Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

sample.html

windows7-x64

1

sample.html

windows10-2004-x64

1

Analysis

  • max time kernel
    311s
  • max time network
    297s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/10/2023, 16:20 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sample.html

  • Size

    116KB

  • MD5

    e63a0dc291903a17d7f3eac35219ea30

  • SHA1

    548c77aea13b4affce6f1fdf8fa97345bed0aa4d

  • SHA256

    bfa15cf2c676dc29bce4b99c7a6450db39171a0bba099e2490812876db8df1cd

  • SHA512

    bdbb8085912a276d8753be13f7d6351b03fd2c0ffb38f7ae395f37abefa7487fcb0b24235ab044eb24534156596b92cf6910c936bbac3772c6be5a3501111359

  • SSDEEP

    3072:OPJxlKJi1gJirnJ/Ub9Jxl6JxlNJxl12is9bjANo/0RqB/eaG:mJx8Ji6JizJ/YJxMJxLJxX21jANosRqg

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3068
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xe0,0x108,0x7ffd208e9758,0x7ffd208e9768,0x7ffd208e9778
      2⤵
        PID:4492
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1712 --field-trial-handle=1872,i,14225018141947189713,13031030582686768254,131072 /prefetch:2
        2⤵
          PID:212
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1872,i,14225018141947189713,13031030582686768254,131072 /prefetch:8
          2⤵
            PID:372
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2224 --field-trial-handle=1872,i,14225018141947189713,13031030582686768254,131072 /prefetch:8
            2⤵
              PID:2072
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2996 --field-trial-handle=1872,i,14225018141947189713,13031030582686768254,131072 /prefetch:1
              2⤵
                PID:4764
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3004 --field-trial-handle=1872,i,14225018141947189713,13031030582686768254,131072 /prefetch:1
                2⤵
                  PID:2724
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5376 --field-trial-handle=1872,i,14225018141947189713,13031030582686768254,131072 /prefetch:8
                  2⤵
                    PID:3336
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5056 --field-trial-handle=1872,i,14225018141947189713,13031030582686768254,131072 /prefetch:8
                    2⤵
                      PID:3780
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4724 --field-trial-handle=1872,i,14225018141947189713,13031030582686768254,131072 /prefetch:2
                      2⤵
                      • Suspicious behavior: EnumeratesProcesses
                      PID:3892
                  • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                    "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                    1⤵
                      PID:4656

