Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

URLScan

urlscan

1

http://www.exact-dis...

windows10-2004-x64

1

Analysis

  • max time kernel
    19s
  • max time network
    24s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231020-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/11/2023, 19:14 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://www.exact-dispensing.com/

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 36 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://www.exact-dispensing.com/
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3740
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x108,0x10c,0x110,0xe4,0x114,0x7fff5d4c9758,0x7fff5d4c9768,0x7fff5d4c9778
      2⤵
        PID:4636
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 --field-trial-handle=1876,i,1257892091633485640,16029222193162335733,131072 /prefetch:2
        2⤵
          PID:2832
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2192 --field-trial-handle=1876,i,1257892091633485640,16029222193162335733,131072 /prefetch:8
          2⤵
            PID:968
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 --field-trial-handle=1876,i,1257892091633485640,16029222193162335733,131072 /prefetch:8
            2⤵
              PID:3972
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2860 --field-trial-handle=1876,i,1257892091633485640,16029222193162335733,131072 /prefetch:1
              2⤵
                PID:1016
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2840 --field-trial-handle=1876,i,1257892091633485640,16029222193162335733,131072 /prefetch:1
                2⤵
                  PID:2328
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4644 --field-trial-handle=1876,i,1257892091633485640,16029222193162335733,131072 /prefetch:1
                  2⤵
                    PID:4736
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5368 --field-trial-handle=1876,i,1257892091633485640,16029222193162335733,131072 /prefetch:8
                    2⤵
                      PID:3288
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5464 --field-trial-handle=1876,i,1257892091633485640,16029222193162335733,131072 /prefetch:8
                      2⤵
                        PID:3436
                    • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                      "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                      1⤵
                        PID:1760

