              PID:2424

                            Network

                            • flag-us
                              DNS
                              2.136.104.51.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              2.136.104.51.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              254.135.241.8.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              254.135.241.8.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              onetomany.cumulo9.com
                              msedge.exe
                              Remote address:
                              8.8.8.8:53
                              Request
                              onetomany.cumulo9.com
                              IN A
                              Response
                              onetomany.cumulo9.com
                              IN CNAME
                              app1.au.v6send.net
                              app1.au.v6send.net
                              IN A
                              203.14.199.84
                            • flag-au
                              GET
                              https://onetomany.cumulo9.com/ch/41024/1nth2/2887901/BoChYkAz434lfOCcTEySGRvdxYQy41thfBFjtLpw.html
                              msedge.exe
                              Remote address:
                              203.14.199.84:443
                              Request
                              GET /ch/41024/1nth2/2887901/BoChYkAz434lfOCcTEySGRvdxYQy41thfBFjtLpw.html HTTP/2.0
                              host: onetomany.cumulo9.com
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              sec-ch-ua-mobile: ?0
                              dnt: 1
                              upgrade-insecure-requests: 1
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                              sec-fetch-site: none
                              sec-fetch-mode: navigate
                              sec-fetch-user: ?1
                              sec-fetch-dest: document
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 302
                              server: nginx
                              date: Fri, 25 Aug 2023 07:32:28 GMT
                              content-type: text/html; charset=UTF-8
                              content-length: 0
                              location: https://www.surveymonkey.com/r/JF8RH5H
                              set-cookie: v6_session=lm2p83fs8vrli2uahksunt70g1; path=/; secure; HttpOnly
                              expires: Thu, 19 Nov 1981 08:52:00 GMT
                              cache-control: no-store, no-cache, must-revalidate
                              pragma: no-cache
                              x-robots-tag: noindex, nofollow
                              strict-transport-security: max-age=31536000
                            • flag-us
                              DNS
                              www.surveymonkey.com
                              msedge.exe
                              Remote address:
                              8.8.8.8:53
                              Request
                              www.surveymonkey.com
                              IN A
                              Response
                              www.surveymonkey.com
                              IN CNAME
                              g-sm-prod-cloudeng-frontdoor.svmkinfra.com
                              g-sm-prod-cloudeng-frontdoor.svmkinfra.com
                              IN CNAME
                              d2yx97y2ukjhui.cloudfront.net
                              d2yx97y2ukjhui.cloudfront.net
                              IN A
                              52.222.139.6
                              d2yx97y2ukjhui.cloudfront.net
                              IN A
                              52.222.139.14
                              d2yx97y2ukjhui.cloudfront.net
                              IN A
                              52.222.139.38
                              d2yx97y2ukjhui.cloudfront.net
                              IN A
                              52.222.139.18
                            • flag-nl
                              GET
                              https://www.surveymonkey.com/r/JF8RH5H
                              msedge.exe
                              Remote address:
                              52.222.139.6:443
                              Request
                              GET /r/JF8RH5H HTTP/2.0
                              host: www.surveymonkey.com
                              dnt: 1
                              upgrade-insecure-requests: 1
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                              sec-fetch-site: none
                              sec-fetch-mode: navigate
                              sec-fetch-user: ?1
                              sec-fetch-dest: document
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              sec-ch-ua-mobile: ?0
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 200
                              content-type: text/html; charset=UTF-8
                              date: Fri, 25 Aug 2023 07:32:31 GMT
                              server: nginx
                              vary: Accept-Encoding
                              vary: Accept-Encoding
                              p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
                              sl_notranslate: 1
                              pragma: no-cache
                              sm-request-id: oS3wDgk9-gko7P37GXdp3D9nbwUOd47WhdOpNGd8jjvxNGzzuBdlng==
                              rexr-request: current:b67a616b4d57870adf0aeec40761a18f:1692948751.575:206
                              content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com https://api2.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; img-src https: http: data: blob: 'self'; script-src https: 'unsafe-eval' 'unsafe-inline' http://www.google-analytics.com http://ajax.googleapis.com http://bat.bing.com http://static.hotjar.com http://www.googleadservices.com 'self'; style-src https: 'unsafe-inline' http://resources.monkeytest1.com 'self';
                              x-xss-protection: 1;mode=block
                              x-content-type-options: nosniff
                              cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
                              referrer-policy: strict-origin-when-cross-origin
                              strict-transport-security: max-age=31536000; includeSubDomains
                              set-cookie: ep201="xUj00xTRLcdQMqeC//dndOQNCu8="; Domain=.surveymonkey.com; expires=Fri, 25 Aug 2023 08:02:31 GMT; Path=/; SameSite=none; Secure
                              set-cookie: ep203="eo4PeZBHDVe8HhUr5I6qFyW3j5g="; Domain=.surveymonkey.com; expires=Thu, 23 Nov 2023 07:32:31 GMT; HttpOnly; Path=/; SameSite=none; Secure
                              content-encoding: gzip
                              x-cache: Miss from cloudfront
                              via: 1.1 dd133741afef09b02f3e6afd7cb39f40.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS50-C1
                              x-amz-cf-id: oS3wDgk9-gko7P37GXdp3D9nbwUOd47WhdOpNGd8jjvxNGzzuBdlng==
                            • flag-nl
                              GET
                              https://www.surveymonkey.com/favicon.ico
                              msedge.exe
                              Remote address:
                              52.222.139.6:443
                              Request
                              GET /favicon.ico HTTP/2.0
                              host: www.surveymonkey.com
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              dnt: 1
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              sec-fetch-site: same-origin
                              sec-fetch-mode: no-cors
                              sec-fetch-dest: image
                              referer: https://www.surveymonkey.com/r/JF8RH5H
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              cookie: ep201="xUj00xTRLcdQMqeC//dndOQNCu8="
                              cookie: ep203="eo4PeZBHDVe8HhUr5I6qFyW3j5g="
                              cookie: _splunk_rum_sid=%7B%22id%22%3A%22443ae6746e90ce55c02fa61e0b97f9f0%22%2C%22startTime%22%3A1692948751962%7D
                              Response
                              HTTP/2.0 302
                              content-type: text/html
                              content-length: 138
                              location: https://prod.smassets.net/assets/static/images/surveymonkey/favicon.ico
                              date: Fri, 25 Aug 2023 07:32:34 GMT
                              server: nginx
                              referrer-policy: strict-origin-when-cross-origin
                              strict-transport-security: max-age=31536000; includeSubDomains
                              set-cookie: ep201="xUj00xTRLcdQMqeC//dndOQNCu8="; Domain=.surveymonkey.com; expires=Fri, 25 Aug 2023 08:02:34 GMT; Path=/; SameSite=none; Secure
                              set-cookie: ep203="eo4PeZBHDVe8HhUr5I6qFyW3j5g="; Domain=.surveymonkey.com; expires=Thu, 23 Nov 2023 07:32:34 GMT; HttpOnly; Path=/; SameSite=none; Secure
                              x-cache: Miss from cloudfront
                              via: 1.1 dd133741afef09b02f3e6afd7cb39f40.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS50-C1
                              x-amz-cf-id: SmVQzcAhRrGWxV74q4SZZbHohXs__74nECTZD1AYaFJxR4KaZWYwew==
                            • flag-us
                              DNS
                              84.199.14.203.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              84.199.14.203.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              72.32.126.40.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              72.32.126.40.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              95.221.229.192.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              95.221.229.192.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              6.139.222.52.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              6.139.222.52.in-addr.arpa
                              IN PTR
                              Response
                              6.139.222.52.in-addr.arpa
                              IN PTR
                              server-52-222-139-6ams50r cloudfrontnet
                            • flag-us
                              DNS
                              17.211.227.13.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              17.211.227.13.in-addr.arpa
                              IN PTR
                              Response
                              17.211.227.13.in-addr.arpa
                              IN PTR
                              server-13-227-211-17ams54r cloudfrontnet
                            • flag-us
                              DNS
                              secure.surveymonkey.com
                              msedge.exe
                              Remote address:
                              8.8.8.8:53
                              Request
                              secure.surveymonkey.com
                              IN A
                              Response
                              secure.surveymonkey.com
                              IN CNAME
                              g-sm-prod-cloudeng-cdn.svmkinfra.com
                              g-sm-prod-cloudeng-cdn.svmkinfra.com
                              IN CNAME
                              d15akbylw3vqc5.cloudfront.net
                              d15akbylw3vqc5.cloudfront.net
                              IN A
                              13.227.219.61
                              d15akbylw3vqc5.cloudfront.net
                              IN A
                              13.227.219.60
                              d15akbylw3vqc5.cloudfront.net
                              IN A
                              13.227.219.57
                              d15akbylw3vqc5.cloudfront.net
                              IN A
                              13.227.219.122
                            • flag-us
                              DNS
                              bam-cell.nr-data.net
                              msedge.exe
                              Remote address:
                              8.8.8.8:53
                              Request
                              bam-cell.nr-data.net
                              IN A
                              Response
                              bam-cell.nr-data.net
                              IN CNAME
                              bam-cell.cell.nr-data.net
                              bam-cell.cell.nr-data.net
                              IN CNAME
                              tls12.newrelic.com.cdn.cloudflare.net
                              tls12.newrelic.com.cdn.cloudflare.net
                              IN A
                              162.247.241.2
                            • flag-us
                              DNS
                              prod.smassets.net
                              msedge.exe
                              Remote address:
                              8.8.8.8:53
                              Request
                              prod.smassets.net
                              IN A
                              Response
                              prod.smassets.net
                              IN CNAME
                              g-sm-prod-cloudeng-cdn.svmkinfra.com
                              g-sm-prod-cloudeng-cdn.svmkinfra.com
                              IN CNAME
                              d15akbylw3vqc5.cloudfront.net
                              d15akbylw3vqc5.cloudfront.net
                              IN A
                              13.227.219.57
                              d15akbylw3vqc5.cloudfront.net
                              IN A
                              13.227.219.61
                              d15akbylw3vqc5.cloudfront.net
                              IN A
                              13.227.219.60
                              d15akbylw3vqc5.cloudfront.net
                              IN A
                              13.227.219.122
                            • flag-nl
                              GET
                              https://secure.surveymonkey.com/r/themes/4.3.71_20704738_palette-1_9436CAF1-29BA-4121-A321-4E1E003FCDFA.css
                              msedge.exe
                              Remote address:
                              13.227.219.61:443
                              Request
                              GET /r/themes/4.3.71_20704738_palette-1_9436CAF1-29BA-4121-A321-4E1E003FCDFA.css HTTP/2.0