                    Network

                    • flag-us
                      DNS
                      76.32.126.40.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      76.32.126.40.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      8.3.197.209.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      8.3.197.209.in-addr.arpa
                      IN PTR
                      Response
                      8.3.197.209.in-addr.arpa
                      IN PTR
                      vip0x008map2sslhwcdnnet
                    • flag-us
                      DNS
                      95.221.229.192.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      95.221.229.192.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      241.154.82.20.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      241.154.82.20.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      8.8.8.8.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      8.8.8.8.in-addr.arpa
                      IN PTR
                      Response
                      8.8.8.8.in-addr.arpa
                      IN PTR
                      dnsgoogle
                    • flag-us
                      DNS
                      29.81.57.23.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      29.81.57.23.in-addr.arpa
                      IN PTR
                      Response
                      29.81.57.23.in-addr.arpa
                      IN PTR
                      a23-57-81-29deploystaticakamaitechnologiescom
                    • flag-us
                      DNS
                      fonts.softr-files.com
                      chrome.exe
                      Remote address:
                      8.8.8.8:53
                      Request
                      fonts.softr-files.com
                      IN A
                      Response
                      fonts.softr-files.com
                      IN A
                      3.72.135.223
                    • flag-us
                      DNS
                      assets.softr-files.com
                      chrome.exe
                      Remote address:
                      8.8.8.8:53
                      Request
                      assets.softr-files.com
                      IN A
                      Response
                      assets.softr-files.com
                      IN CNAME
                      dkauf0r2pwmce.cloudfront.net
                      dkauf0r2pwmce.cloudfront.net
                      IN A
                      18.65.39.5
                      dkauf0r2pwmce.cloudfront.net
                      IN A
                      18.65.39.40
                      dkauf0r2pwmce.cloudfront.net
                      IN A
                      18.65.39.65
                      dkauf0r2pwmce.cloudfront.net
                      IN A
                      18.65.39.106
                    • flag-de
                      GET
                      https://fonts.softr-files.com/google/api/css?family=Inter:100,200,300,500,600,600,700,800,900,400&display=swap
                      chrome.exe
                      Remote address:
                      3.72.135.223:443
                      Request
                      GET /google/api/css?family=Inter:100,200,300,500,600,600,700,800,900,400&display=swap HTTP/2.0
                      host: fonts.softr-files.com
                      sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                      sec-ch-ua-mobile: ?0
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      accept: text/css,*/*;q=0.1
                      sec-fetch-site: cross-site
                      sec-fetch-mode: no-cors
                      sec-fetch-dest: style
                      accept-encoding: gzip, deflate, br
                      accept-language: en-US,en;q=0.9
                      Response
                      HTTP/2.0 200
                      date: Fri, 13 Oct 2023 16:21:18 GMT
                      content-type: text/css; charset=utf-8
                      vary: Accept-Encoding
                      access-control-allow-origin: *
                      timing-allow-origin: *
                      link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
                      strict-transport-security: max-age=31536000
                      expires: Fri, 13 Oct 2023 16:21:18 GMT
                      cache-control: private, max-age=86400, stale-while-revalidate=604800
                      cross-origin-resource-policy: cross-origin
                      cross-origin-opener-policy: same-origin-allow-popups
                      x-xss-protection: 0
                      x-frame-options: SAMEORIGIN
                      x-content-type-options: nosniff
                      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                      vary: Accept-Encoding
                      server: my-server
                      content-encoding: gzip
                    • flag-us
                      GET
                      https://assets.softr-files.com/libs/bootstrap/4.3.1/css/bootstrap.min.css
                      chrome.exe
                      Remote address:
                      18.65.39.5:443
                      Request
                      GET /libs/bootstrap/4.3.1/css/bootstrap.min.css HTTP/2.0
                      host: assets.softr-files.com
                      sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                      sec-ch-ua-mobile: ?0
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      accept: text/css,*/*;q=0.1
                      sec-fetch-site: cross-site
                      sec-fetch-mode: no-cors
                      sec-fetch-dest: style
                      accept-encoding: gzip, deflate, br
                      accept-language: en-US,en;q=0.9
                      Response
                      HTTP/2.0 200
                      content-type: text/css
                      date: Thu, 12 Oct 2023 16:36:53 GMT
                      last-modified: Wed, 01 Feb 2023 21:48:49 GMT
                      etag: W/"84d8ad2b4fcdc0f0c58247e778133b3a"
                      x-amz-server-side-encryption: AES256
                      x-amz-version-id: null
                      server: AmazonS3
                      content-encoding: gzip
                      vary: Accept-Encoding
                      x-cache: Hit from cloudfront
                      via: 1.1 b26a5eb677aed7368a2c7fd7f1d673dc.cloudfront.net (CloudFront)
                      x-amz-cf-pop: AMS1-P1
                      x-amz-cf-id: hfbI-vw-ntth4p_p6aU-62w5-uTpwkWGEK7BrHM4frzua5zwIp5V9g==
                      age: 85466
                      vary: Origin
                    • flag-us
                      GET
                      https://assets.softr-files.com/libs/font-awesome/5.14.0/css/all.min.css
                      chrome.exe
                      Remote address:
                      18.65.39.5:443
                      Request
                      GET /libs/font-awesome/5.14.0/css/all.min.css HTTP/2.0
                      host: assets.softr-files.com
                      sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                      sec-ch-ua-mobile: ?0
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      accept: text/css,*/*;q=0.1
                      sec-fetch-site: cross-site
                      sec-fetch-mode: no-cors
                      sec-fetch-dest: style
                      accept-encoding: gzip, deflate, br
                      accept-language: en-US,en;q=0.9
                      Response
                      HTTP/2.0 200
                      content-type: application/javascript
                      last-modified: Fri, 27 Jan 2023 23:47:26 GMT
                      x-amz-server-side-encryption: AES256
                      x-amz-version-id: null
                      server: AmazonS3
                      content-encoding: gzip
                      date: Thu, 12 Oct 2023 17:52:31 GMT
                      etag: W/"56456db9d72a4b380ed3cb63095e6022"
                      vary: Accept-Encoding
                      x-cache: Hit from cloudfront
                      via: 1.1 b26a5eb677aed7368a2c7fd7f1d673dc.cloudfront.net (CloudFront)
                      x-amz-cf-pop: AMS1-P1
                      x-amz-cf-id: gL3GXKq8HAq11lOy1PD6M1ITMdveJDKhIc2F4x_xjIN6npR51zLmSQ==
                      age: 80928
                      vary: Origin
                    • flag-us
                      GET
                      https://assets.softr-files.com/libs/jquery/3.4.1/jquery.min.js
                      chrome.exe
                      Remote address:
                      18.65.39.5:443
                      Request
                      GET /libs/jquery/3.4.1/jquery.min.js HTTP/2.0
                      host: assets.softr-files.com
                      sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                      sec-ch-ua-mobile: ?0
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      accept: */*
                      sec-fetch-site: cross-site
                      sec-fetch-mode: no-cors
                      sec-fetch-dest: script
                      accept-encoding: gzip, deflate, br
                      accept-language: en-US,en;q=0.9
                      Response
                      HTTP/2.0 200
                      content-type: application/javascript
                      last-modified: Fri, 27 Jan 2023 23:48:24 GMT
                      x-amz-server-side-encryption: AES256
                      x-amz-version-id: null
                      server: AmazonS3
                      content-encoding: gzip
                      date: Thu, 12 Oct 2023 17:55:17 GMT
                      etag: W/"220afd743d9e9643852e31a135a9f3ae"
                      vary: Accept-Encoding
                      x-cache: Hit from cloudfront
                      via: 1.1 b26a5eb677aed7368a2c7fd7f1d673dc.cloudfront.net (CloudFront)
                      x-amz-cf-pop: AMS1-P1
                      x-amz-cf-id: kieWrI0ZLcaOr31lPKS0HaJcVWbV9I0eZ1sp2VYgoBj28F4MT68tQg==
                      age: 80762
                      vary: Origin
                    • flag-us
                      GET
                      https://assets.softr-files.com/libs/popper.js/1.14.7/umd/popper.min.js
                      chrome.exe
                      Remote address:
                      18.65.39.5:443
                      Request
                      GET /libs/popper.js/1.14.7/umd/popper.min.js HTTP/2.0
                      host: assets.softr-files.com
                      sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                      sec-ch-ua-mobile: ?0
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      accept: */*
                      sec-fetch-site: cross-site
                      sec-fetch-mode: no-cors
                      sec-fetch-dest: script
                      accept-encoding: gzip, deflate, br
                      accept-language: en-US,en;q=0.9
                      Response
                      HTTP/2.0 200
                      content-type: text/css
                      date: Thu, 12 Oct 2023 16:36:59 GMT
                      last-modified: Fri, 27 Jan 2023 23:02:50 GMT
                      etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
                      x-amz-server-side-encryption: AES256
                      x-amz-version-id: null
                      server: AmazonS3
                      content-encoding: gzip
                      vary: Accept-Encoding
                      x-cache: Hit from cloudfront
                      via: 1.1 b26a5eb677aed7368a2c7fd7f1d673dc.cloudfront.net (CloudFront)
                      x-amz-cf-pop: AMS1-P1
                      x-amz-cf-id: uheZOyDO3lMPByr2johDSq8BBSc7FYpYQTY5YBwu-j3yWhyITI5A0Q==
                      age: 85460
                      vary: Origin
                    • flag-us
                      GET
                      https://assets.softr-files.com/libs/bootstrap/4.3.1/js/bootstrap.min.js
                      chrome.exe
                      Remote address:
                      18.65.39.5:443
                      Request
                      GET /libs/bootstrap/4.3.1/js/bootstrap.min.js HTTP/2.0
                      host: assets.softr-files.com