                      Network

                      • flag-us
                        DNS
                        208.194.73.20.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        208.194.73.20.in-addr.arpa
                        IN PTR
                        Response
                      • flag-us
                        DNS
                        www.exact-dispensing.com
                        chrome.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        www.exact-dispensing.com
                        IN A
                        Response
                        www.exact-dispensing.com
                        IN CNAME
                        exact-dispensing.com
                        exact-dispensing.com
                        IN A
                        15.197.142.173
                        exact-dispensing.com
                        IN A
                        3.33.152.147
                      • flag-us
                        DNS
                        193.78.101.95.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        193.78.101.95.in-addr.arpa
                        IN PTR
                        Response
                        193.78.101.95.in-addr.arpa
                        IN PTR
                        a95-101-78-193deploystaticakamaitechnologiescom
                      • flag-us
                        GET
                        http://www.exact-dispensing.com/
                        chrome.exe
                        Remote address:
                        15.197.142.173:80
                        Request
                        GET / HTTP/1.1
                        Host: www.exact-dispensing.com
                        Connection: keep-alive
                        Upgrade-Insecure-Requests: 1
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                        Accept-Encoding: gzip, deflate
                        Accept-Language: en-US,en;q=0.9
                        Response
                        HTTP/1.1 301 Moved Permanently
                        Date: Thu, 23 Nov 2023 19:14:52 GMT
                        Content-Type: text/html; charset=utf-8
                        Content-Length: 62
                        Connection: keep-alive
                        Location: https://exactdispensing.com
                        Server: ip-100-74-3-81.eu-west-2.compute.internal
                        X-Request-Id: db4d18c5-51ea-4d6a-9ac8-9c29b08c8962
                      • flag-us
                        DNS
                        exactdispensing.com
                        chrome.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        exactdispensing.com
                        IN A
                        Response
                        exactdispensing.com
                        IN A
                        3.138.49.65
                      • flag-us
                        DNS
                        apps.identrust.com
                        chrome.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        apps.identrust.com
                        IN A
                        Response
                        apps.identrust.com
                        IN CNAME
                        identrust.edgesuite.net
                        identrust.edgesuite.net
                        IN CNAME
                        a1952.dscq.akamai.net
                        a1952.dscq.akamai.net
                        IN A
                        88.221.25.169
                        a1952.dscq.akamai.net
                        IN A
                        88.221.25.153
                      • flag-nl
                        GET
                        http://apps.identrust.com/roots/dstrootcax3.p7c
                        chrome.exe
                        Remote address:
                        88.221.25.169:80
                        Request
                        GET /roots/dstrootcax3.p7c HTTP/1.1
                        Connection: Keep-Alive
                        Accept: */*
                        User-Agent: Microsoft-CryptoAPI/10.0
                        Host: apps.identrust.com
                        Response
                        HTTP/1.1 200 OK
                        X-XSS-Protection: 1; mode=block
                        X-Frame-Options: SAMEORIGIN
                        X-Content-Type-Options: nosniff
                        X-Robots-Tag: noindex
                        Referrer-Policy: same-origin
                        Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
                        ETag: "37d-6079b8c0929c0"
                        Accept-Ranges: bytes
                        Content-Length: 893
                        X-Content-Type-Options: nosniff
                        X-Frame-Options: sameorigin
                        Content-Type: application/pkcs7-mime
                        Cache-Control: max-age=3600
                        Expires: Thu, 23 Nov 2023 20:14:52 GMT
                        Date: Thu, 23 Nov 2023 19:14:52 GMT
                        Connection: keep-alive
                      • flag-us
                        DNS
                        202.23.217.172.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        202.23.217.172.in-addr.arpa
                        IN PTR
                        Response
                        202.23.217.172.in-addr.arpa
                        IN PTR
                        ams16s37-in-f101e100net
                        202.23.217.172.in-addr.arpa
                        IN PTR
                        prg03s05-in-f202�I
                        202.23.217.172.in-addr.arpa
                        IN PTR
                        prg03s05-in-f10�I
                      • flag-us
                        DNS
                        173.142.197.15.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        173.142.197.15.in-addr.arpa
                        IN PTR
                        Response
                        173.142.197.15.in-addr.arpa
                        IN PTR
                        a4ec4c6ea1c92e2e6awsglobalacceleratorcom
                      • flag-us
                        DNS
                        68.159.190.20.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        68.159.190.20.in-addr.arpa
                        IN PTR
                        Response
                      • flag-us
                        DNS
                        65.49.138.3.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        65.49.138.3.in-addr.arpa
                        IN PTR
                        Response
                        65.49.138.3.in-addr.arpa
                        IN PTR
                        ec2-3-138-49-65 us-east-2compute amazonawscom
                      • flag-us
                        DNS
                        95.221.229.192.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        95.221.229.192.in-addr.arpa
                        IN PTR
                        Response
                      • flag-us
                        DNS
                        169.25.221.88.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        169.25.221.88.in-addr.arpa
                        IN PTR
                        Response
                        169.25.221.88.in-addr.arpa
                        IN PTR
                        a88-221-25-169deploystaticakamaitechnologiescom
                      • flag-us
                        DNS
                        maps.google.com
                        chrome.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        maps.google.com
                        IN A
                        Response
                        maps.google.com
                        IN A
                        142.250.179.206
                      • flag-us
                        DNS
                        translate.google.com
                        chrome.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        translate.google.com
                        IN A
                        Response
                        translate.google.com
                        IN CNAME
                        www3.l.google.com
                        www3.l.google.com
                        IN A
                        142.250.179.206
                      • flag-us
                        DNS
                        downloads.mailchimp.com
                        chrome.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        downloads.mailchimp.com