                              host: secure.surveymonkey.com
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              dnt: 1
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              accept: text/css,*/*;q=0.1
                              sec-fetch-site: same-site
                              sec-fetch-mode: no-cors
                              sec-fetch-dest: style
                              referer: https://www.surveymonkey.com/
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              cookie: ep201="xUj00xTRLcdQMqeC//dndOQNCu8="
                              cookie: ep203="eo4PeZBHDVe8HhUr5I6qFyW3j5g="
                              Response
                              HTTP/2.0 200
                              content-type: text/css
                              x-amz-id-2: 02DHiLhV56Sr8jpK2poBR1QG3cDbmLj+dV0q6xGtoonjP2O2PVW2sbH+mbKzIyhuixwPTuJbNvg=
                              x-amz-request-id: HKKS91HXVEMQS0WF
                              x-amz-replication-status: COMPLETED
                              last-modified: Thu, 10 Aug 2023 22:17:00 GMT
                              x-amz-server-side-encryption: AES256
                              x-amz-version-id: oD5iEvbCD8cBJEq1xlhZJudjE3CHBmzU
                              server: AmazonS3
                              access-control-allow-origin: *
                              content-encoding: br
                              date: Fri, 25 Aug 2023 01:21:44 GMT
                              etag: W/"31f3af80e24405d41961d693c2285488"
                              vary: Accept-Encoding
                              x-cache: Hit from cloudfront
                              via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS54-C1
                              x-amz-cf-id: CNuaRHb7qaLM6OE50sVFV6wtiTwT86EaiEcycR5CUrzCIPByNxs94w==
                              age: 22650
                              x-xss-protection: 1; mode=block
                              referrer-policy: strict-origin-when-cross-origin
                              content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              cache-control: max-age=7884000, public
                            • flag-nl
                              GET
                              https://prod.smassets.net/assets/responseweb/responseweb-responsewebPkgs-bundle-min.614c8463.css
                              msedge.exe
                              Remote address:
                              13.227.219.61:443
                              Request
                              GET /assets/responseweb/responseweb-responsewebPkgs-bundle-min.614c8463.css HTTP/2.0
                              host: prod.smassets.net
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              dnt: 1
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              accept: text/css,*/*;q=0.1
                              sec-fetch-site: cross-site
                              sec-fetch-mode: no-cors
                              sec-fetch-dest: style
                              referer: https://www.surveymonkey.com/
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 200
                              content-type: text/css
                              x-amz-id-2: wLvXXLuCiAC4/Ovw37pOjYcafgfwo4ItlcT3ltzKXYoP3F5400cR+XS4rYxVvYBChrItyfQb1hk=
                              x-amz-request-id: 1ZNM4Z9V68F33EZQ
                              x-amz-replication-status: COMPLETED
                              last-modified: Thu, 10 Aug 2023 22:16:59 GMT
                              x-amz-server-side-encryption: AES256
                              x-amz-version-id: L9yQJch_IzT.syl6b.7gPfLjHFtAQtN6
                              server: AmazonS3
                              access-control-allow-origin: *
                              content-encoding: br
                              date: Thu, 24 Aug 2023 23:31:00 GMT
                              etag: W/"0d4da8494d3e6411ec8b92fa3e853521"
                              vary: Accept-Encoding
                              x-cache: Hit from cloudfront
                              via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS54-C1
                              x-amz-cf-id: mt9Y_yulLwfoqwyHRurdN0pp8fugSLY3hOOBiS_QtN6e9JmuIhOfdQ==
                              age: 29088
                              x-xss-protection: 1; mode=block
                              referrer-policy: strict-origin-when-cross-origin
                              content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              cache-control: max-age=7884000, public
                            • flag-nl
                              GET
                              https://prod.smassets.net/assets/responseweb/smlib.surveytemplates-survey_page-bundle-min.0d4da849.css
                              msedge.exe
                              Remote address:
                              13.227.219.61:443
                              Request
                              GET /assets/responseweb/smlib.surveytemplates-survey_page-bundle-min.0d4da849.css HTTP/2.0
                              host: prod.smassets.net
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              dnt: 1
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              accept: text/css,*/*;q=0.1
                              sec-fetch-site: cross-site
                              sec-fetch-mode: no-cors
                              sec-fetch-dest: style
                              referer: https://www.surveymonkey.com/
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 200
                              content-type: text/css
                              x-amz-id-2: NuV0ZuYtaK20xsNcQdAgDkovgCxmmoAoC3ra+ASV01DQkXVGNDIb/+pWwgoSdWjXhWAJ2RjlZgA=
                              x-amz-request-id: A5GQGWR11C2AT794
                              x-amz-replication-status: COMPLETED
                              last-modified: Thu, 10 Aug 2023 22:17:05 GMT
                              x-amz-server-side-encryption: AES256
                              x-amz-version-id: 26R_ZM2UrD8YEaitoMVJdvhbfBPd8Y5p
                              server: AmazonS3
                              access-control-allow-origin: *
                              content-encoding: br
                              date: Fri, 25 Aug 2023 03:06:03 GMT
                              etag: W/"614c8463ea474a81e0f9592f3c4fe62b"
                              vary: Accept-Encoding
                              x-cache: Hit from cloudfront
                              via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS54-C1
                              x-amz-cf-id: _tBD8knyO2tKris229Mk83E5ue4w4aFm1i8j_YCgEXMS9EfY3gbjiQ==
                              age: 15988
                              x-xss-protection: 1; mode=block
                              referrer-policy: strict-origin-when-cross-origin
                              content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              cache-control: max-age=7884000, public
                            • flag-nl
                              GET
                              https://prod.smassets.net/assets/responseweb/responseweb-base-bundle-min.31f3af80.css
                              msedge.exe
                              Remote address:
                              13.227.219.61:443
                              Request
                              GET /assets/responseweb/responseweb-base-bundle-min.31f3af80.css HTTP/2.0
                              host: prod.smassets.net
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              dnt: 1
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              accept: text/css,*/*;q=0.1
                              sec-fetch-site: cross-site
                              sec-fetch-mode: no-cors
                              sec-fetch-dest: style
                              referer: https://www.surveymonkey.com/
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 200
                              content-type: application/javascript
                              x-amz-id-2: hBJqAdJPaT1mfaBics3qUjooViurE3ERj4G6Bdmnv47ZxWNn8X269M+LoiHZKJPdZI0WvSdtJqZbe34KcidgcQ==
                              x-amz-request-id: 7VNWS83VMN11B1F6
                              x-amz-replication-status: COMPLETED
                              last-modified: Thu, 10 Aug 2023 22:16:58 GMT
                              x-amz-server-side-encryption: AES256
                              x-amz-version-id: I72MS.OGnlV6LeVuq189adgKmzdRWJkQ
                              server: AmazonS3
                              access-control-allow-origin: *
                              content-encoding: gzip
                              date: Fri, 25 Aug 2023 00:58:29 GMT
                              etag: W/"a165823ce19e210d098673cd3a500be3"
                              vary: Accept-Encoding
                              x-cache: Hit from cloudfront
                              via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS54-C1
                              x-amz-cf-id: RQlagbsc_8XyA6agY87ANp84J6HAjil0ol4qIibEi-JzwH027z-upg==
                              age: 24689
                              x-xss-protection: 1; mode=block
                              referrer-policy: strict-origin-when-cross-origin
                              content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              cache-control: max-age=7884000, public
                            • flag-nl
                              GET
                              https://prod.smassets.net/assets/responseweb/responseweb-version-bundle-min.72993a8f.css
                              msedge.exe
                              Remote address:
                              13.227.219.61:443
                              Request
                              GET /assets/responseweb/responseweb-version-bundle-min.72993a8f.css HTTP/2.0
                              host: prod.smassets.net
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              dnt: 1
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              accept: text/css,*/*;q=0.1
                              sec-fetch-site: cross-site
                              sec-fetch-mode: no-cors
                              sec-fetch-dest: style
                              referer: https://www.surveymonkey.com/
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 200
                              content-type: application/javascript
                              x-amz-id-2: kY5e+oqtpFiYYfeymnH22Kk++yPF1eqq3iYja6pvG1BiQy6P0InLO665FAxQiwyfHNIxuHsKT7E=
                              x-amz-request-id: 8ZG0EGZYT1SMENQ1
                              x-amz-replication-status: COMPLETED
                              last-modified: Thu, 10 Aug 2023 22:16:59 GMT
                              x-amz-server-side-encryption: AES256
                              x-amz-version-id: DwaCBaAcCcoP9TcW7ADDpjNnN2WnEf3_
                              server: AmazonS3
                              access-control-allow-origin: *
                              content-encoding: gzip
                              date: Fri, 25 Aug 2023 03:31:55 GMT
                              etag: W/"c105a2db5b41f9f9e0fb3ce5fce26e20"
                              vary: Accept-Encoding
                              x-cache: Hit from cloudfront
                              via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS54-C1
                              x-amz-cf-id: gdrFcY-WgKYn10CGQ2wp8HIvdFl11iv4OmY6aB7lSf2G9mHHg7H8iw==
                              age: 15285
                              x-xss-protection: 1; mode=block
                              referrer-policy: strict-origin-when-cross-origin
                              content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              cache-control: max-age=7884000, public
                            • flag-nl
                              GET
                              https://prod.smassets.net/assets/responseweb/smlib.surveytemplates-sm-react-bundle-min.26c50983.js
                              msedge.exe
                              Remote address:
                              13.227.219.61:443
                              Request
                              GET /assets/responseweb/smlib.surveytemplates-sm-react-bundle-min.26c50983.js HTTP/2.0
                              host: prod.smassets.net
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              dnt: 1
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              accept: */*
                              sec-fetch-site: cross-site
                              sec-fetch-mode: no-cors
                              sec-fetch-dest: script
                              referer: https://www.surveymonkey.com/
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 200
                              content-type: application/javascript
                              x-amz-id-2: Hz8Zx2+SsNNDOmyWOxC+8QKXn/5JlJ9b1VjYzc+PhXWcMC+SRo4tBESI54L6A0geAdcABFULzVs=
                              x-amz-request-id: 674SSW6QJNR9Q0KD
                              x-amz-replication-status: COMPLETED
                              last-modified: Thu, 10 Aug 2023 22:16:58 GMT
                              x-amz-server-side-encryption: AES256
                              x-amz-version-id: Oyzf3aPd9jQ6QgSSIfLTJrWIUhcXX8io
                              server: AmazonS3
                              access-control-allow-origin: *
                              content-encoding: br
                              date: Thu, 24 Aug 2023 23:44:18 GMT
                              etag: W/"91443e27e5f8bce4310d5ee9680cab3d"
                              vary: Accept-Encoding
                              x-cache: Hit from cloudfront
                              via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS54-C1
                              x-amz-cf-id: kYvgVjcKM4MjZd_FYJiWD6znl6MgRxZZ0DLTSSDY-qDg9X0asdlDFg==
                              age: 28944
                              x-xss-protection: 1; mode=block
                              referrer-policy: strict-origin-when-cross-origin
                              content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              cache-control: max-age=7884000, public
                            • flag-nl
                              GET
                              https://prod.smassets.net/assets/responseweb/responseweb-response-bundle-min.4f8a78f5.js
                              msedge.exe
                              Remote address:
                              13.227.219.61:443
                              Request
                              GET /assets/responseweb/responseweb-response-bundle-min.4f8a78f5.js HTTP/2.0