                      sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                      sec-ch-ua-mobile: ?0
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      accept: */*
                      sec-fetch-site: cross-site
                      sec-fetch-mode: no-cors
                      sec-fetch-dest: script
                      accept-encoding: gzip, deflate, br
                      accept-language: en-US,en;q=0.9
                      Response
                      HTTP/2.0 200
                      content-type: application/javascript
                      last-modified: Fri, 27 Jan 2023 23:05:08 GMT
                      x-amz-server-side-encryption: AES256
                      x-amz-version-id: null
                      server: AmazonS3
                      content-encoding: gzip
                      date: Thu, 12 Oct 2023 19:37:46 GMT
                      etag: W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
                      vary: Accept-Encoding
                      x-cache: Hit from cloudfront
                      via: 1.1 b26a5eb677aed7368a2c7fd7f1d673dc.cloudfront.net (CloudFront)
                      x-amz-cf-pop: AMS1-P1
                      x-amz-cf-id: nlH8w5zXT1xbGoe83zq2X37x91gtnWsAnnNQleXyQNtdhgFQuS1kEg==
                      age: 74613
                      vary: Origin
                    • flag-us
                      GET
                      https://assets.softr-files.com/libs/micromodal/0.4.10/micromodal.min.js
                      chrome.exe
                      Remote address:
                      18.65.39.5:443
                      Request
                      GET /libs/micromodal/0.4.10/micromodal.min.js HTTP/2.0
                      host: assets.softr-files.com
                      sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                      sec-ch-ua-mobile: ?0
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      accept: */*
                      sec-fetch-site: cross-site
                      sec-fetch-mode: no-cors
                      sec-fetch-dest: script
                      accept-encoding: gzip, deflate, br
                      accept-language: en-US,en;q=0.9
                      Response
                      HTTP/2.0 200
                      content-type: application/javascript
                      last-modified: Fri, 27 Jan 2023 23:52:03 GMT
                      x-amz-server-side-encryption: AES256
                      x-amz-version-id: null
                      server: AmazonS3
                      content-encoding: gzip
                      date: Thu, 12 Oct 2023 17:18:37 GMT
                      etag: W/"dd694c727fc5e6f6372e142b66ddb576"
                      vary: Accept-Encoding
                      x-cache: Hit from cloudfront
                      via: 1.1 b26a5eb677aed7368a2c7fd7f1d673dc.cloudfront.net (CloudFront)
                      x-amz-cf-pop: AMS1-P1
                      x-amz-cf-id: L8mqEBGj0KfdBcaW58Vlw62Q6RfZcV-Dkg-17enetPjknqBPzUYijA==
                      age: 82962
                      vary: Origin
                    • flag-us
                      GET
                      https://assets.softr-files.com/libs/iframe-resizer/4.2.11/iframeResizer.contentWindow.min.js
                      chrome.exe
                      Remote address:
                      18.65.39.5:443
                      Request
                      GET /libs/iframe-resizer/4.2.11/iframeResizer.contentWindow.min.js HTTP/2.0
                      host: assets.softr-files.com
                      sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                      origin: null
                      sec-ch-ua-mobile: ?0
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      accept: */*
                      sec-fetch-site: cross-site
                      sec-fetch-mode: cors
                      sec-fetch-dest: script
                      accept-encoding: gzip, deflate, br
                      accept-language: en-US,en;q=0.9
                      Response
                      HTTP/2.0 200
                      content-type: application/javascript
                      access-control-allow-origin: *
                      access-control-allow-methods: GET, HEAD
                      access-control-max-age: 6000
                      last-modified: Fri, 27 Jan 2023 23:53:36 GMT
                      x-amz-server-side-encryption: AES256
                      x-amz-version-id: null
                      server: AmazonS3
                      content-encoding: gzip
                      date: Thu, 12 Oct 2023 17:18:37 GMT
                      etag: W/"52d6fb0d394ff9d946143dfb1104719b"
                      vary: Accept-Encoding
                      x-cache: Hit from cloudfront
                      via: 1.1 c337a55bb25a3540411fbbf6c8ad1b46.cloudfront.net (CloudFront)
                      x-amz-cf-pop: AMS1-P1
                      x-amz-cf-id: ZV2odi3gjg5vQ8LcbpUSCA5YQzTHM6BGA15Hl-baCFtpAbtwswATwg==
                      age: 82962
                    • flag-us
                      GET
                      https://assets.softr-files.com/softr-blocks/prod/libs/react/18.2.0/react18.min.js
                      chrome.exe
                      Remote address:
                      18.65.39.5:443
                      Request
                      GET /softr-blocks/prod/libs/react/18.2.0/react18.min.js HTTP/2.0
                      host: assets.softr-files.com
                      sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                      sec-ch-ua-mobile: ?0
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      accept: */*
                      origin: null
                      sec-fetch-site: cross-site
                      sec-fetch-mode: cors
                      sec-fetch-dest: empty
                      accept-encoding: gzip, deflate, br
                      accept-language: en-US,en;q=0.9
                      Response
                      HTTP/2.0 200
                      content-type: application/javascript
                      access-control-allow-origin: *
                      access-control-allow-methods: GET, HEAD
                      access-control-max-age: 6000
                      last-modified: Tue, 30 Aug 2022 19:20:00 GMT
                      x-amz-version-id: null
                      server: AmazonS3
                      content-encoding: gzip
                      date: Fri, 13 Oct 2023 15:34:02 GMT
                      etag: W/"8db4c5defe50c0ef09221c4efc5189f1"
                      vary: Accept-Encoding
                      x-cache: Hit from cloudfront
                      via: 1.1 c337a55bb25a3540411fbbf6c8ad1b46.cloudfront.net (CloudFront)
                      x-amz-cf-pop: AMS1-P1
                      x-amz-cf-id: kya70V3w_TG0ptVLKSUv27g5PEEBURUehY1PWaSAK_82KuYRUH8pAw==
                      age: 2837
                    • flag-us
                      GET
                      https://assets.softr-files.com/softr-blocks/prod/libs/react/18.2.0/react-dom18.min.js
                      chrome.exe
                      Remote address:
                      18.65.39.5:443
                      Request
                      GET /softr-blocks/prod/libs/react/18.2.0/react-dom18.min.js HTTP/2.0
                      host: assets.softr-files.com
                      sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                      sec-ch-ua-mobile: ?0
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      accept: */*
                      origin: null
                      sec-fetch-site: cross-site
                      sec-fetch-mode: cors
                      sec-fetch-dest: empty
                      accept-encoding: gzip, deflate, br
                      accept-language: en-US,en;q=0.9
                      Response
                      HTTP/2.0 200
                      content-type: application/javascript
                      access-control-allow-origin: *
                      access-control-allow-methods: GET, HEAD
                      access-control-max-age: 6000
                      last-modified: Tue, 30 Aug 2022 19:19:59 GMT
                      x-amz-version-id: null
                      server: AmazonS3
                      content-encoding: gzip
                      date: Fri, 13 Oct 2023 12:55:27 GMT
                      etag: W/"3ec5fe6799e257b7ddcf84950c045110"
                      vary: Accept-Encoding
                      x-cache: Hit from cloudfront
                      via: 1.1 c337a55bb25a3540411fbbf6c8ad1b46.cloudfront.net (CloudFront)
                      x-amz-cf-pop: AMS1-P1
                      x-amz-cf-id: AHq7l-JwIGFQ9Xjmu9VVPgg2Fmqn_WGUE1U_RfKtZ54WzShOWUDSOg==
                      age: 12352
                    • flag-us
                      GET
                      https://assets.softr-files.com/softr-blocks/prod/blocks/header2/3.1.0/main.js?t=1696924706113
                      chrome.exe
                      Remote address:
                      18.65.39.5:443
                      Request
                      GET /softr-blocks/prod/blocks/header2/3.1.0/main.js?t=1696924706113 HTTP/2.0
                      host: assets.softr-files.com
                      sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                      sec-ch-ua-mobile: ?0
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      accept: */*
                      origin: null
                      sec-fetch-site: cross-site
                      sec-fetch-mode: cors
                      sec-fetch-dest: empty
                      accept-encoding: gzip, deflate, br
                      accept-language: en-US,en;q=0.9
                      Response
                      HTTP/2.0 200
                      content-type: text/javascript
                      access-control-allow-origin: *
                      access-control-allow-methods: GET, HEAD
                      access-control-max-age: 6000
                      last-modified: Tue, 10 Oct 2023 07:59:10 GMT
                      x-amz-server-side-encryption: AES256
                      x-amz-version-id: 2fOdH1_knlgVhfdknNHtpIUz0pL.fsS_
                      server: AmazonS3
                      content-encoding: br
                      date: Fri, 13 Oct 2023 13:55:49 GMT
                      etag: W/"3baa387c7f290b85d463c390e0bc548b"
                      vary: Accept-Encoding
                      x-cache: Hit from cloudfront
                      via: 1.1 c337a55bb25a3540411fbbf6c8ad1b46.cloudfront.net (CloudFront)
                      x-amz-cf-pop: AMS1-P1
                      x-amz-cf-id: pj2FwsnAx5yWyOSackmO5BPRiMVal3JtWiD0ycn0hJ6VmZtXsYWBrg==
                      age: 8730
                    • flag-us
                      GET
                      https://assets.softr-files.com/softr-blocks/prod/blocks/header2/3.1.0/main.css?t=1696924706113
                      chrome.exe
                      Remote address:
                      18.65.39.5:443
                      Request
                      GET /softr-blocks/prod/blocks/header2/3.1.0/main.css?t=1696924706113 HTTP/2.0
                      host: assets.softr-files.com
                      sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                      sec-ch-ua-mobile: ?0
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      accept: */*
                      origin: null
                      sec-fetch-site: cross-site
                      sec-fetch-mode: cors
                      sec-fetch-dest: empty
                      accept-encoding: gzip, deflate, br
                      accept-language: en-US,en;q=0.9
                      Response
                      HTTP/2.0 200
                      content-type: text/javascript
                      date: Fri, 13 Oct 2023 05:52:28 GMT
                      access-control-allow-origin: *
                      access-control-allow-methods: GET, HEAD
                      access-control-max-age: 6000
                      last-modified: Tue, 13 Jun 2023 09:19:29 GMT
                      etag: W/"7b9f3055d5f1853db1e6a2a964dafd85"
                      x-amz-server-side-encryption: AES256
                      x-amz-version-id: null
                      server: AmazonS3
                      content-encoding: br
                      vary: Accept-Encoding