                        IN A
                        Response
                        downloads.mailchimp.com
                        IN CNAME
                        d1zgderxoe1a.cloudfront.net
                        d1zgderxoe1a.cloudfront.net
                        IN A
                        18.239.94.48
                        d1zgderxoe1a.cloudfront.net
                        IN A
                        18.239.94.107
                        d1zgderxoe1a.cloudfront.net
                        IN A
                        18.239.94.76
                        d1zgderxoe1a.cloudfront.net
                        IN A
                        18.239.94.86
                      • flag-us
                        GET
                        https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
                        chrome.exe
                        Remote address:
                        18.239.94.48:443
                        Request
                        GET /js/signup-forms/popup/unique-methods/embed.js HTTP/1.1
                        Host: downloads.mailchimp.com
                        Connection: keep-alive
                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                        sec-ch-ua-mobile: ?0
                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                        sec-ch-ua-platform: "Windows"
                        Accept: */*
                        Sec-Fetch-Site: cross-site
                        Sec-Fetch-Mode: no-cors
                        Sec-Fetch-Dest: script
                        Referer: https://exactdispensing.com/
                        Accept-Encoding: gzip, deflate, br
                        Accept-Language: en-US,en;q=0.9
                        Response
                        HTTP/1.1 200 OK
                        Content-Type: application/javascript
                        Transfer-Encoding: chunked
                        Connection: keep-alive
                        Last-Modified: Tue, 21 Nov 2023 15:55:13 GMT
                        x-amz-server-side-encryption: AES256
                        Server: AmazonS3
                        Content-Encoding: br
                        Date: Thu, 23 Nov 2023 10:37:22 GMT
                        ETag: W/"17a327f52ae51bcb72da8e3838f02e1c"
                        Vary: Accept-Encoding
                        X-Cache: Hit from cloudfront
                        Via: 1.1 b5831686bbaffa69458853f1db0eca2a.cloudfront.net (CloudFront)
                        X-Amz-Cf-Pop: AMS1-P3
                        X-Amz-Cf-Id: HuL8vmrle3nxphmA9Yy0t4lL4UKz2920GTbHJUUpefWM6J5PpNSvOQ==
                        Age: 31053
                        Vary: Origin
                      • flag-us
                        DNS
                        106.208.58.216.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        106.208.58.216.in-addr.arpa
                        IN PTR
                        Response
                        106.208.58.216.in-addr.arpa
                        IN PTR
                        sof01s11-in-f1061e100net
                        106.208.58.216.in-addr.arpa
                        IN PTR
                        ams17s08-in-f10�J
                      • flag-us
                        DNS
                        48.94.239.18.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        48.94.239.18.in-addr.arpa
                        IN PTR
                        Response
                        48.94.239.18.in-addr.arpa
                        IN PTR
                        server-18-239-94-48ams1r cloudfrontnet
                      • flag-us
                        DNS
                        131.179.250.142.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        131.179.250.142.in-addr.arpa
                        IN PTR
                        Response
                        131.179.250.142.in-addr.arpa
                        IN PTR
                        ams17s10-in-f31e100net
                      • flag-us
                        DNS
                        secure.left5lock.com
                        chrome.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        secure.left5lock.com
                        IN A
                        Response
                        secure.left5lock.com
                        IN CNAME
                        ghochv3eng.trafficmanager.net
                        ghochv3eng.trafficmanager.net
                        IN CNAME
                        v3-eu-appgwv2.uksouth.cloudapp.azure.com
                        v3-eu-appgwv2.uksouth.cloudapp.azure.com
                        IN A
                        51.11.20.152
                      • flag-us
                        DNS
                        adtrack.voicestar.com
                        chrome.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        adtrack.voicestar.com
                        IN A
                        Response
                        adtrack.voicestar.com
                        IN A
                        174.137.122.243
                      • flag-us
                        DNS
                        15.39.65.18.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        15.39.65.18.in-addr.arpa
                        IN PTR
                        Response
                        15.39.65.18.in-addr.arpa
                        IN PTR
                        server-18-65-39-15ams1r cloudfrontnet
                      • flag-us
                        DNS
                        152.20.11.51.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        152.20.11.51.in-addr.arpa
                        IN PTR
                        Response
                      • flag-nl
                        GET
                        https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
                        chrome.exe
                        Remote address:
                        142.250.179.206:443
                        Request
                        GET /translate_a/element.js?cb=GoogleLanguageTranslatorInit HTTP/2.0
                        host: translate.google.com
                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                        sec-ch-ua-mobile: ?0
                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                        sec-ch-ua-platform: "Windows"
                        accept: */*
                        sec-fetch-site: cross-site
                        sec-fetch-mode: no-cors
                        sec-fetch-dest: script
                        referer: https://exactdispensing.com/
                        accept-encoding: gzip, deflate, br
                        accept-language: en-US,en;q=0.9
                      • flag-nl
                        GET
                        https://maps.google.com/maps/api/js?key=AIzaSyChDwTOkcdxuh2NNjEAMxgY4nrcefK842M
                        chrome.exe
                        Remote address:
                        142.250.179.206:443
                        Request
                        GET /maps/api/js?key=AIzaSyChDwTOkcdxuh2NNjEAMxgY4nrcefK842M HTTP/2.0
                        host: maps.google.com
                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                        sec-ch-ua-mobile: ?0
                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                        sec-ch-ua-platform: "Windows"
                        accept: */*
                        sec-fetch-site: cross-site
                        sec-fetch-mode: no-cors
                        sec-fetch-dest: script
                        referer: https://exactdispensing.com/
                        accept-encoding: gzip, deflate, br
                        accept-language: en-US,en;q=0.9
                      • flag-us
                        DNS
                        mc.us8.list-manage.com
                        chrome.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        mc.us8.list-manage.com
                        IN A
                        Response
                        mc.us8.list-manage.com
                        IN CNAME
                        swc.list-manage.com.edgekey.net
                        swc.list-manage.com.edgekey.net
                        IN CNAME
                        e13829.x.akamaiedge.net
                        e13829.x.akamaiedge.net
                        IN A
                        23.222.60.55