                              host: prod.smassets.net
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              dnt: 1
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              accept: */*
                              sec-fetch-site: cross-site
                              sec-fetch-mode: no-cors
                              sec-fetch-dest: script
                              referer: https://www.surveymonkey.com/
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 200
                              content-type: application/javascript
                              x-amz-id-2: OEochz2mwaovhV77lGJNRcstEMqOw5ZTt/I1BcP90QWon7bw2yM3U6fzAMj9DS8/ZGQsFX0yCtY=
                              x-amz-request-id: W94FVMEA3Q0WA78N
                              x-amz-replication-status: COMPLETED
                              last-modified: Thu, 10 Aug 2023 22:16:58 GMT
                              x-amz-server-side-encryption: AES256
                              x-amz-version-id: ulD4zmeHeesAoQv7bZfdPtlVEFYtBORc
                              server: AmazonS3
                              access-control-allow-origin: *
                              content-encoding: br
                              date: Fri, 25 Aug 2023 00:52:35 GMT
                              etag: W/"26c509839fa900588f536046d6cb0d53"
                              vary: Accept-Encoding
                              x-cache: Hit from cloudfront
                              via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS54-C1
                              x-amz-cf-id: _T9LbdUQlUG2ZE1PMpgb-BLjZ7F-Gz2oKdpd6J8upV61aAn3XiXKbg==
                              age: 24243
                              x-xss-protection: 1; mode=block
                              referrer-policy: strict-origin-when-cross-origin
                              content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              cache-control: max-age=7884000, public
                            • flag-nl
                              GET
                              https://prod.smassets.net/assets/responseweb/responseweb-jquery-bundle-min.91443e27.js
                              msedge.exe
                              Remote address:
                              13.227.219.61:443
                              Request
                              GET /assets/responseweb/responseweb-jquery-bundle-min.91443e27.js HTTP/2.0
                              host: prod.smassets.net
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              dnt: 1
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              accept: */*
                              sec-fetch-site: cross-site
                              sec-fetch-mode: no-cors
                              sec-fetch-dest: script
                              referer: https://www.surveymonkey.com/
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 200
                              content-type: application/javascript
                              x-amz-id-2: B+BH2Q2Wu1y5s/dbNZXWiF8+d8+KvED6AtdGsgrcbh+8RtKEqaA91WM50sfhTwRVeQn3sqzjzc0=
                              x-amz-request-id: RVTWJC5MR1FP6XBB
                              x-amz-replication-status: COMPLETED
                              last-modified: Thu, 10 Aug 2023 22:17:12 GMT
                              x-amz-server-side-encryption: AES256
                              x-amz-version-id: iBIV4IA7SNWi.i8j1U8LveKL6OPtT71T
                              server: AmazonS3
                              access-control-allow-origin: *
                              content-encoding: br
                              date: Fri, 25 Aug 2023 04:01:37 GMT
                              etag: W/"4f8a78f545bd3b4ec5bc10bc57644bb1"
                              vary: Accept-Encoding
                              x-cache: Hit from cloudfront
                              via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS54-C1
                              x-amz-cf-id: 3UmGVm_iUJ5s14BnlBlycJEPl5EA2kiHfZ9ruOqLwvt52kjalOAYTA==
                              age: 12656
                              x-xss-protection: 1; mode=block
                              referrer-policy: strict-origin-when-cross-origin
                              content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              cache-control: max-age=7884000, public
                            • flag-nl
                              GET
                              https://prod.smassets.net/assets/responseweb/responseweb-ui_bundle-bundle-min.a165823c.js
                              msedge.exe
                              Remote address:
                              13.227.219.61:443
                              Request
                              GET /assets/responseweb/responseweb-ui_bundle-bundle-min.a165823c.js HTTP/2.0
                              host: prod.smassets.net
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              dnt: 1
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              accept: */*
                              sec-fetch-site: cross-site
                              sec-fetch-mode: no-cors
                              sec-fetch-dest: script
                              referer: https://www.surveymonkey.com/
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 200
                              content-type: text/css
                              x-amz-id-2: RQTnb9tAKaScIfmlC9iG3nArxri5LQGDULJFId4jFmGc+j3NLR28m4CmLKsFaTmfxC97SHOR9oTVg42X8ujdYw==
                              x-amz-request-id: RYZCN1C4MSFEJAKK
                              x-amz-replication-status: COMPLETED
                              last-modified: Tue, 17 Nov 2020 13:22:33 GMT
                              x-amz-server-side-encryption: AES256
                              x-amz-version-id: uuS3rJ8lpzOfMrSciOuzwH9Tk1993xne
                              server: AmazonS3
                              access-control-allow-origin: *
                              content-encoding: gzip
                              date: Fri, 25 Aug 2023 01:15:56 GMT
                              etag: W/"319c4184e0e815aaae848111368f49e6"
                              vary: Accept-Encoding
                              x-cache: Hit from cloudfront
                              via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS54-C1
                              x-amz-cf-id: utlg4AlNtjKWQFxMXrnhgsktGzAaAmBpbNqGpWELuTuLxYgHkn0SBg==
                              age: 22870
                              x-xss-protection: 1; mode=block
                              referrer-policy: strict-origin-when-cross-origin
                              content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              cache-control: max-age=7884000, public
                            • flag-nl
                              GET
                              https://prod.smassets.net/assets/responseweb/responseweb-responsewebPkgs_hybrid-bundle-min.79a2bed1.js
                              msedge.exe
                              Remote address:
                              13.227.219.61:443
                              Request
                              GET /assets/responseweb/responseweb-responsewebPkgs_hybrid-bundle-min.79a2bed1.js HTTP/2.0
                              host: prod.smassets.net
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              dnt: 1
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              accept: */*
                              sec-fetch-site: cross-site
                              sec-fetch-mode: no-cors
                              sec-fetch-dest: script
                              referer: https://www.surveymonkey.com/
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 200
                              content-type: application/javascript
                              x-amz-id-2: OR2KH0aiTxHjPrrPelC+uRJqegVNRFtUmW1GTTARtklxWZEyWPXpoqrYxZa4LGqJquYAbUlWTkM=
                              x-amz-request-id: C4J99BKXD9XE9JSY
                              x-amz-replication-status: COMPLETED
                              last-modified: Thu, 10 Aug 2023 22:17:05 GMT
                              x-amz-server-side-encryption: AES256
                              x-amz-version-id: m6etuPzYCf7Ga3GjtIy1pYHpI1DhwfED
                              server: AmazonS3
                              access-control-allow-origin: *
                              content-encoding: br
                              date: Fri, 25 Aug 2023 02:49:51 GMT
                              etag: W/"79a2bed16e98df2902df7fc5438af517"
                              vary: Accept-Encoding
                              x-cache: Hit from cloudfront
                              via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS54-C1
                              x-amz-cf-id: KsYcvo4FAkV2eVXR2oQNIfABYYA4HiVEGUdJ8U5SNbXCTIiTunfCNg==
                              age: 17110
                              x-xss-protection: 1; mode=block
                              referrer-policy: strict-origin-when-cross-origin
                              content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              cache-control: max-age=7884000, public
                            • flag-nl
                              GET
                              https://prod.smassets.net/assets/responseweb/smlib.surveytemplates-sm-polyfill-bundle-min.c105a2db.js
                              msedge.exe
                              Remote address:
                              13.227.219.61:443
                              Request
                              GET /assets/responseweb/smlib.surveytemplates-sm-polyfill-bundle-min.c105a2db.js HTTP/2.0
                              host: prod.smassets.net
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              dnt: 1
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              accept: */*
                              sec-fetch-site: cross-site
                              sec-fetch-mode: no-cors
                              sec-fetch-dest: script
                              referer: https://www.surveymonkey.com/
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 200
                              content-type: text/css
                              x-amz-id-2: UYDHhgD/X8vZCWbeWpt74CvodlEhfdCjydUrJP4DnHWhw8aTUEvNT+t7dMuVnafTBCLJu1PYaUTwbI8vu7vsSw==
                              x-amz-request-id: 856JVQM2K1W668ZP
                              x-amz-replication-status: COMPLETED
                              last-modified: Thu, 10 Aug 2023 22:16:48 GMT
                              x-amz-server-side-encryption: AES256
                              x-amz-version-id: Hd8eNF5DGUhkCZpmmXp6g9Qmrouj_IpH
                              server: AmazonS3
                              access-control-allow-origin: *
                              content-encoding: br
                              date: Fri, 25 Aug 2023 02:38:32 GMT
                              etag: W/"72993a8f5da8c699520b7b397c6e84f8"
                              vary: Accept-Encoding
                              x-cache: Hit from cloudfront
                              via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS54-C1
                              x-amz-cf-id: l30lr-WW97F0ugRx16sBR5JFTrZKIY616rmNMmfhSTwdaFfUMRwkHQ==
                              age: 17641
                              x-xss-protection: 1; mode=block
                              referrer-policy: strict-origin-when-cross-origin
                              content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              cache-control: max-age=7884000, public
                            • flag-nl
                              GET
                              https://cdn.smassets.net/assets/wds/4_20_2/wds-react/wds-react.min.css
                              msedge.exe
                              Remote address:
                              13.227.219.61:443
                              Request
                              GET /assets/wds/4_20_2/wds-react/wds-react.min.css HTTP/2.0
                              host: cdn.smassets.net
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              dnt: 1
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              accept: text/css,*/*;q=0.1
                              sec-fetch-site: cross-site
                              sec-fetch-mode: no-cors
                              sec-fetch-dest: style
                              referer: https://www.surveymonkey.com/
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 200
                              content-type: image/svg+xml
                              x-amz-id-2: sWl6U4/WB8SQ6Kdwk0T7j9jWlqDvnXWo2q4A/UJz8zSdl6SCT7R0fVQUiVTTBVf/gH69EYcsKTQ=
                              x-amz-request-id: QE6C0YYGEEFTGFXY
                              x-amz-replication-status: COMPLETED
                              last-modified: Thu, 10 Aug 2023 22:16:48 GMT
                              x-amz-server-side-encryption: AES256
                              x-amz-version-id: 56nLOjYKffhRn91JKCoEqpl9oKYrG_wm
                              server: AmazonS3
                              access-control-allow-origin: *
                              content-encoding: br
                              date: Thu, 24 Aug 2023 23:28:14 GMT
                              etag: W/"93383a58dff6cb7fd2eeae02aae1d46e"
                              vary: Accept-Encoding
                              x-cache: Hit from cloudfront
                              via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS54-C1
                              x-amz-cf-id: SOYcrrbbPur4J1aq6PFyNhU6LCAI_C49OwgwbGKYZjEpW1MwDeJN2A==
                              age: 29059
                              x-xss-protection: 1; mode=block
                              referrer-policy: strict-origin-when-cross-origin
                              content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              cache-control: max-age=7884000, public
                            • flag-nl
                              GET
                              https://prod.smassets.net/assets/responseweb/smlib.surveytemplates/4.3.71/assets/sm_logo_footer.svg
                              msedge.exe
                              Remote address:
                              13.227.219.61:443
                              Request
                              GET /assets/responseweb/smlib.surveytemplates/4.3.71/assets/sm_logo_footer.svg HTTP/2.0
                              host: prod.smassets.net
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              dnt: 1
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              sec-fetch-site: cross-site
                              sec-fetch-mode: no-cors
                              sec-fetch-dest: image