                      x-cache: Hit from cloudfront
                      via: 1.1 c337a55bb25a3540411fbbf6c8ad1b46.cloudfront.net (CloudFront)
                      x-amz-cf-pop: AMS1-P1
                      x-amz-cf-id: XZp-_WylLsbx5bskO3AFn-K6nav0T07bq-Su-aF_sT-4mKsy_0685g==
                      age: 37731
                    • flag-us
                      GET
                      https://assets.softr-files.com/softr-blocks/prod/blocks/cta2/3.1.1/main.js?t=1686647935147
                      chrome.exe
                      Remote address:
                      18.65.39.5:443
                      Request
                      GET /softr-blocks/prod/blocks/cta2/3.1.1/main.js?t=1686647935147 HTTP/2.0
                      host: assets.softr-files.com
                      sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                      sec-ch-ua-mobile: ?0
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      accept: */*
                      origin: null
                      sec-fetch-site: cross-site
                      sec-fetch-mode: cors
                      sec-fetch-dest: empty
                      accept-encoding: gzip, deflate, br
                      accept-language: en-US,en;q=0.9
                      Response
                      HTTP/2.0 200
                      content-type: text/css
                      content-length: 157
                      access-control-allow-origin: *
                      access-control-allow-methods: GET, HEAD
                      access-control-max-age: 6000
                      last-modified: Tue, 13 Jun 2023 09:19:29 GMT
                      x-amz-server-side-encryption: AES256
                      x-amz-version-id: null
                      accept-ranges: bytes
                      server: AmazonS3
                      date: Fri, 13 Oct 2023 12:56:13 GMT
                      etag: "c18cc70a92845a5a3e19dfc03a394752"
                      vary: Accept-Encoding
                      x-cache: Hit from cloudfront
                      via: 1.1 c337a55bb25a3540411fbbf6c8ad1b46.cloudfront.net (CloudFront)
                      x-amz-cf-pop: AMS1-P1
                      x-amz-cf-id: Te7sUzOg_s87UqOR6vU3d_EPyTb1U7lzeyITiXhx8oWmNieaGbNZ3Q==
                      age: 12306
                    • flag-us
                      GET
                      https://assets.softr-files.com/softr-blocks/prod/blocks/cta2/3.1.1/main.css?t=1686647935147
                      chrome.exe
                      Remote address:
                      18.65.39.5:443
                      Request
                      GET /softr-blocks/prod/blocks/cta2/3.1.1/main.css?t=1686647935147 HTTP/2.0
                      host: assets.softr-files.com
                      sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                      sec-ch-ua-mobile: ?0
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      accept: */*
                      origin: null
                      sec-fetch-site: cross-site
                      sec-fetch-mode: cors
                      sec-fetch-dest: empty
                      accept-encoding: gzip, deflate, br
                      accept-language: en-US,en;q=0.9
                      Response
                      HTTP/2.0 200
                      content-type: text/css
                      content-length: 203
                      access-control-allow-origin: *
                      access-control-allow-methods: GET, HEAD
                      access-control-max-age: 6000
                      last-modified: Tue, 10 Oct 2023 07:59:10 GMT
                      x-amz-server-side-encryption: AES256
                      x-amz-version-id: c1C1cbxVLe1hWurEXTY5sxRN8uLN7ALD
                      accept-ranges: bytes
                      server: AmazonS3
                      date: Fri, 13 Oct 2023 01:17:13 GMT
                      etag: "ec4b64470a83fed9c85007efd9576007"
                      vary: Accept-Encoding
                      x-cache: Hit from cloudfront
                      via: 1.1 c337a55bb25a3540411fbbf6c8ad1b46.cloudfront.net (CloudFront)
                      x-amz-cf-pop: AMS1-P1
                      x-amz-cf-id: zrzg1oOWCDgRUbqrugstRzsa-0o7W0OsHjmgzEINMY87466Jf-TpGA==
                      age: 54246
                    • flag-us
                      GET
                      https://assets.softr-files.com/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2
                      chrome.exe
                      Remote address:
                      18.65.39.5:443
                      Request
                      GET /libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2 HTTP/2.0
                      host: assets.softr-files.com
                      sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                      origin: null
                      sec-ch-ua-mobile: ?0
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      accept: */*
                      sec-fetch-site: cross-site
                      sec-fetch-mode: cors
                      sec-fetch-dest: font
                      referer: https://assets.softr-files.com/libs/font-awesome/5.14.0/css/all.min.css
                      accept-encoding: gzip, deflate, br
                      accept-language: en-US,en;q=0.9
                      Response
                      HTTP/2.0 200
                      content-type: binary/octet-stream
                      content-length: 80148
                      access-control-allow-origin: *
                      access-control-allow-methods: GET, HEAD
                      access-control-max-age: 6000
                      last-modified: Wed, 01 Feb 2023 21:46:16 GMT
                      x-amz-server-side-encryption: AES256
                      x-amz-version-id: null
                      accept-ranges: bytes
                      server: AmazonS3
                      date: Fri, 13 Oct 2023 15:34:04 GMT
                      etag: "c500da19d776384ba69573ae6fe274e7"
                      vary: Accept-Encoding
                      x-cache: Hit from cloudfront
                      via: 1.1 c337a55bb25a3540411fbbf6c8ad1b46.cloudfront.net (CloudFront)
                      x-amz-cf-pop: AMS1-P1
                      x-amz-cf-id: qLQkkWJ1UFEJzN9KHhmY_LIuME5O9SS_e6mM6eWfhOx3WiGM0w_3Zg==
                      age: 2836
                    • flag-us
                      DNS
                      apps.identrust.com
                      chrome.exe
                      Remote address:
                      8.8.8.8:53
                      Request
                      apps.identrust.com
                      IN A
                      Response
                      apps.identrust.com
                      IN CNAME
                      identrust.edgesuite.net
                      identrust.edgesuite.net
                      IN CNAME
                      a1952.dscq.akamai.net
                      a1952.dscq.akamai.net
                      IN A
                      88.221.25.169
                      a1952.dscq.akamai.net
                      IN A
                      88.221.25.153
                    • flag-nl
                      GET
                      http://apps.identrust.com/roots/dstrootcax3.p7c
                      chrome.exe
                      Remote address:
                      88.221.25.169:80
                      Request
                      GET /roots/dstrootcax3.p7c HTTP/1.1
                      Connection: Keep-Alive
                      Accept: */*
                      User-Agent: Microsoft-CryptoAPI/10.0
                      Host: apps.identrust.com
                      Response
                      HTTP/1.1 200 OK
                      X-XSS-Protection: 1; mode=block
                      X-Frame-Options: SAMEORIGIN
                      X-Content-Type-Options: nosniff
                      X-Robots-Tag: noindex
                      Referrer-Policy: same-origin
                      Last-Modified: Mon, 21 Aug 2023 22:08:28 GMT
                      ETag: "37d-603761e33cf00"
                      Accept-Ranges: bytes
                      Content-Length: 893
                      X-Content-Type-Options: nosniff
                      X-Frame-Options: sameorigin
                      Content-Type: application/pkcs7-mime
                      Cache-Control: max-age=3600
                      Expires: Fri, 13 Oct 2023 17:21:18 GMT
                      Date: Fri, 13 Oct 2023 16:21:18 GMT
                      Connection: keep-alive
                    • flag-us
                      DNS
                      162.47.239.18.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      162.47.239.18.in-addr.arpa
                      IN PTR
                      Response
                      162.47.239.18.in-addr.arpa
                      IN PTR
                      server-18-239-47-162ams58r cloudfrontnet
                    • flag-us
                      DNS
                      131.179.250.142.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      131.179.250.142.in-addr.arpa
                      IN PTR
                      Response
                      131.179.250.142.in-addr.arpa
                      IN PTR
                      ams17s10-in-f31e100net
                    • flag-us
                      DNS
                      169.25.221.88.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      169.25.221.88.in-addr.arpa
                      IN PTR
                      Response
                      169.25.221.88.in-addr.arpa
                      IN PTR
                      a88-221-25-169deploystaticakamaitechnologiescom
                    • flag-us
                      DNS
                      223.135.72.3.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      223.135.72.3.in-addr.arpa
                      IN PTR
                      Response
                      223.135.72.3.in-addr.arpa
                      IN PTR
                      ec2-3-72-135-223 eu-central-1compute amazonawscom
                    • flag-us
                      DNS
                      5.39.65.18.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      5.39.65.18.in-addr.arpa
                      IN PTR
                      Response
                      5.39.65.18.in-addr.arpa
                      IN PTR
                      server-18-65-39-5ams1r cloudfrontnet
                    • flag-us
                      DNS
                      softr-prod.imgix.net
                      chrome.exe
                      Remote address:
                      8.8.8.8:53
                      Request
                      softr-prod.imgix.net
                      IN A
                      Response
                      softr-prod.imgix.net
                      IN CNAME
                      dualstack.com.imgix.map.fastly.net
                      dualstack.com.imgix.map.fastly.net
                      IN A
                      199.232.150.208
                    • flag-de
                      GET
                      https://fonts.softr-files.com/google/static/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
                      chrome.exe
                      Remote address:
                      3.72.135.223:443
                      Request
                      GET /google/static/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/2.0
                      host: fonts.softr-files.com
                      sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                      origin: null
                      sec-ch-ua-mobile: ?0
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                      sec-ch-ua-platform: "Windows"
                      accept: */*
                      sec-fetch-site: cross-site
                      sec-fetch-mode: cors
                      sec-fetch-dest: font
                      referer: https://fonts.softr-files.com/google/api/css?family=Inter:100,200,300,500,600,600,700,800,900,400&display=swap
                      accept-encoding: gzip, deflate, br
                      accept-language: en-US,en;q=0.9
                      Response
                      HTTP/2.0 200
                      date: Fri, 13 Oct 2023 16:21:19 GMT
                      content-type: font/woff2
                      content-length: 46704