                      • flag-nl
                        GET
                        https://mc.us8.list-manage.com/subscribe/form-settings?u=29111181aa8a9c414cc980ec9&id=89a1462b5b&f_id=undefined&u=29111181aa8a9c414cc980ec9&id=89a1462b5b&c=dojo_request_script_callbacks.dojo_request_script0
                        chrome.exe
                        Remote address:
                        23.222.60.55:443
                        Request
                        GET /subscribe/form-settings?u=29111181aa8a9c414cc980ec9&id=89a1462b5b&f_id=undefined&u=29111181aa8a9c414cc980ec9&id=89a1462b5b&c=dojo_request_script_callbacks.dojo_request_script0 HTTP/2.0
                        host: mc.us8.list-manage.com
                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                        sec-ch-ua-mobile: ?0
                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                        sec-ch-ua-platform: "Windows"
                        accept: */*
                        sec-fetch-site: cross-site
                        sec-fetch-mode: no-cors
                        sec-fetch-dest: script
                        referer: https://exactdispensing.com/
                        accept-encoding: gzip, deflate, br
                        accept-language: en-US,en;q=0.9
                        Response
                        HTTP/2.0 404
                        content-type: text/html; charset=UTF-8
                        content-length: 2542
                        x-ua-compatible: IE=edge,chrome=1
                        status: 404 Not Found
                        content-encoding: gzip
                        cache-control: max-age=300
                        expires: Thu, 23 Nov 2023 19:19:56 GMT
                        date: Thu, 23 Nov 2023 19:14:56 GMT
                        vary: Accept-Encoding
                        set-cookie: _mcid=1.b67be7dee42e3236b6f2691265ea2093.dda89776260740fc453023457fe28c2b0a61d2a30dc232423806be04c190cb82; expires=Fri, 22-Nov-2024 19:14:55 GMT; Max-Age=31536000; path=/
                        set-cookie: _mc_anon_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
                        set-cookie: _abck=656E47F47DB3EE56F06A44AF9C8BF26B~-1~YAAQT8MTAtfTtdyLAQAAxE+b/QrfuQRFlNQaR0SEgwaEQJTIjBJyy6JtuOWZ1+88j7WusTB9MJyRhx9GcHZ3Aa2l0eraLKRHv0YF9O3ey82O4uVgYGq1UDuqpjKL4c95tKEt6dn5MINU4b7HAZZm7cn9yrV6gXzhaNA2jI3qoRavYZxeo8jalNIN21p/48UV02jvgI9XB2cQYlWs7u5Aa+n7OJ+NfKBj/f9zI7GGL3LdtFXkcUUC+QmfWQZYnkARF9CaMxVBAJKgWamHJvDehThCrnuKG1jkdLo8DjrsC00xu8xUujtrnrdsevHA584OT/x2l6/XTmvG+YK8a3LkLYUNlWpF+Mp3BgKRd8t+eVsY5iMoHqfEujgNQfigyshRCg==~-1~-1~-1; Domain=.list-manage.com; Path=/; Expires=Fri, 22 Nov 2024 19:14:56 GMT; Max-Age=31536000; SameSite=None; Secure
                        set-cookie: ak_bmsc=2B315BAC440DDDB601B1120BC9487EBD~000000000000000000000000000000~YAAQT8MTAtjTtdyLAQAAxE+b/RVl1NN/f6R/jCHAnaKNdxzTfQBHVyy5A3vcTT5xNCFmU2PofLNfC5ljm4MUbTp5nTd9tnaqeDCmgSki0HGgMFLYsMJIBMa4nunXv2BAv/uUzkYls8EFh1loPWHuzsfVz/HXFjaKPAWY4U56LtFyFDA5lw5DpUPDG1eUVxyCOMbUn21zu+ZAElAHjXrNem9UWluBF+WxzFYbvLPfML2K9jbE7Kgxn8zIX6lxn7s9cveYuUIrMQVJjBCH57ClgZwTff+/QrcHNvLbCIq/KXT/n7OogYOMIsFefYyHwEiXg7yI0eZfxd26J9P9KdosH3+b15I2M3NMdQQ38eWJ5X+Z0ZqP6keS/CdANN628gBS1Mfdqmrgqedb+aMMqLWm/Zhx; Domain=.us8.list-manage.com; Path=/; Expires=Thu, 23 Nov 2023 21:14:55 GMT; Max-Age=7199; SameSite=None; Secure; HttpOnly
                        set-cookie: bm_sz=2FAFDCBFEC6015261A8F8F521C51CBEC~YAAQT8MTAtnTtdyLAQAAxE+b/RWn5dKGqsSABAYQQ2h+eVsPSV0o0co/Ukb9w5PnLjcFqCFW65gzUhvviScUp19y4KREEu8hyJNIjAFuwT/fM3KDMT1yOgmIYifSUWwM8DpCTj/EVYYJMkcJFN7nQMlT0Sc0FJhceUCv4968xSDoKUZ0IBQ9552gVv4K+jP8Oa4g1UhI7XP3UlocF2sS2IfcggbmtJ0AGJ/tU8j1pNgF2svid5DvxzJrz3vo1AU4WtjSfn7sOMFy8DPYdCS1UvQ0axSDPjpiFS/dvgJY7vM6WJbPsQpW/Q==~3290416~3619123; Domain=.list-manage.com; Path=/; Expires=Thu, 23 Nov 2023 23:14:55 GMT; Max-Age=14399; SameSite=None; Secure
                      • flag-us
                        DNS
                        translate.googleapis.com
                        chrome.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        translate.googleapis.com
                        IN A
                        Response
                        translate.googleapis.com
                        IN A
                        142.250.179.202
                      • flag-nl
                        GET
                        https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.WQcNaLE5HdU.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpIMVYhcGUPSgSlTRwRM_HDN9Gnng/m=el_main
                        chrome.exe
                        Remote address:
                        142.250.179.202:443
                        Request
                        GET /_/translate_http/_/js/k=translate_http.tr.en_US.WQcNaLE5HdU.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpIMVYhcGUPSgSlTRwRM_HDN9Gnng/m=el_main HTTP/2.0
                        host: translate.googleapis.com
                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                        sec-ch-ua-mobile: ?0
                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                        sec-ch-ua-platform: "Windows"
                        accept: */*
                        sec-fetch-site: cross-site
                        sec-fetch-mode: no-cors
                        sec-fetch-dest: script
                        referer: https://exactdispensing.com/
                        accept-encoding: gzip, deflate, br
                        accept-language: en-US,en;q=0.9
                      • flag-nl
                        GET
                        https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=en-US&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
                        chrome.exe
                        Remote address:
                        142.250.179.202:443
                        Request
                        GET /v1/supportedLanguages?client=te&display_language=en-US&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/2.0
                        host: translate-pa.googleapis.com
                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                        sec-ch-ua-mobile: ?0
                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                        sec-ch-ua-platform: "Windows"
                        accept: */*
                        sec-fetch-site: cross-site
                        sec-fetch-mode: no-cors
                        sec-fetch-dest: script
                        accept-encoding: gzip, deflate, br
                        accept-language: en-US,en;q=0.9
                      • flag-us
                        DNS
                        stats.g.doubleclick.net
                        chrome.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        stats.g.doubleclick.net
                        IN A
                        Response
                        stats.g.doubleclick.net
                        IN A
                        142.250.102.154
                        stats.g.doubleclick.net
                        IN A
                        142.250.102.155
                        stats.g.doubleclick.net
                        IN A
                        142.250.102.157
                        stats.g.doubleclick.net
                        IN A
                        142.250.102.156
                      • flag-us
                        DNS
                        243.122.137.174.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        243.122.137.174.in-addr.arpa
                        IN PTR
                        Response
                        243.122.137.174.in-addr.arpa
                        IN PTR
                        adtracksom1marchexcom
                      • flag-us
                        DNS
                        233.38.18.104.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        233.38.18.104.in-addr.arpa
                        IN PTR
                        Response
                      • flag-us
                        DNS
                        206.179.250.142.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        206.179.250.142.in-addr.arpa
                        IN PTR
                        Response
                        206.179.250.142.in-addr.arpa
                        IN PTR
                        ams15s42-in-f141e100net
                      • flag-us
                        DNS