                              referer: https://www.surveymonkey.com/
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 200
                              content-type: text/css; charset=UTF-8
                              date: Fri, 25 Aug 2023 07:32:32 GMT
                              server: nginx
                              sm-request-id: EqE3CeMmgqP_fCKhFr6hqpUwN9liYbtsjbRAtpJNo-y4pfC-R4Nyzg==
                              cache-control: max-age=3600
                              content-encoding: br
                              vary: Accept-Encoding,Accept-Encoding
                              x-cache: Miss from cloudfront
                              via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS54-C1
                              x-amz-cf-id: EqE3CeMmgqP_fCKhFr6hqpUwN9liYbtsjbRAtpJNo-y4pfC-R4Nyzg==
                            • flag-nl
                              GET
                              https://prod.smassets.net/assets/static/images/surveymonkey/favicon.ico
                              msedge.exe
                              Remote address:
                              13.227.219.61:443
                              Request
                              GET /assets/static/images/surveymonkey/favicon.ico HTTP/2.0
                              host: prod.smassets.net
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              dnt: 1
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              sec-fetch-site: cross-site
                              sec-fetch-mode: no-cors
                              sec-fetch-dest: image
                              referer: https://www.surveymonkey.com/
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 200
                              content-type: image/x-icon
                              content-length: 15086
                              x-amz-id-2: O4bl08bNnuLBCwl+5aZ3S6XUmX70KRIXL3PIYRyNWniyGqX/0TEPo+a0SfE52/yM+wX9evazGo8=
                              x-amz-request-id: S1S3H95PZ3PNA8QM
                              x-amz-replication-status: COMPLETED
                              last-modified: Thu, 25 Nov 2021 02:04:03 GMT
                              x-amz-server-side-encryption: AES256
                              x-amz-version-id: Q3FsCPn41jLhSlXW67nFM3KaDllFKg5d
                              accept-ranges: bytes
                              server: AmazonS3
                              access-control-allow-origin: *
                              date: Thu, 24 Aug 2023 14:20:22 GMT
                              etag: "a6067504c77a4b664f99053cc97b2d61"
                              vary: Accept-Encoding
                              x-cache: Hit from cloudfront
                              via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS54-C1
                              x-amz-cf-id: V43hDit4R6lPBxXWlo9WV8ysf5_5u-ZYnvHZ5WaHL4dm27oGYoEKIg==
                              age: 61933
                              x-xss-protection: 1; mode=block
                              referrer-policy: strict-origin-when-cross-origin
                              content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              cache-control: max-age=441504000, public
                            • flag-us
                              DNS
                              cdn.signalfx.com
                              msedge.exe
                              Remote address:
                              8.8.8.8:53
                              Request
                              cdn.signalfx.com
                              IN A
                              Response
                              cdn.signalfx.com
                              IN A
                              13.227.219.120
                              cdn.signalfx.com
                              IN A
                              13.227.219.68
                              cdn.signalfx.com
                              IN A
                              13.227.219.87
                              cdn.signalfx.com
                              IN A
                              13.227.219.63
                            • flag-us
                              DNS
                              cdn.smassets.net
                              msedge.exe
                              Remote address:
                              8.8.8.8:53
                              Request
                              cdn.smassets.net
                              IN A
                              Response
                              cdn.smassets.net
                              IN CNAME
                              g-sm-prod-cloudeng-cdn.svmkinfra.com
                              g-sm-prod-cloudeng-cdn.svmkinfra.com
                              IN CNAME
                              d15akbylw3vqc5.cloudfront.net
                              d15akbylw3vqc5.cloudfront.net
                              IN A
                              13.227.219.57
                              d15akbylw3vqc5.cloudfront.net
                              IN A
                              13.227.219.122
                              d15akbylw3vqc5.cloudfront.net
                              IN A
                              13.227.219.61
                              d15akbylw3vqc5.cloudfront.net
                              IN A
                              13.227.219.60
                            • flag-us
                              DNS
                              js-agent.newrelic.com
                              msedge.exe
                              Remote address:
                              8.8.8.8:53
                              Request
                              js-agent.newrelic.com
                              IN A
                              Response
                              js-agent.newrelic.com
                              IN CNAME
                              k.sni.global.fastly.net
                              k.sni.global.fastly.net
                              IN A
                              151.101.2.137
                              k.sni.global.fastly.net
                              IN A
                              151.101.66.137
                              k.sni.global.fastly.net
                              IN A
                              151.101.130.137
                              k.sni.global.fastly.net
                              IN A
                              151.101.194.137
                            • flag-nl
                              GET
                              https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js
                              msedge.exe
                              Remote address:
                              13.227.219.120:443
                              Request
                              GET /o11y-gdi-rum/latest/splunk-otel-web.js HTTP/2.0
                              host: cdn.signalfx.com
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              origin: https://www.surveymonkey.com
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              dnt: 1
                              accept: */*
                              sec-fetch-site: cross-site
                              sec-fetch-mode: cors
                              sec-fetch-dest: script
                              referer: https://www.surveymonkey.com/
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 200
                              content-type: application/javascript
                              access-control-allow-origin: *
                              access-control-allow-methods: GET
                              access-control-max-age: 3000
                              last-modified: Wed, 02 Aug 2023 15:38:01 GMT
                              x-amz-server-side-encryption: AES256
                              server: AmazonS3
                              content-encoding: br
                              date: Fri, 25 Aug 2023 07:08:18 GMT
                              cache-control: max-age=3600
                              etag: W/"71b6a257f70f17f76e8905332025a5a2"
                              vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
                              x-cache: Hit from cloudfront
                              via: 1.1 1b0117d337408839a32bf2a49b55b3f0.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS54-C1
                              x-amz-cf-id: Rii6iCVZX2tKswhbZsaPljGIGF078-1q2o8UAdjxGgLkIJOKjTd-Vg==
                              age: 1455
                            • flag-us
                              DNS
                              8.36.251.142.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              8.36.251.142.in-addr.arpa
                              IN PTR
                              Response
                              8.36.251.142.in-addr.arpa
                              IN PTR
                              ams15s44-in-f81e100net
                            • flag-us
                              DNS
                              206.23.217.172.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              206.23.217.172.in-addr.arpa
                              IN PTR
                              Response
                              206.23.217.172.in-addr.arpa
                              IN PTR
                              prg03s05-in-f141e100net
                              206.23.217.172.in-addr.arpa
                              IN PTR
                              prg03s05-in-f206�I
                              206.23.217.172.in-addr.arpa
                              IN PTR
                              ams16s37-in-f14�I
                            • flag-us
                              DNS
                              61.219.227.13.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              61.219.227.13.in-addr.arpa
                              IN PTR
                              Response
                              61.219.227.13.in-addr.arpa
                              IN PTR
                              server-13-227-219-61ams54r cloudfrontnet
                            • flag-us
                              DNS
                              106.208.58.216.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              106.208.58.216.in-addr.arpa
                              IN PTR
                              Response
                              106.208.58.216.in-addr.arpa
                              IN PTR
                              sof01s11-in-f1061e100net
                              106.208.58.216.in-addr.arpa
                              IN PTR
                              ams17s08-in-f10�J
                            • flag-us
                              DNS
                              120.219.227.13.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              120.219.227.13.in-addr.arpa
                              IN PTR
                              Response
                              120.219.227.13.in-addr.arpa
                              IN PTR
                              server-13-227-219-120ams54r cloudfrontnet
                            • flag-us
                              DNS
                              137.2.101.151.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              137.2.101.151.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              2.241.247.162.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              2.241.247.162.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              226.21.18.104.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              226.21.18.104.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              146.78.124.51.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              146.78.124.51.in-addr.arpa
                              IN PTR
                              Response
                            • flag-nl
                              GET
                              https://prod.smassets.net/assets/responseweb/smlib.ui/5.3.0/assets/fonts/National2Web-Regular.woff2
                              msedge.exe
                              Remote address:
                              13.227.219.57:443
                              Request
                              GET /assets/responseweb/smlib.ui/5.3.0/assets/fonts/National2Web-Regular.woff2 HTTP/2.0
                              host: prod.smassets.net
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              origin: https://www.surveymonkey.com
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              dnt: 1
                              accept: */*
                              sec-fetch-site: cross-site
                              sec-fetch-mode: cors
                              sec-fetch-dest: font
                              referer: https://prod.smassets.net/assets/responseweb/responseweb-base-bundle-min.31f3af80.css
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 200
                              content-type: application/font-woff2
                              content-length: 34775
                              x-amz-id-2: q+D7OMVJSN4A44bpIQe2sYB3SzSE+8TDMMxCGPGMPKLBMgZwHiIHuuAHkHqU19Jdn1kYD+5yecI=
                              x-amz-request-id: GJWZX33218ARYQNA
                              x-amz-replication-status: COMPLETED
                              last-modified: Thu, 10 Aug 2023 22:17:27 GMT
                              x-amz-server-side-encryption: AES256
                              x-amz-version-id: 5Cw7ZA4UwyVZwqRWNzjLUMwipWpkAInX
                              accept-ranges: bytes
                              server: AmazonS3
                              access-control-allow-origin: *
                              date: Fri, 25 Aug 2023 06:38:17 GMT
                              etag: "13244bd99451605c61b32c9617162c1f"
                              vary: Accept-Encoding
                              x-cache: Hit from cloudfront
                              via: 1.1 1b0117d337408839a32bf2a49b55b3f0.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS54-C1
                              x-amz-cf-id: JnB3V4auz1XYvhAPH5dSA1ERBVjpy6BDL4Kkt-ar8xGfYBUNjHdAQA==
                              age: 3278
                              x-xss-protection: 1; mode=block
                              referrer-policy: strict-origin-when-cross-origin
                              content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              cache-control: max-age=7884000, public
                            • flag-nl
                              GET
                              https://prod.smassets.net/assets/responseweb/smlib.ui/5.3.0/assets/fonts/National2Web-Medium.woff2
                              msedge.exe
                              Remote address:
                              13.227.219.57:443
                              Request
                              GET /assets/responseweb/smlib.ui/5.3.0/assets/fonts/National2Web-Medium.woff2 HTTP/2.0
                              host: prod.smassets.net
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              origin: https://www.surveymonkey.com
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              dnt: 1
                              accept: */*
                              sec-fetch-site: cross-site
                              sec-fetch-mode: cors
                              sec-fetch-dest: font
                              referer: https://prod.smassets.net/assets/responseweb/responseweb-base-bundle-min.31f3af80.css
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 200
                              content-type: application/font-woff2
                              content-length: 37339
                              x-amz-id-2: 6joHITvIv587YxABiRUs90fzVv5W2qZKtTo6mp9tLDOvIltRRv6E2/QryA+4JDLb4H8+ofTHr7o=
                              x-amz-request-id: BQYV2B9WY2FCSPZ5
                              x-amz-replication-status: COMPLETED
                              last-modified: Thu, 10 Aug 2023 22:17:27 GMT
                              x-amz-server-side-encryption: AES256
                              x-amz-version-id: lmchGARnW9t5umseCHS7Gjr8miQlweWG
                              accept-ranges: bytes
                              server: AmazonS3
                              access-control-allow-origin: *
                              date: Thu, 24 Aug 2023 14:20:20 GMT
                              etag: "1ebab08781dd6eebbe312e6f97f6e26a"
                              vary: Accept-Encoding
                              x-cache: Hit from cloudfront
                              via: 1.1 1b0117d337408839a32bf2a49b55b3f0.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS54-C1
                              x-amz-cf-id: w6rJm0pDjDjUP0K_n_JO_EXWtkG0wiGyp_IjJ__uU9ccssrD4j2RiQ==
                              age: 61934
                              x-xss-protection: 1; mode=block
                              referrer-policy: strict-origin-when-cross-origin
                              content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline' https://www.google.com https://www.gstatic.com https://www.recaptcha.net https://api.amplitude.com wss://*.hotjar.com wss://*.qualified.com 'self'; upgrade-insecure-requests; frame-ancestors 'self' https://*.zendesk.com https://*.myshopify.com https://teams.microsoft.com https://*.eloqua.com https://*.surveymonkey.com https://*.sharepoint.com https://*.worldpay.com https://*.cardinalcommerce.com https://*.office.com https://*.office365.com https://*.microsoft365.com;
                              x-content-type-options: nosniff
                              strict-transport-security: max-age=31536000; includeSubDomains
                              cache-control: max-age=7884000, public
                            • flag-us
                              DNS
                              pixel-library.pmg.com
                              msedge.exe
                              Remote address:
                              8.8.8.8:53
                              Request
                              pixel-library.pmg.com
                              IN A
                              Response
                              pixel-library.pmg.com
                              IN A
                              65.9.86.78
                              pixel-library.pmg.com
                              IN A
                              65.9.86.99
                              pixel-library.pmg.com
                              IN A
                              65.9.86.7
                              pixel-library.pmg.com
                              IN A
                              65.9.86.80
                            • flag-us
                              DNS
                              57.219.227.13.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              57.219.227.13.in-addr.arpa
                              IN PTR
                              Response
                              57.219.227.13.in-addr.arpa
                              IN PTR
                              server-13-227-219-57ams54r cloudfrontnet
                            • flag-nl
                              GET
                              https://pixel-library.pmg.com/alli-lib
                              msedge.exe
                              Remote address:
                              65.9.86.78:443
                              Request
                              GET /alli-lib HTTP/2.0
                              host: pixel-library.pmg.com
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              dnt: 1
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              accept: */*
                              sec-fetch-site: cross-site
                              sec-fetch-mode: no-cors
                              sec-fetch-dest: script
                              referer: https://www.surveymonkey.com/
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 200
                              content-type: application/javascript
                              last-modified: Mon, 05 Jun 2023 14:59:02 GMT
                              server: AmazonS3
                              content-encoding: gzip
                              date: Fri, 25 Aug 2023 06:37:59 GMT
                              etag: W/"8217f9f46e2fa907914d88f768fb26f5"
                              vary: Accept-Encoding
                              x-cache: Hit from cloudfront
                              via: 1.1 0186e9c41d0aebb13c1398b95b7f4756.cloudfront.net (CloudFront)
                              x-amz-cf-pop: AMS1-C1
                              x-amz-cf-id: F7JbgAkMoBULfyxb_o5HdsSpFhlUztQtAD4kvnpqvPmEi7YCDABYqg==
                              age: 3277
                            • flag-us
                              DNS
                              alli-gateway.surveymonkey.com
                              msedge.exe
                              Remote address:
                              8.8.8.8:53
                              Request
                              alli-gateway.surveymonkey.com
                              IN A
                              Response
                              alli-gateway.surveymonkey.com
                              IN CNAME
                              d-jgxklccpm2.execute-api.us-east-1.amazonaws.com
                              d-jgxklccpm2.execute-api.us-east-1.amazonaws.com
                              IN A
                              3.213.60.248
                              d-jgxklccpm2.execute-api.us-east-1.amazonaws.com
                              IN A
                              23.21.95.223
                            • flag-us
                              GET
                              https://alli-gateway.surveymonkey.com/pixel?pid=&event=init
                              msedge.exe
                              Remote address:
                              3.213.60.248:443
                              Request
                              GET /pixel?pid=&event=init HTTP/2.0
                              host: alli-gateway.surveymonkey.com
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              dnt: 1
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                              sec-fetch-site: same-site
                              sec-fetch-mode: no-cors
                              sec-fetch-dest: image
                              referer: https://www.surveymonkey.com/
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              cookie: ep201="xUj00xTRLcdQMqeC//dndOQNCu8="
                              cookie: ep203="eo4PeZBHDVe8HhUr5I6qFyW3j5g="
                              Response
                              HTTP/2.0 200
                              date: Fri, 25 Aug 2023 07:32:34 GMT
                              content-type: image/gif
                              content-length: 43
                              apigw-requestid: KNLa8juKoAMESqg=
                            • flag-us
                              DNS
                              78.86.9.65.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              78.86.9.65.in-addr.arpa
                              IN PTR
                              Response
                              78.86.9.65.in-addr.arpa
                              IN PTR
                              server-65-9-86-78ams1r cloudfrontnet
                            • flag-us
                              DNS
                              248.60.213.3.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              248.60.213.3.in-addr.arpa
                              IN PTR
                              Response
                              248.60.213.3.in-addr.arpa
                              IN PTR
                              ec2-3-213-60-248 compute-1 amazonawscom
                            • flag-us
                              DNS
                              rum-ingest.us1.signalfx.com
                              msedge.exe
                              Remote address:
                              8.8.8.8:53
                              Request
                              rum-ingest.us1.signalfx.com
                              IN A
                              Response
                              rum-ingest.us1.signalfx.com
                              IN A
                              35.80.235.91
                              rum-ingest.us1.signalfx.com
                              IN A
                              35.80.211.65
                              rum-ingest.us1.signalfx.com
                              IN A
                              35.163.74.134
                              rum-ingest.us1.signalfx.com
                              IN A
                              35.155.106.192
                            • flag-us
                              POST
                              https://rum-ingest.us1.signalfx.com/v1/rum?auth=zc0197kWHeYhZNXuPUlB5w
                              msedge.exe
                              Remote address:
                              35.80.235.91:443
                              Request
                              POST /v1/rum?auth=zc0197kWHeYhZNXuPUlB5w HTTP/2.0
                              host: rum-ingest.us1.signalfx.com
                              content-length: 29833
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              accept: */*
                              dnt: 1
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              content-type: text/plain;charset=UTF-8
                              origin: https://www.surveymonkey.com
                              sec-fetch-site: cross-site
                              sec-fetch-mode: cors
                              sec-fetch-dest: empty
                              referer: https://www.surveymonkey.com/
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 403
                              date: Fri, 25 Aug 2023 07:32:38 GMT
                              content-length: 0
                              x-envoy-upstream-service-time: 1
                              server: istio-envoy
                            • flag-us
                              POST
                              https://rum-ingest.us1.signalfx.com/v1/rum?auth=zc0197kWHeYhZNXuPUlB5w
                              msedge.exe
                              Remote address:
                              35.80.235.91:443
                              Request
                              POST /v1/rum?auth=zc0197kWHeYhZNXuPUlB5w HTTP/2.0
                              host: rum-ingest.us1.signalfx.com
                              content-length: 583
                              sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                              accept: */*
                              dnt: 1
                              sec-ch-ua-mobile: ?0
                              user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                              content-type: text/plain;charset=UTF-8
                              origin: https://www.surveymonkey.com
                              sec-fetch-site: cross-site
                              sec-fetch-mode: cors
                              sec-fetch-dest: empty
                              referer: https://www.surveymonkey.com/
                              accept-encoding: gzip, deflate, br
                              accept-language: en-US,en;q=0.9
                              Response
                              HTTP/2.0 403
                              date: Fri, 25 Aug 2023 07:33:02 GMT
                              content-length: 0
                              x-envoy-upstream-service-time: 1
                              server: istio-envoy
                            • flag-us
                              DNS
                              91.235.80.35.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              91.235.80.35.in-addr.arpa
                              IN PTR
                              Response
                              91.235.80.35.in-addr.arpa
                              IN PTR
                              ec2-35-80-235-91 us-west-2compute amazonawscom
                            • flag-us
                              DNS
                              50.23.12.20.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              50.23.12.20.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              198.187.3.20.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              198.187.3.20.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              240.221.184.93.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              240.221.184.93.in-addr.arpa
                              IN PTR
                              Response
                            • flag-us
                              DNS
                              200.201.50.20.in-addr.arpa
                              Remote address:
                              8.8.8.8:53
                              Request
                              200.201.50.20.in-addr.arpa
                              IN PTR
                              Response
                            • 203.14.199.84:443
                              https://onetomany.cumulo9.com/ch/41024/1nth2/2887901/BoChYkAz434lfOCcTEySGRvdxYQy41thfBFjtLpw.html
                              tls, http2
                              msedge.exe
                              1.8kB
                               4.8kB
                               13
                              15