                      accept-ranges: bytes
                      access-control-allow-origin: *
                      content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
                      cross-origin-resource-policy: cross-origin
                      cross-origin-opener-policy: same-origin; report-to="apps-themes"
                      report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
                      timing-allow-origin: *
                      x-content-type-options: nosniff
                      x-xss-protection: 0
                      expires: Fri, 11 Oct 2024 18:27:54 GMT
                      cache-control: public, max-age=31536000
                      age: 78805
                      last-modified: Wed, 13 Sep 2023 23:49:07 GMT
                      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                      server: my-server
                    • flag-us
                      DNS
                      226.21.18.104.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      226.21.18.104.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      208.150.232.199.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      208.150.232.199.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      55.36.223.20.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      55.36.223.20.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      146.78.124.51.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      146.78.124.51.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      103.169.127.40.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      103.169.127.40.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      171.39.242.20.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      171.39.242.20.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      120.208.253.8.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      120.208.253.8.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      2.136.104.51.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      2.136.104.51.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      69.31.126.40.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      69.31.126.40.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      204.201.50.20.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      204.201.50.20.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      38.148.119.40.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      38.148.119.40.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      208.194.73.20.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      208.194.73.20.in-addr.arpa
                      IN PTR
                      Response
                    • flag-us
                      DNS
                      tse1.mm.bing.net
                      Remote address:
                      8.8.8.8:53
                      Request
                      tse1.mm.bing.net
                      IN A
                      Response
                      tse1.mm.bing.net
                      IN CNAME
                      mm-mm.bing.net.trafficmanager.net
                      mm-mm.bing.net.trafficmanager.net
                      IN CNAME
                      dual-a-0001.a-msedge.net
                      dual-a-0001.a-msedge.net
                      IN A
                      204.79.197.200
                      dual-a-0001.a-msedge.net
                      IN A
                      13.107.21.200
                    • flag-us
                      GET
                      https://tse1.mm.bing.net/th?id=OADD2.10239317301546_1Q2R62QH97KH2KYXT&pid=21.2&w=1080&h=1920&c=4
                      Remote address:
                      204.79.197.200:443
                      Request
                      GET /th?id=OADD2.10239317301546_1Q2R62QH97KH2KYXT&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
                      host: tse1.mm.bing.net
                      accept: */*
                      accept-encoding: gzip, deflate, br
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                      Response
                      HTTP/2.0 200
                      cache-control: public, max-age=2592000
                      content-length: 306609
                      content-type: image/jpeg
                      x-cache: TCP_HIT
                      access-control-allow-origin: *
                      access-control-allow-headers: *
                      access-control-allow-methods: GET, POST, OPTIONS
                      timing-allow-origin: *
                      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                      x-msedge-ref: Ref A: 52FFC0427942453F8B8B03B428F413CE Ref B: DUS30EDGE0910 Ref C: 2023-10-13T16:24:15Z
                      date: Fri, 13 Oct 2023 16:24:14 GMT
                    • flag-us
                      GET
                      https://tse1.mm.bing.net/th?id=OADD2.10239317301113_1JN5SDQBM09J1FJBH&pid=21.2&w=1920&h=1080&c=4
                      Remote address:
                      204.79.197.200:443
                      Request
                      GET /th?id=OADD2.10239317301113_1JN5SDQBM09J1FJBH&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
                      host: tse1.mm.bing.net
                      accept: */*
                      accept-encoding: gzip, deflate, br
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                      Response
                      HTTP/2.0 200
                      cache-control: public, max-age=2592000
                      content-length: 477021
                      content-type: image/jpeg
                      x-cache: TCP_HIT
                      access-control-allow-origin: *
                      access-control-allow-headers: *
                      access-control-allow-methods: GET, POST, OPTIONS
                      timing-allow-origin: *
                      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                      x-msedge-ref: Ref A: 346687E2FB694E6F872D735FC0860760 Ref B: DUS30EDGE0910 Ref C: 2023-10-13T16:24:15Z
                      date: Fri, 13 Oct 2023 16:24:14 GMT
                    • flag-us
                      GET
                      https://tse1.mm.bing.net/th?id=OADD2.10239317300975_1PSAZBGXQ41KBQTNW&pid=21.2&w=1920&h=1080&c=4
                      Remote address:
                      204.79.197.200:443
                      Request
                      GET /th?id=OADD2.10239317300975_1PSAZBGXQ41KBQTNW&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
                      host: tse1.mm.bing.net
                      accept: */*
                      accept-encoding: gzip, deflate, br
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                      Response
                      HTTP/2.0 200
                      cache-control: public, max-age=2592000
                      content-length: 474695
                      content-type: image/jpeg
                      x-cache: TCP_HIT
                      access-control-allow-origin: *
                      access-control-allow-headers: *
                      access-control-allow-methods: GET, POST, OPTIONS
                      timing-allow-origin: *
                      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                      x-msedge-ref: Ref A: BAAF897B58374FA891E4C14136708B65 Ref B: DUS30EDGE0910 Ref C: 2023-10-13T16:24:15Z
                      date: Fri, 13 Oct 2023 16:24:14 GMT
                    • flag-us
                      GET
                      https://tse1.mm.bing.net/th?id=OADD2.10239317301408_19XVL4AIYUOQFOTMG&pid=21.2&w=1080&h=1920&c=4
                      Remote address:
                      204.79.197.200:443
                      Request
                      GET /th?id=OADD2.10239317301408_19XVL4AIYUOQFOTMG&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
                      host: tse1.mm.bing.net
                      accept: */*
                      accept-encoding: gzip, deflate, br
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                      Response
                      HTTP/2.0 200
                      cache-control: public, max-age=2592000
                      content-length: 491862
                      content-type: image/jpeg
                      x-cache: TCP_HIT
                      access-control-allow-origin: *
                      access-control-allow-headers: *
                      access-control-allow-methods: GET, POST, OPTIONS
                      timing-allow-origin: *
                      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                      x-msedge-ref: Ref A: 62530C786B0548B7A7FBB70E3C4CF412 Ref B: DUS30EDGE0910 Ref C: 2023-10-13T16:24:15Z
                      date: Fri, 13 Oct 2023 16:24:14 GMT
                    • flag-us
                      GET
                      https://tse1.mm.bing.net/th?id=OADD2.10239317301293_1FSTD12L993UDL4R1&pid=21.2&w=1920&h=1080&c=4
                      Remote address:
                      204.79.197.200:443
                      Request
                      GET /th?id=OADD2.10239317301293_1FSTD12L993UDL4R1&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
                      host: tse1.mm.bing.net
                      accept: */*
                      accept-encoding: gzip, deflate, br
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                      Response
                      HTTP/2.0 200
                      cache-control: public, max-age=2592000
                      content-length: 493050
                      content-type: image/jpeg
                      x-cache: TCP_HIT
                      access-control-allow-origin: *
                      access-control-allow-headers: *
                      access-control-allow-methods: GET, POST, OPTIONS
                      timing-allow-origin: *
                      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                      x-msedge-ref: Ref A: B57E23F0A1234E62AA6DEDA986C47B0F Ref B: DUS30EDGE0910 Ref C: 2023-10-13T16:24:15Z
                      date: Fri, 13 Oct 2023 16:24:15 GMT
                    • flag-us
                      GET
                      https://tse1.mm.bing.net/th?id=OADD2.10239317301702_1LBACEB6FFDATSLGM&pid=21.2&w=1080&h=1920&c=4
                      Remote address:
                      204.79.197.200:443
                      Request
                      GET /th?id=OADD2.10239317301702_1LBACEB6FFDATSLGM&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
                      host: tse1.mm.bing.net
                      accept: */*
                      accept-encoding: gzip, deflate, br
                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                      Response
                      HTTP/2.0 200
                      cache-control: public, max-age=2592000
                      content-length: 479679
                      content-type: image/jpeg
                      x-cache: TCP_HIT
                      access-control-allow-origin: *
                      access-control-allow-headers: *
                      access-control-allow-methods: GET, POST, OPTIONS
                      timing-allow-origin: *
                      report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                      nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                      x-msedge-ref: Ref A: 695DA132FFF24DB7A872DAD9156809B4 Ref B: DUS30EDGE0910 Ref C: 2023-10-13T16:24:16Z
                      date: Fri, 13 Oct 2023 16:24:16 GMT
                    • flag-us
                      DNS
                      200.197.79.204.in-addr.arpa
                      Remote address:
                      8.8.8.8:53
                      Request
                      200.197.79.204.in-addr.arpa
                      IN PTR
                      Response
                      200.197.79.204.in-addr.arpa
                      IN PTR
                      a-0001a-msedgenet
                    • 3.72.135.223:443
                      https://fonts.softr-files.com/google/api/css?family=Inter:100,200,300,500,600,600,700,800,900,400&display=swap
                      tls, http2
                      chrome.exe
                      1.9kB
                       8.6kB
                       18
                      21