                        200.179.250.142.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        200.179.250.142.in-addr.arpa
                        IN PTR
                        Response
                        200.179.250.142.in-addr.arpa
                        IN PTR
                        ams15s42-in-f81e100net
                      • flag-us
                        DNS
                        55.60.222.23.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        55.60.222.23.in-addr.arpa
                        IN PTR
                        Response
                        55.60.222.23.in-addr.arpa
                        IN PTR
                        a23-222-60-55deploystaticakamaitechnologiescom
                      • flag-us
                        DNS
                        206.23.217.172.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        206.23.217.172.in-addr.arpa
                        IN PTR
                        Response
                        206.23.217.172.in-addr.arpa
                        IN PTR
                        prg03s05-in-f2061e100net
                        206.23.217.172.in-addr.arpa
                        IN PTR
                        ams16s37-in-f14�J
                        206.23.217.172.in-addr.arpa
                        IN PTR
                        prg03s05-in-f14�J
                      • flag-us
                        DNS
                        202.179.250.142.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        202.179.250.142.in-addr.arpa
                        IN PTR
                        Response
                        202.179.250.142.in-addr.arpa
                        IN PTR
                        ams15s42-in-f101e100net
                      • flag-nl
                        POST
                        https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-9023196-2&cid=912318329.1700766895&jid=1246396637&gjid=2056505792&_gid=2124021223.1700766895&_u=IEBAAEAAAAAAACAAI~&z=1894526592
                        chrome.exe
                        Remote address:
                        142.250.102.154:443
                        Request
                        POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-9023196-2&cid=912318329.1700766895&jid=1246396637&gjid=2056505792&_gid=2124021223.1700766895&_u=IEBAAEAAAAAAACAAI~&z=1894526592 HTTP/2.0
                        host: stats.g.doubleclick.net
                        content-length: 0
                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                        sec-ch-ua-platform: "Windows"
                        sec-ch-ua-mobile: ?0
                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                        content-type: text/plain
                        accept: */*
                        origin: https://exactdispensing.com
                        sec-fetch-site: cross-site
                        sec-fetch-mode: cors
                        sec-fetch-dest: empty
                        referer: https://exactdispensing.com/
                        accept-encoding: gzip, deflate, br
                        accept-language: en-US,en;q=0.9
                      • flag-us
                        DNS
                        maps.googleapis.com
                        chrome.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        maps.googleapis.com
                        IN A
                        Response
                        maps.googleapis.com
                        IN A
                        172.217.23.202
                        maps.googleapis.com
                        IN A
                        216.58.208.106
                        maps.googleapis.com
                        IN A
                        216.58.214.10
                        maps.googleapis.com
                        IN A
                        142.250.179.138
                        maps.googleapis.com
                        IN A
                        142.251.36.42
                        maps.googleapis.com
                        IN A
                        142.250.179.170
                        maps.googleapis.com
                        IN A
                        142.250.179.202
                        maps.googleapis.com
                        IN A
                        142.251.36.10
                        maps.googleapis.com
                        IN A
                        142.251.39.106
                      • flag-us
                        DNS
                        content-autofill.googleapis.com
                        chrome.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        content-autofill.googleapis.com
                        IN A
                        Response
                        content-autofill.googleapis.com
                        IN A
                        172.217.23.202
                        content-autofill.googleapis.com
                        IN A
                        216.58.208.106
                        content-autofill.googleapis.com
                        IN A
                        216.58.214.10
                        content-autofill.googleapis.com
                        IN A
                        142.250.179.138
                        content-autofill.googleapis.com
                        IN A
                        142.251.36.42
                        content-autofill.googleapis.com
                        IN A
                        142.250.179.170
                        content-autofill.googleapis.com
                        IN A
                        142.250.179.202
                        content-autofill.googleapis.com
                        IN A
                        142.251.36.10
                        content-autofill.googleapis.com
                        IN A
                        142.251.39.106
                        content-autofill.googleapis.com
                        IN A
                        172.217.168.202
                      • flag-us
                        DNS
                        154.102.250.142.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        154.102.250.142.in-addr.arpa
                        IN PTR
                        Response
                        154.102.250.142.in-addr.arpa
                        IN PTR
                        rb-in-f1541e100net
                      • flag-us
                        DNS
                        translate-pa.googleapis.com
                        chrome.exe
                        Remote address:
                        8.8.8.8:53
                        Request
                        translate-pa.googleapis.com
                        IN A
                        Response
                        translate-pa.googleapis.com
                        IN A
                        216.58.214.10
                        translate-pa.googleapis.com
                        IN A
                        142.250.179.138
                        translate-pa.googleapis.com
                        IN A
                        142.251.36.42
                        translate-pa.googleapis.com
                        IN A
                        172.217.168.234
                        translate-pa.googleapis.com
                        IN A
                        142.250.179.170
                        translate-pa.googleapis.com
                        IN A
                        142.250.179.202
                        translate-pa.googleapis.com
                        IN A
                        142.251.36.10
                        translate-pa.googleapis.com
                        IN A
                        142.251.39.106
                        translate-pa.googleapis.com
                        IN A
                        172.217.168.202
                        translate-pa.googleapis.com
                        IN A
                        172.217.23.202
                      • flag-us
                        DNS
                        20.160.190.20.in-addr.arpa
                        Remote address:
                        8.8.8.8:53
                        Request
                        20.160.190.20.in-addr.arpa
                        IN PTR
                        Response
                      • 15.197.142.173:80
                        http://www.exact-dispensing.com/
                        http
                        chrome.exe
                        623 B
                         491 B
                         4
                        3