                              HTTP Request

                              GET https://onetomany.cumulo9.com/ch/41024/1nth2/2887901/BoChYkAz434lfOCcTEySGRvdxYQy41thfBFjtLpw.html

                              HTTP Response

                              302
                            • 52.222.139.6:443
                              https://www.surveymonkey.com/favicon.ico
                              tls, http2
                              msedge.exe
                              2.5kB
                               22.1kB
                               22
                              31

                              HTTP Request

                              GET https://www.surveymonkey.com/r/JF8RH5H

                              HTTP Response

                              200

                              HTTP Request

                              GET https://www.surveymonkey.com/favicon.ico

                              HTTP Response

                              302
                            • 13.227.219.61:443
                              https://prod.smassets.net/assets/static/images/surveymonkey/favicon.ico
                              tls, http2
                              msedge.exe
                              32.7kB
                               1.5MB
                               611
                              1088

                              HTTP Request

                              GET https://secure.surveymonkey.com/r/themes/4.3.71_20704738_palette-1_9436CAF1-29BA-4121-A321-4E1E003FCDFA.css

                              HTTP Request

                              GET https://prod.smassets.net/assets/responseweb/responseweb-responsewebPkgs-bundle-min.614c8463.css

                              HTTP Request

                              GET https://prod.smassets.net/assets/responseweb/smlib.surveytemplates-survey_page-bundle-min.0d4da849.css

                              HTTP Request

                              GET https://prod.smassets.net/assets/responseweb/responseweb-base-bundle-min.31f3af80.css

                              HTTP Request

                              GET https://prod.smassets.net/assets/responseweb/responseweb-version-bundle-min.72993a8f.css

                              HTTP Request

                              GET https://prod.smassets.net/assets/responseweb/smlib.surveytemplates-sm-react-bundle-min.26c50983.js