                      HTTP Request

                      GET https://fonts.softr-files.com/google/api/css?family=Inter:100,200,300,500,600,600,700,800,900,400&display=swap

                      HTTP Response

                      200
                    • 18.65.39.5:443
                      https://assets.softr-files.com/libs/micromodal/0.4.10/micromodal.min.js
                      tls, http2
                      chrome.exe
                      4.2kB
                       104.9kB
                       59
                      93

                      HTTP Request

                      GET https://assets.softr-files.com/libs/bootstrap/4.3.1/css/bootstrap.min.css

                      HTTP Request

                      GET https://assets.softr-files.com/libs/font-awesome/5.14.0/css/all.min.css

                      HTTP Request

                      GET https://assets.softr-files.com/libs/jquery/3.4.1/jquery.min.js

                      HTTP Request

                      GET https://assets.softr-files.com/libs/popper.js/1.14.7/umd/popper.min.js

                      HTTP Response

                      200

                      HTTP Response

                      200

                      HTTP Response

                      200

                      HTTP Request

                      GET https://assets.softr-files.com/libs/bootstrap/4.3.1/js/bootstrap.min.js

                      HTTP Request

                      GET https://assets.softr-files.com/libs/micromodal/0.4.10/micromodal.min.js

                      HTTP Response

                      200

                      HTTP Response

                      200

                      HTTP Response

                      200
                    • 18.65.39.5:443
                      assets.softr-files.com
                      tls, http2
                      chrome.exe
                      1.0kB
                       6.7kB
                       10
                      11
                    • 18.65.39.5:443
                      assets.softr-files.com
                      tls, http2
                      chrome.exe
                      1.0kB
                       6.7kB
                       10
                      11
                    • 18.65.39.5:443
                      assets.softr-files.com
                      tls, http2
                      chrome.exe
                      1.0kB
                       6.6kB
                       10
                      10
                    • 18.65.39.5:443
                      assets.softr-files.com
                      tls, http2
                      chrome.exe
                      989 B
                       6.6kB
                       9
                      10
                    • 18.65.39.5:443
                      assets.softr-files.com
                      tls, http2
                      chrome.exe
                      1.1kB
                       6.7kB
                       11
                      11
                    • 18.65.39.5:443
                      https://assets.softr-files.com/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2
                      tls, http2
                      chrome.exe
                      7.3kB
                       260.7kB
                       120
                      208

                      HTTP Request

                      GET https://assets.softr-files.com/libs/iframe-resizer/4.2.11/iframeResizer.contentWindow.min.js

                      HTTP Request

                      GET https://assets.softr-files.com/softr-blocks/prod/libs/react/18.2.0/react18.min.js

                      HTTP Request

                      GET https://assets.softr-files.com/softr-blocks/prod/libs/react/18.2.0/react-dom18.min.js

                      HTTP Request

                      GET https://assets.softr-files.com/softr-blocks/prod/blocks/header2/3.1.0/main.js?t=1696924706113