                        HTTP Request

                        GET http://www.exact-dispensing.com/

                        HTTP Response

                        301
                      • 15.197.142.173:80
                        www.exact-dispensing.com
                        chrome.exe
                        98 B
                         52 B
                         2
                        1
                      • 3.138.49.65:443
                        exactdispensing.com
                        tls
                        chrome.exe
                        22.4kB
                         426.1kB
                         186
                        323
                      • 3.138.49.65:443
                        exactdispensing.com
                        tls
                        chrome.exe
                        16.9kB
                         293.7kB
                         134
                        226
                      • 88.221.25.169:80
                        http://apps.identrust.com/roots/dstrootcax3.p7c
                        http
                        chrome.exe
                        376 B
                         1.6kB
                         5
                        5

                        HTTP Request

                        GET http://apps.identrust.com/roots/dstrootcax3.p7c

                        HTTP Response

                        200
                      • 3.138.49.65:443
                        exactdispensing.com
                        tls
                        chrome.exe
                        16.7kB
                         288.3kB
                         127
                        221
                      • 3.138.49.65:443
                        exactdispensing.com
                        tls
                        chrome.exe
                        16.3kB
                         354.4kB
                         151
                        267
                      • 3.138.49.65:443
                        exactdispensing.com
                        tls
                        chrome.exe
                        16.6kB
                         297.0kB
                         134
                        228
                      • 3.138.49.65:443
                        exactdispensing.com
                        tls
                        chrome.exe
                        17.2kB
                         354.9kB
                         153
                        270
                      • 18.239.94.48:443
                        https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
                        tls, http
                        chrome.exe
                        2.7kB
                         77.9kB
                         34
                        60

                        HTTP Request

                        GET https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js

                        HTTP Response

                        200
                      • 51.11.20.152:443
                        secure.left5lock.com
                        tls
                        chrome.exe
                        1.8kB
                         19.2kB
                         13
                        20
                      • 174.137.122.243:443
                        adtrack.voicestar.com
                        tls
                        chrome.exe
                        2.6kB
                         17.3kB
                         16
                        22
                      • 142.250.179.206:443
                        https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
                        tls, http2
                        chrome.exe
                        2.2kB
                         42.4kB
                         24
                        37

                        HTTP Request

                        GET https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
                      • 142.250.179.206:443
                        https://maps.google.com/maps/api/js?key=AIzaSyChDwTOkcdxuh2NNjEAMxgY4nrcefK842M
                        tls, http2
                        chrome.exe
                        2.8kB
                         73.3kB
                         36
                        60

                        HTTP Request

                        GET https://maps.google.com/maps/api/js?key=AIzaSyChDwTOkcdxuh2NNjEAMxgY4nrcefK842M
                      • 23.222.60.55:443
                        https://mc.us8.list-manage.com/subscribe/form-settings?u=29111181aa8a9c414cc980ec9&id=89a1462b5b&f_id=undefined&u=29111181aa8a9c414cc980ec9&id=89a1462b5b&c=dojo_request_script_callbacks.dojo_request_script0
                        tls, http2
                        chrome.exe
                        1.9kB
                         10.0kB
                         15
                        21