                              HTTP Request

                              GET https://prod.smassets.net/assets/responseweb/responseweb-response-bundle-min.4f8a78f5.js

                              HTTP Request

                              GET https://prod.smassets.net/assets/responseweb/responseweb-jquery-bundle-min.91443e27.js

                              HTTP Request

                              GET https://prod.smassets.net/assets/responseweb/responseweb-ui_bundle-bundle-min.a165823c.js

                              HTTP Request

                              GET https://prod.smassets.net/assets/responseweb/responseweb-responsewebPkgs_hybrid-bundle-min.79a2bed1.js

                              HTTP Request

                              GET https://prod.smassets.net/assets/responseweb/smlib.surveytemplates-sm-polyfill-bundle-min.c105a2db.js

                              HTTP Request

                              GET https://cdn.smassets.net/assets/wds/4_20_2/wds-react/wds-react.min.css

                              HTTP Response

                              200

                              HTTP Response

                              200

                              HTTP Response

                              200

                              HTTP Response

                              200

                              HTTP Response

                              200

                              HTTP Response

                              200

                              HTTP Response

                              200

                              HTTP Response

                              200

                              HTTP Response

                              200

                              HTTP Response

                              200

                              HTTP Response

                              200

                              HTTP Request

                              GET https://prod.smassets.net/assets/responseweb/smlib.surveytemplates/4.3.71/assets/sm_logo_footer.svg

                              HTTP Response

                              200

                              HTTP Response

                              200

                              HTTP Request

                              GET https://prod.smassets.net/assets/static/images/surveymonkey/favicon.ico

                              HTTP Response

                              200
                            • 13.227.219.120:443
                              https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js
                              tls, http2
                              msedge.exe
                              3.1kB
                               49.2kB
                               44
                              48

                              HTTP Request

                              GET https://cdn.signalfx.com/o11y-gdi-rum/latest/splunk-otel-web.js

                              HTTP Response

                              200
                            • 13.227.219.120:443
                              cdn.signalfx.com
                              tls, http2
                              msedge.exe
                              1.1kB
                               8.6kB
                               11
                              14
                            • 151.101.2.137:443
                              js-agent.newrelic.com
                              tls
                              msedge.exe
                              989 B
                               5.5kB
                               9
                              10
                            • 162.247.241.2:443
                              bam-cell.nr-data.net
                              tls
                              msedge.exe
                              2.0kB
                               4.9kB
                               31
                              33
                            • 13.227.219.57:443
                              https://prod.smassets.net/assets/responseweb/smlib.ui/5.3.0/assets/fonts/National2Web-Medium.woff2
                              tls, http2
                              msedge.exe
                              3.3kB
                               84.6kB
                               45
                              78

                              HTTP Request

                              GET https://prod.smassets.net/assets/responseweb/smlib.ui/5.3.0/assets/fonts/National2Web-Regular.woff2

                              HTTP Response

                              200

                              HTTP Request

                              GET https://prod.smassets.net/assets/responseweb/smlib.ui/5.3.0/assets/fonts/National2Web-Medium.woff2

                              HTTP Response

                              200
                            • 65.9.86.78:443
                              https://pixel-library.pmg.com/alli-lib
                              tls, http2
                              msedge.exe
                              1.9kB
                               14.3kB
                               19
                              21

                              HTTP Request

                              GET https://pixel-library.pmg.com/alli-lib

                              HTTP Response

                              200
                            • 3.213.60.248:443
                              https://alli-gateway.surveymonkey.com/pixel?pid=&event=init
                              tls, http2
                              msedge.exe
                              1.9kB
                               6.6kB
                               14
                              16

                              HTTP Request

                              GET https://alli-gateway.surveymonkey.com/pixel?pid=&event=init

                              HTTP Response

                              200
                            • 35.80.235.91:443
                              https://rum-ingest.us1.signalfx.com/v1/rum?auth=zc0197kWHeYhZNXuPUlB5w
                              tls, http2
                              msedge.exe
                              35.0kB
                               10.0kB
                               58
                              69

                              HTTP Request

                              POST https://rum-ingest.us1.signalfx.com/v1/rum?auth=zc0197kWHeYhZNXuPUlB5w

                              HTTP Response

                              403

                              HTTP Request

                              POST https://rum-ingest.us1.signalfx.com/v1/rum?auth=zc0197kWHeYhZNXuPUlB5w

                              HTTP Response

                              403
                            • 8.8.8.8:53
                              2.136.104.51.in-addr.arpa
                              dns
                              71 B
                               157 B
                               1
                              1

                              DNS Request

                              2.136.104.51.in-addr.arpa

                            • 8.8.8.8:53
                              254.135.241.8.in-addr.arpa
                              dns
                              72 B
                               126 B
                               1
                              1

                              DNS Request

                              254.135.241.8.in-addr.arpa

                            • 8.8.8.8:53
                              onetomany.cumulo9.com
                              dns
                              msedge.exe
                              67 B
                               115 B
                               1
                              1

                              DNS Request

                              onetomany.cumulo9.com

                              DNS Response

                              203.14.199.84

                            • 8.8.8.8:53
                              www.surveymonkey.com
                              dns
                              msedge.exe
                              66 B
                               226 B
                               1
                              1

                              DNS Request

                              www.surveymonkey.com

                              DNS Response

                              52.222.139.6
                              52.222.139.14
                              52.222.139.38
                              52.222.139.18

                            • 8.8.8.8:53
                              84.199.14.203.in-addr.arpa
                              dns
                              72 B
                               72 B
                               1
                              1

                              DNS Request

                              84.199.14.203.in-addr.arpa

                            • 8.8.8.8:53
                              72.32.126.40.in-addr.arpa
                              dns
                              71 B
                               157 B
                               1
                              1

                              DNS Request

                              72.32.126.40.in-addr.arpa

                            • 8.8.8.8:53
                              95.221.229.192.in-addr.arpa
                              dns
                              73 B
                               144 B
                               1
                              1

                              DNS Request

                              95.221.229.192.in-addr.arpa

                            • 8.8.8.8:53
                              6.139.222.52.in-addr.arpa
                              dns
                              71 B
                               127 B
                               1
                              1

                              DNS Request

                              6.139.222.52.in-addr.arpa

                            • 8.8.8.8:53
                              17.211.227.13.in-addr.arpa
                              dns
                              72 B
                               129 B
                               1
                              1

                              DNS Request

                              17.211.227.13.in-addr.arpa

                            • 8.8.8.8:53
                              secure.surveymonkey.com
                              dns
                              msedge.exe
                              69 B
                               223 B
                               1
                              1

                              DNS Request

                              secure.surveymonkey.com

                              DNS Response

                              13.227.219.61
                              13.227.219.60
                              13.227.219.57
                              13.227.219.122

                            • 8.8.8.8:53
                              bam-cell.nr-data.net
                              dns
                              msedge.exe
                              66 B
                               158 B
                               1
                              1

                              DNS Request

                              bam-cell.nr-data.net

                              DNS Response

                              162.247.241.2

                            • 8.8.8.8:53
                              prod.smassets.net
                              dns
                              msedge.exe
                              63 B
                               217 B
                               1
                              1

                              DNS Request

                              prod.smassets.net

                              DNS Response

                              13.227.219.57
                              13.227.219.61
                              13.227.219.60
                              13.227.219.122

                            • 8.8.8.8:53
                              cdn.signalfx.com
                              dns
                              msedge.exe
                              62 B
                               126 B
                               1
                              1

                              DNS Request

                              cdn.signalfx.com

                              DNS Response

                              13.227.219.120
                              13.227.219.68
                              13.227.219.87
                              13.227.219.63

                            • 8.8.8.8:53
                              cdn.smassets.net
                              dns
                              msedge.exe
                              62 B
                               216 B
                               1
                              1

                              DNS Request

                              cdn.smassets.net

                              DNS Response

                              13.227.219.57
                              13.227.219.122
                              13.227.219.61
                              13.227.219.60

                            • 8.8.8.8:53
                              js-agent.newrelic.com
                              dns
                              msedge.exe
                              67 B
                               168 B
                               1
                              1

                              DNS Request

                              js-agent.newrelic.com

                              DNS Response

                              151.101.2.137
                              151.101.66.137
                              151.101.130.137
                              151.101.194.137

                            • 8.8.8.8:53
                              8.36.251.142.in-addr.arpa
                              dns
                              71 B
                               109 B
                               1
                              1

                              DNS Request

                              8.36.251.142.in-addr.arpa

                            • 8.8.8.8:53
                              206.23.217.172.in-addr.arpa
                              dns
                              73 B
                               173 B
                               1
                              1

                              DNS Request

                              206.23.217.172.in-addr.arpa

                            • 8.8.8.8:53
                              61.219.227.13.in-addr.arpa
                              dns
                              72 B
                               129 B
                               1
                              1

                              DNS Request

                              61.219.227.13.in-addr.arpa

                            • 8.8.8.8:53
                              106.208.58.216.in-addr.arpa
                              dns
                              73 B
                               143 B
                               1
                              1

                              DNS Request

                              106.208.58.216.in-addr.arpa

                            • 8.8.8.8:53
                              120.219.227.13.in-addr.arpa
                              dns
                              73 B
                               131 B
                               1
                              1