                      HTTP Request

                      GET https://assets.softr-files.com/softr-blocks/prod/blocks/header2/3.1.0/main.css?t=1696924706113

                      HTTP Request

                      GET https://assets.softr-files.com/softr-blocks/prod/blocks/cta2/3.1.1/main.js?t=1686647935147

                      HTTP Request

                      GET https://assets.softr-files.com/softr-blocks/prod/blocks/cta2/3.1.1/main.css?t=1686647935147

                      HTTP Response

                      200

                      HTTP Response

                      200

                      HTTP Response

                      200

                      HTTP Response

                      200

                      HTTP Response

                      200

                      HTTP Response

                      200

                      HTTP Response

                      200

                      HTTP Request

                      GET https://assets.softr-files.com/libs/font-awesome/5.14.0/webfonts/fa-solid-900.woff2

                      HTTP Response

                      200
                    • 18.65.39.5:443
                      assets.softr-files.com
                      tls, http2
                      chrome.exe
                      1.1kB
                       6.7kB
                       11
                      11
                    • 18.65.39.5:443
                      assets.softr-files.com
                      tls, http2
                      chrome.exe
                      1.0kB
                       6.7kB
                       10
                      11
                    • 18.65.39.5:443
                      assets.softr-files.com
                      tls, http2
                      chrome.exe
                      1.1kB
                       6.7kB
                       11
                      11
                    • 18.65.39.5:443
                      assets.softr-files.com
                      tls, http2
                      chrome.exe
                      1.1kB
                       6.7kB
                       11
                      11
                    • 18.65.39.5:443
                      assets.softr-files.com
                      tls, http2
                      chrome.exe
                      1.0kB
                       6.6kB
                       10
                      10
                    • 88.221.25.169:80
                      http://apps.identrust.com/roots/dstrootcax3.p7c
                      http
                      chrome.exe
                      416 B
                       1.6kB
                       6
                      5

                      HTTP Request

                      GET http://apps.identrust.com/roots/dstrootcax3.p7c

                      HTTP Response

                      200
                    • 199.232.150.208:443
                      softr-prod.imgix.net
                      tls
                      chrome.exe
                      2.9kB
                       52.8kB
                       35
                      55
                    • 3.72.135.223:443
                      https://fonts.softr-files.com/google/static/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
                      tls, http2
                      chrome.exe
                      2.8kB
                       56.0kB
                       35
                      55

                      HTTP Request

                      GET https://fonts.softr-files.com/google/static/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

                      HTTP Response

                      200
                    • 204.79.197.200:443
                      tse1.mm.bing.net
                      tls, http2
                      1.2kB
                       8.3kB
                       16
                      14
                    • 204.79.197.200:443
                      https://tse1.mm.bing.net/th?id=OADD2.10239317301702_1LBACEB6FFDATSLGM&pid=21.2&w=1080&h=1920&c=4
                      tls, http2
                      102.5kB
                       2.8MB
                       2053
                      2050

                      HTTP Request

                      GET https://tse1.mm.bing.net/th?id=OADD2.10239317301546_1Q2R62QH97KH2KYXT&pid=21.2&w=1080&h=1920&c=4

                      HTTP Request

                      GET https://tse1.mm.bing.net/th?id=OADD2.10239317301113_1JN5SDQBM09J1FJBH&pid=21.2&w=1920&h=1080&c=4

                      HTTP Request

                      GET https://tse1.mm.bing.net/th?id=OADD2.10239317300975_1PSAZBGXQ41KBQTNW&pid=21.2&w=1920&h=1080&c=4

                      HTTP Request

                      GET https://tse1.mm.bing.net/th?id=OADD2.10239317301408_19XVL4AIYUOQFOTMG&pid=21.2&w=1080&h=1920&c=4

                      HTTP Response

                      200

                      HTTP Response

                      200

                      HTTP Response

                      200

                      HTTP Response

                      200

                      HTTP Request

                      GET https://tse1.mm.bing.net/th?id=OADD2.10239317301293_1FSTD12L993UDL4R1&pid=21.2&w=1920&h=1080&c=4

                      HTTP Response

                      200

                      HTTP Request

                      GET https://tse1.mm.bing.net/th?id=OADD2.10239317301702_1LBACEB6FFDATSLGM&pid=21.2&w=1080&h=1920&c=4

                      HTTP Response

                      200
                    • 204.79.197.200:443
                      tse1.mm.bing.net
                      tls, http2
                      1.2kB
                       8.3kB
                       16
                      14
                    • 8.8.8.8:53
                      76.32.126.40.in-addr.arpa
                      dns
                      71 B
                       157 B
                       1
                      1

                      DNS Request

                      76.32.126.40.in-addr.arpa

                    • 8.8.8.8:53
                      8.3.197.209.in-addr.arpa
                      dns
                      70 B
                       111 B
                       1
                      1

                      DNS Request

                      8.3.197.209.in-addr.arpa

                    • 8.8.8.8:53
                      95.221.229.192.in-addr.arpa
                      dns
                      73 B
                       144 B
                       1
                      1

                      DNS Request

                      95.221.229.192.in-addr.arpa

                    • 8.8.8.8:53
                      241.154.82.20.in-addr.arpa
                      dns
                      72 B
                       158 B
                       1
                      1

                      DNS Request

                      241.154.82.20.in-addr.arpa

                    • 8.8.8.8:53
                      8.8.8.8.in-addr.arpa
                      dns
                      66 B
                       90 B
                       1
                      1

                      DNS Request

                      8.8.8.8.in-addr.arpa

                    • 8.8.8.8:53
                      29.81.57.23.in-addr.arpa
                      dns
                      70 B
                       133 B
                       1
                      1

                      DNS Request

                      29.81.57.23.in-addr.arpa

                    • 8.8.8.8:53
                      fonts.softr-files.com
                      dns
                      chrome.exe
                      67 B
                       83 B
                       1
                      1

                      DNS Request

                      fonts.softr-files.com

                      DNS Response

                      3.72.135.223

                    • 8.8.8.8:53
                      assets.softr-files.com
                      dns
                      chrome.exe
                      68 B
                       174 B
                       1
                      1

                      DNS Request

                      assets.softr-files.com

                      DNS Response

                      18.65.39.5
                      18.65.39.40
                      18.65.39.65
                      18.65.39.106

                    • 8.8.8.8:53
                      apps.identrust.com
                      dns
                      chrome.exe
                      64 B
                       165 B
                       1
                      1

                      DNS Request

                      apps.identrust.com

                      DNS Response

                      88.221.25.169
                      88.221.25.153

                    • 8.8.8.8:53
                      162.47.239.18.in-addr.arpa
                      dns
                      72 B
                       129 B
                       1
                      1

                      DNS Request

                      162.47.239.18.in-addr.arpa

                    • 8.8.8.8:53
                      131.179.250.142.in-addr.arpa
                      dns
                      74 B
                       112 B
                       1
                      1

                      DNS Request

                      131.179.250.142.in-addr.arpa

                    • 8.8.8.8:53
                      169.25.221.88.in-addr.arpa
                      dns
                      72 B
                       137 B
                       1
                      1

                      DNS Request

                      169.25.221.88.in-addr.arpa

                    • 8.8.8.8:53
                      223.135.72.3.in-addr.arpa
                      dns
                      71 B
                       136 B
                       1
                      1