                        HTTP Request

                        GET https://mc.us8.list-manage.com/subscribe/form-settings?u=29111181aa8a9c414cc980ec9&id=89a1462b5b&f_id=undefined&u=29111181aa8a9c414cc980ec9&id=89a1462b5b&c=dojo_request_script_callbacks.dojo_request_script0

                        HTTP Response

                        404
                      • 142.250.179.202:443
                        https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=en-US&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
                        tls, http2
                        chrome.exe
                        4.0kB
                         96.4kB
                         56
                        80

                        HTTP Request

                        GET https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.WQcNaLE5HdU.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpIMVYhcGUPSgSlTRwRM_HDN9Gnng/m=el_main

                        HTTP Request

                        GET https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=en-US&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
                      • 142.250.102.154:443
                        https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-9023196-2&cid=912318329.1700766895&jid=1246396637&gjid=2056505792&_gid=2124021223.1700766895&_u=IEBAAEAAAAAAACAAI~&z=1894526592
                        tls, http2
                        chrome.exe
                        1.9kB
                         6.7kB
                         14
                        14

                        HTTP Request

                        POST https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-9023196-2&cid=912318329.1700766895&jid=1246396637&gjid=2056505792&_gid=2124021223.1700766895&_u=IEBAAEAAAAAAACAAI~&z=1894526592
                      • 3.138.49.65:443
                        exactdispensing.com
                        tls
                        chrome.exe
                        1.8kB
                         1.1kB
                         7
                        7
                      • 8.8.8.8:53
                        208.194.73.20.in-addr.arpa
                        dns
                        72 B
                         158 B
                         1
                        1

                        DNS Request

                        208.194.73.20.in-addr.arpa

                      • 8.8.8.8:53
                        www.exact-dispensing.com
                        dns
                        chrome.exe
                        70 B
                         116 B
                         1
                        1

                        DNS Request

                        www.exact-dispensing.com

                        DNS Response

                        15.197.142.173
                        3.33.152.147

                      • 8.8.8.8:53
                        193.78.101.95.in-addr.arpa
                        dns
                        72 B
                         137 B
                         1
                        1

                        DNS Request

                        193.78.101.95.in-addr.arpa

                      • 8.8.8.8:53
                        exactdispensing.com
                        dns
                        chrome.exe
                        65 B
                         81 B
                         1
                        1

                        DNS Request

                        exactdispensing.com

                        DNS Response

                        3.138.49.65

                      • 8.8.8.8:53
                        apps.identrust.com
                        dns
                        chrome.exe
                        64 B
                         165 B
                         1
                        1

                        DNS Request

                        apps.identrust.com

                        DNS Response

                        88.221.25.169
                        88.221.25.153

                      • 8.8.8.8:53
                        202.23.217.172.in-addr.arpa
                        dns
                        73 B
                         173 B
                         1
                        1

                        DNS Request

                        202.23.217.172.in-addr.arpa

                      • 8.8.8.8:53
                        173.142.197.15.in-addr.arpa
                        dns
                        73 B
                         129 B
                         1
                        1

                        DNS Request

                        173.142.197.15.in-addr.arpa

                      • 8.8.8.8:53
                        68.159.190.20.in-addr.arpa
                        dns
                        72 B
                         158 B
                         1
                        1

                        DNS Request

                        68.159.190.20.in-addr.arpa

                      • 8.8.8.8:53
                        65.49.138.3.in-addr.arpa
                        dns
                        70 B
                         131 B
                         1
                        1

                        DNS Request

                        65.49.138.3.in-addr.arpa

                      • 8.8.8.8:53
                        95.221.229.192.in-addr.arpa
                        dns
                        73 B
                         144 B
                         1
                        1

                        DNS Request

                        95.221.229.192.in-addr.arpa

                      • 8.8.8.8:53
                        169.25.221.88.in-addr.arpa
                        dns
                        72 B
                         137 B
                         1
                        1

                        DNS Request

                        169.25.221.88.in-addr.arpa

                      • 8.8.8.8:53
                        maps.google.com
                        dns
                        chrome.exe
                        61 B
                         77 B
                         1
                        1

                        DNS Request

                        maps.google.com

                        DNS Response

                        142.250.179.206

                      • 8.8.8.8:53
                        translate.google.com
                        dns
                        chrome.exe
                        66 B
                         103 B
                         1
                        1

                        DNS Request

                        translate.google.com

                        DNS Response

                        142.250.179.206

                      • 8.8.8.8:53
                        downloads.mailchimp.com
                        dns
                        chrome.exe
                        69 B
                         174 B
                         1
                        1

                        DNS Request

                        downloads.mailchimp.com

                        DNS Response

                        18.239.94.48
                        18.239.94.107
                        18.239.94.76
                        18.239.94.86

                      • 8.8.8.8:53
                        106.208.58.216.in-addr.arpa
                        dns
                        73 B
                         143 B
                         1
                        1