                              DNS Request

                              120.219.227.13.in-addr.arpa

                            • 8.8.8.8:53
                              137.2.101.151.in-addr.arpa
                              dns
                              72 B
                               132 B
                               1
                              1

                              DNS Request

                              137.2.101.151.in-addr.arpa

                            • 8.8.8.8:53
                              2.241.247.162.in-addr.arpa
                              dns
                              72 B
                               137 B
                               1
                              1

                              DNS Request

                              2.241.247.162.in-addr.arpa

                            • 8.8.8.8:53
                              226.21.18.104.in-addr.arpa
                              dns
                              72 B
                               134 B
                               1
                              1

                              DNS Request

                              226.21.18.104.in-addr.arpa

                            • 8.8.8.8:53
                              146.78.124.51.in-addr.arpa
                              dns
                              72 B
                               158 B
                               1
                              1

                              DNS Request

                              146.78.124.51.in-addr.arpa

                            • 8.8.8.8:53
                              pixel-library.pmg.com
                              dns
                              msedge.exe
                              67 B
                               131 B
                               1
                              1

                              DNS Request

                              pixel-library.pmg.com

                              DNS Response

                              65.9.86.78
                              65.9.86.99
                              65.9.86.7
                              65.9.86.80

                            • 8.8.8.8:53
                              57.219.227.13.in-addr.arpa
                              dns
                              72 B
                               129 B
                               1
                              1

                              DNS Request

                              57.219.227.13.in-addr.arpa

                            • 8.8.8.8:53
                              alli-gateway.surveymonkey.com
                              dns
                              msedge.exe
                              75 B
                               166 B
                               1
                              1

                              DNS Request

                              alli-gateway.surveymonkey.com

                              DNS Response

                              3.213.60.248
                              23.21.95.223

                            • 224.0.0.251:5353
                              msedge.exe
                              516 B
                               8
                            • 8.8.8.8:53
                              78.86.9.65.in-addr.arpa
                              dns
                              69 B
                               122 B
                               1
                              1

                              DNS Request

                              78.86.9.65.in-addr.arpa

                            • 8.8.8.8:53
                              248.60.213.3.in-addr.arpa
                              dns
                              71 B
                               125 B
                               1
                              1

                              DNS Request

                              248.60.213.3.in-addr.arpa

                            • 8.8.8.8:53
                              rum-ingest.us1.signalfx.com
                              dns
                              msedge.exe
                              73 B
                               137 B
                               1
                              1

                              DNS Request

                              rum-ingest.us1.signalfx.com

                              DNS Response

                              35.80.235.91
                              35.80.211.65
                              35.163.74.134
                              35.155.106.192

                            • 8.8.8.8:53
                              91.235.80.35.in-addr.arpa
                              dns
                              71 B
                               133 B
                               1
                              1

                              DNS Request

                              91.235.80.35.in-addr.arpa

                            • 8.8.8.8:53
                              50.23.12.20.in-addr.arpa
                              dns
                              70 B
                               156 B
                               1
                              1

                              DNS Request

                              50.23.12.20.in-addr.arpa

                            • 8.8.8.8:53
                              198.187.3.20.in-addr.arpa
                              dns
                              71 B
                               157 B
                               1
                              1

                              DNS Request

                              198.187.3.20.in-addr.arpa

                            • 8.8.8.8:53
                              240.221.184.93.in-addr.arpa
                              dns
                              73 B
                               144 B
                               1
                              1

                              DNS Request

                              240.221.184.93.in-addr.arpa

                            • 8.8.8.8:53
                              200.201.50.20.in-addr.arpa
                              dns
                              72 B
                               158 B
                               1
                              1

                              DNS Request

                              200.201.50.20.in-addr.arpa

                            MITRE ATT&CK Matrix

                            Replay Monitor

                            Loading Replay Monitor...

                            Downloads

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                              Filesize

                              152B

                              MD5

                              b950ebe404eda736e529f1b0a975e8db

                              SHA1

                              4d2c020f1aa70e2bcb666a2dd144d1f3588430b8

                              SHA256

                              bcc60276d7110e8d002f24d66ebb043c5761e2a4b6ae7854983cef4beacd9bf4

                              SHA512

                              6ba228e5b6464c9602db81de8e1189302d0b2aed78a8b06248ccd9f095ede8621fc9d0faed0a7d079b8c7f4d1164b2895c4d0ef99c93cb95bbe210033e40295a

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                              Filesize

                              264B

                              MD5

                              a5a5fa01e386cdcea5559dc3d87e10d3

                              SHA1

                              5a64f240d6b2ff8fb9a3833367c0b28c421c4409

                              SHA256

                              0cdbab2c7ab28ca92ab6b89a4b5ca25ab168401b1b9f38c78560605ce88bb274

                              SHA512

                              dae02f192dac347e40d8ca86fc1a6e9018674c15427c73ed648d64761277f2f47093b6fb8e92bd81f9d95c1fe9bb1b1f34ade878d9e5683b55f6f847053b38e8

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                              Filesize

                              1KB

                              MD5

                              f6b7cc04a7ee1a72427e7ecaef8db2d4

                              SHA1

                              196eb89111d840fc18df4ef7e2e61e847e149987

                              SHA256

                              bc97f393447048b1e206e7650f598dbd40eb4ba28dfe51c7e7252ce2c7c3c9e0

                              SHA512

                              e351560c250b68d1445f4512a94c77b228adcab4ee12770cb8351931a14b077949b0ce7da748f1810d5276339d9c553f2fdd379d801a5f7e50cf69b9d8dfd694

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                              Filesize

                              111B

                              MD5

                              285252a2f6327d41eab203dc2f402c67

                              SHA1

                              acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                              SHA256

                              5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                              SHA512

                              11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                              Filesize

                              5KB

                              MD5

                              743a5783de840cb83ce5ceb9f81db6b9

                              SHA1

                              84d1ac124e9c128a2abb013c59e4259fe3ee8e87

                              SHA256

                              8fe54fca7b5b9347dc6f8a18d0060f62f8e806c9a61348249757a43f670ba188

                              SHA512

                              70b70f59ca72e435c0081c8a86f07d8c0b398dddf7b46cdf031392b0986e9475fdff63640436c02031d5f9d6880cb843a377249141be19f4f7d5e4bab5b3a11b

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                              Filesize

                              5KB

                              MD5

                              ea8abddd1fe55c101d4ed0c79cc27d16

                              SHA1

                              b15e83982e789f61bc399d03f8e31e42e8463d68

                              SHA256

                              c2dae90fac8a29538ad49d057b581912ac1612d52e0865f20ab847111c8debd6

                              SHA512

                              980efe065608316dee0a304d79dd69e7cc9e6298837587fa34aac7843f7a5bca5a29a2a90ed9db11beaff60f8ee97c1bf2594996ec04c685ed682f2f56cac455

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                              Filesize

                              5KB

                              MD5

                              1f5877a3156a3313fb1f79c502c62e77

                              SHA1

                              463b8f3fb58cf3dcd2f3cf12847afba76e7f7b1e

                              SHA256

                              1b00a3c6741235ab5dfaed12034e33dd0dcddd1c862c6647be5cdbe9135ddbc8

                              SHA512

                              81a4cd4bc5dc566804fb565b1b64d27e14fa8d5738a327716e2771f96e67c9d3519a6d4300c35d4d2c48547ce7e8a553fc04ccd5fddd3b00ef8f81366540a289

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                              Filesize

                              24KB

                              MD5

                              ca36933e6dea7aa507a272121b34fdbb

                              SHA1

                              3b4741ca0308b345de5ecf6c3565b1dbacb0fb86

                              SHA256

                              fd14449eb781c58e6e7196a384caf25cba0c59ebdba3b10f8ca0ecfd0c076b5d

                              SHA512

                              5a9b186ecf085765caee97a2910008dda926ce412001042e165184083a52fb5fb70f05ca781cd2f7740ecbd938895c77c5aa0f9eb8d812b92f412f336212720e

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                              Filesize

                              16B

                              MD5

                              6752a1d65b201c13b62ea44016eb221f

                              SHA1

                              58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                              SHA256

                              0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                              SHA512

                              9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                              Filesize

                              10KB

                              MD5

                              5b59ecf3bb52e14f46755adaaf84e3ed

                              SHA1

                              c270139f59797f73f6c326c1f76c195a41a323b8

                              SHA256

                              7bd2a00b66b3dddd148e1cac1e143197e72322ce7bf4e2c570de5797f13eb230

                              SHA512

                              e7824303152633f0a3932d468626d583fda7c92543e208d9a6d993b8ce0e801da284bacc232c1a3293b2e31f5534003e34881ed8d3ee2cd085eb9bbe38ea3fc5

                              Download Submit

                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                              Filesize

                              11KB

                              MD5

                              8b3790c2a9ee081ae7b1d9a011e63610

                              SHA1

                              6c570da659d4f19ab2c24f2614e1c182a10ce706

                              SHA256

                              913e61c3f6efe8bb5e31cd1313c14fea426acabdd4c97b8236b9a25d92bf5205

                              SHA512

                              ee39d41bf35dc763923135f86a200e724625321039c5459998dfbbeea65b3cdffc183e200345184abc7d3f7750507d633bb891fa27acfda005cba683f87f717f

                              Download Submit

                            We care about your privacy.

                            This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.