                      DNS Request

                      223.135.72.3.in-addr.arpa

                    • 8.8.8.8:53
                      5.39.65.18.in-addr.arpa
                      dns
                      69 B
                       122 B
                       1
                      1

                      DNS Request

                      5.39.65.18.in-addr.arpa

                    • 8.8.8.8:53
                      softr-prod.imgix.net
                      dns
                      chrome.exe
                      66 B
                       127 B
                       1
                      1

                      DNS Request

                      softr-prod.imgix.net

                      DNS Response

                      199.232.150.208

                    • 3.72.135.223:443
                      fonts.softr-files.com
                      https
                      chrome.exe
                      6.4kB
                       5
                    • 8.8.8.8:53
                      226.21.18.104.in-addr.arpa
                      dns
                      72 B
                       134 B
                       1
                      1

                      DNS Request

                      226.21.18.104.in-addr.arpa

                    • 8.8.8.8:53
                      208.150.232.199.in-addr.arpa
                      dns
                      74 B
                       128 B
                       1
                      1

                      DNS Request

                      208.150.232.199.in-addr.arpa

                    • 8.8.8.8:53
                      55.36.223.20.in-addr.arpa
                      dns
                      71 B
                       157 B
                       1
                      1

                      DNS Request

                      55.36.223.20.in-addr.arpa

                    • 224.0.0.251:5353
                      chrome.exe
                      204 B
                       3
                    • 8.8.8.8:53
                      146.78.124.51.in-addr.arpa
                      dns
                      72 B
                       158 B
                       1
                      1

                      DNS Request

                      146.78.124.51.in-addr.arpa

                    • 8.8.8.8:53
                      103.169.127.40.in-addr.arpa
                      dns
                      73 B
                       147 B
                       1
                      1

                      DNS Request

                      103.169.127.40.in-addr.arpa

                    • 8.8.8.8:53
                      171.39.242.20.in-addr.arpa
                      dns
                      72 B
                       158 B
                       1
                      1

                      DNS Request

                      171.39.242.20.in-addr.arpa

                    • 8.8.8.8:53
                      120.208.253.8.in-addr.arpa
                      dns
                      72 B
                       126 B
                       1
                      1

                      DNS Request

                      120.208.253.8.in-addr.arpa

                    • 8.8.8.8:53
                      2.136.104.51.in-addr.arpa
                      dns
                      71 B
                       157 B
                       1
                      1

                      DNS Request

                      2.136.104.51.in-addr.arpa

                    • 8.8.8.8:53
                      69.31.126.40.in-addr.arpa
                      dns
                      71 B
                       157 B
                       1
                      1

                      DNS Request

                      69.31.126.40.in-addr.arpa

                    • 8.8.8.8:53
                      204.201.50.20.in-addr.arpa
                      dns
                      72 B
                       158 B
                       1
                      1

                      DNS Request

                      204.201.50.20.in-addr.arpa

                    • 8.8.8.8:53
                      38.148.119.40.in-addr.arpa
                      dns
                      72 B
                       146 B
                       1
                      1

                      DNS Request

                      38.148.119.40.in-addr.arpa

                    • 8.8.8.8:53
                      208.194.73.20.in-addr.arpa
                      dns
                      72 B
                       158 B
                       1
                      1

                      DNS Request

                      208.194.73.20.in-addr.arpa

                    • 8.8.8.8:53
                      tse1.mm.bing.net
                      dns
                      62 B
                       173 B
                       1
                      1

                      DNS Request

                      tse1.mm.bing.net

                      DNS Response

                      204.79.197.200
                      13.107.21.200

                    • 8.8.8.8:53
                      200.197.79.204.in-addr.arpa
                      dns
                      73 B
                       106 B
                       1
                      1

                      DNS Request

                      200.197.79.204.in-addr.arpa

                    MITRE ATT&CK Enterprise v15

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                      Filesize

                      1KB

                      MD5

                      0d988f3a3190dbd579e1616c0060c76f

                      SHA1

                      157dd4454bf31081481af909e1ae01ff8bd50e2c

                      SHA256

                      bbccb8c41500541399e0dfe8e3f6e62a286e312c301d1a23028ea7c284e67cf3

                      SHA512

                      43d0a816f8e821381d53983fd684807978e23066bf1cd0677ef5b01fcbd7268f9049a09ef2599331ef5ee8bc38c335bf730abc900b2b40a0e93e6b537ac38d3b

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                      Filesize

                      539B

                      MD5

                      87876d6c8519edfffe32b35ad9dc7e0b

                      SHA1

                      413979fa5fb4b128c6c593cb0d16ad9e06b2bf3a

                      SHA256

                      329c3b4f494074afd537e7a6cbc3078b903c13cef88c5ea5a15683ca8b88ab3a

                      SHA512

                      206974b63aa84b3c817e1132e6f166d2024863f227e5d272e35e6ef98514af4bafbed148a4d0b68cfce2923f75b621c80ac0619597b8a7cf66070ba90548b5c3

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                      Filesize

                      5KB

                      MD5

                      9901fa9d784c93bff4c7d9d25f7ff471

                      SHA1

                      c71e1dbf35735b5bf28031f7b46b659520f989dc

                      SHA256

                      5f0489589098672401266157f446241692f96a9c7f5e631cd7d53a2552238a43

                      SHA512

                      1be2441a0b709ca723121cfef5c55e40a40222d78d54b9e2e77a9f0f3291dd15786c0ee5b22357673b0f8a34d2dbc2f8979055dd76d56dfb439f97f577d16a63

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                      Filesize

                      5KB

                      MD5

                      435781637ad89b64f7ab563c6cfc2b27

                      SHA1

                      6f4fc5325436e74198f47248ba0e613327044931

                      SHA256

                      e276e02eaba4bf52e496eeaa1b0cc5b24bd0de021e3ec2fa3913942f0fffe8da

                      SHA512

                      26c70ca92ee5f30389e58ba63f1c1884ce0883acd1d7d0d33016c5ba3dadfeece41980982555648670a5212337fce5d3328d8d116a0026414fc028fc66507242

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                      Filesize

                      5KB

                      MD5

                      5e0e2ebdf1a4dc8fbf4ae0aa7c47cab6

                      SHA1

                      331d17f0714ee8aa6e4e4c2769626afb958c02d5

                      SHA256

                      f595e6d1a6aa8d4f0ba4935515159e86334957474c41fed744f486e29d21234b

                      SHA512

                      3f8fa53c4449867004638ffc370e968edb70a69ef16d822952e8f0b9612a4f036fa87fbe670388a7f518bf230a9faab972985da2f99e746402101f4238ee01b4

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                      Filesize

                      101KB

                      MD5

                      fcb134ea8ca08357a006ecdd8d798f9b

                      SHA1

                      d71b46de6d0ad2fe025368128611683169e023e4

                      SHA256

                      9695cb5239d8bb7d8eecb6cffa107060e0b993c6ccaca9319fd907ee5bf4a827

                      SHA512

                      782aeda010dd477e9431965fda59c597e02dd56789161ad4b42820bd8c9523c9df8176fc747083dfa5bb90e037e3ee3c3e148fb7fd79bcc4870488bd4ad74842

                      Download Submit

                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
                      Filesize

                      2B

                      MD5

                      99914b932bd37a50b983c5e7c90ae93b

                      SHA1

                      bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                      SHA256

                      44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                      SHA512

                      27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                      Download Submit

                    We care about your privacy.

                    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.