                        DNS Request

                        106.208.58.216.in-addr.arpa

                      • 8.8.8.8:53
                        48.94.239.18.in-addr.arpa
                        dns
                        71 B
                         126 B
                         1
                        1

                        DNS Request

                        48.94.239.18.in-addr.arpa

                      • 8.8.8.8:53
                        131.179.250.142.in-addr.arpa
                        dns
                        74 B
                         112 B
                         1
                        1

                        DNS Request

                        131.179.250.142.in-addr.arpa

                      • 8.8.8.8:53
                        secure.left5lock.com
                        dns
                        chrome.exe
                        66 B
                         176 B
                         1
                        1

                        DNS Request

                        secure.left5lock.com

                        DNS Response

                        51.11.20.152

                      • 8.8.8.8:53
                        adtrack.voicestar.com
                        dns
                        chrome.exe
                        67 B
                         83 B
                         1
                        1

                        DNS Request

                        adtrack.voicestar.com

                        DNS Response

                        174.137.122.243

                      • 8.8.8.8:53
                        15.39.65.18.in-addr.arpa
                        dns
                        70 B
                         124 B
                         1
                        1

                        DNS Request

                        15.39.65.18.in-addr.arpa

                      • 8.8.8.8:53
                        152.20.11.51.in-addr.arpa
                        dns
                        71 B
                         157 B
                         1
                        1

                        DNS Request

                        152.20.11.51.in-addr.arpa

                      • 8.8.8.8:53
                        mc.us8.list-manage.com
                        dns
                        chrome.exe
                        68 B
                         163 B
                         1
                        1

                        DNS Request

                        mc.us8.list-manage.com

                        DNS Response

                        23.222.60.55

                      • 8.8.8.8:53
                        translate.googleapis.com
                        dns
                        chrome.exe
                        70 B
                         86 B
                         1
                        1

                        DNS Request

                        translate.googleapis.com

                        DNS Response

                        142.250.179.202

                      • 8.8.8.8:53
                        stats.g.doubleclick.net
                        dns
                        chrome.exe
                        69 B
                         133 B
                         1
                        1

                        DNS Request

                        stats.g.doubleclick.net

                        DNS Response

                        142.250.102.154
                        142.250.102.155
                        142.250.102.157
                        142.250.102.156

                      • 8.8.8.8:53
                        243.122.137.174.in-addr.arpa
                        dns
                        74 B
                         112 B
                         1
                        1

                        DNS Request

                        243.122.137.174.in-addr.arpa

                      • 8.8.8.8:53
                        233.38.18.104.in-addr.arpa
                        dns
                        72 B
                         134 B
                         1
                        1

                        DNS Request

                        233.38.18.104.in-addr.arpa

                      • 8.8.8.8:53
                        206.179.250.142.in-addr.arpa
                        dns
                        74 B
                         113 B
                         1
                        1

                        DNS Request

                        206.179.250.142.in-addr.arpa

                      • 8.8.8.8:53
                        200.179.250.142.in-addr.arpa
                        dns
                        74 B
                         112 B
                         1
                        1

                        DNS Request

                        200.179.250.142.in-addr.arpa

                      • 8.8.8.8:53
                        55.60.222.23.in-addr.arpa
                        dns
                        71 B
                         135 B
                         1
                        1

                        DNS Request

                        55.60.222.23.in-addr.arpa

                      • 8.8.8.8:53
                        206.23.217.172.in-addr.arpa
                        dns
                        73 B
                         173 B
                         1
                        1

                        DNS Request

                        206.23.217.172.in-addr.arpa

                      • 8.8.8.8:53
                        202.179.250.142.in-addr.arpa
                        dns
                        74 B
                         113 B
                         1
                        1

                        DNS Request

                        202.179.250.142.in-addr.arpa

                      • 8.8.8.8:53
                        maps.googleapis.com
                        dns
                        chrome.exe
                        65 B
                         209 B
                         1
                        1

                        DNS Request

                        maps.googleapis.com

                        DNS Response

                        172.217.23.202
                        216.58.208.106
                        216.58.214.10
                        142.250.179.138
                        142.251.36.42
                        142.250.179.170
                        142.250.179.202
                        142.251.36.10
                        142.251.39.106

                      • 8.8.8.8:53
                        content-autofill.googleapis.com
                        dns
                        chrome.exe
                        77 B
                         237 B
                         1
                        1

                        DNS Request

                        content-autofill.googleapis.com

                        DNS Response

                        172.217.23.202
                        216.58.208.106
                        216.58.214.10
                        142.250.179.138
                        142.251.36.42
                        142.250.179.170
                        142.250.179.202
                        142.251.36.10
                        142.251.39.106
                        172.217.168.202

                      • 8.8.8.8:53
                        154.102.250.142.in-addr.arpa
                        dns
                        74 B
                         108 B
                         1
                        1

                        DNS Request

                        154.102.250.142.in-addr.arpa

                      • 8.8.8.8:53
                        translate-pa.googleapis.com
                        dns
                        chrome.exe
                        73 B
                         233 B
                         1
                        1

                        DNS Request

                        translate-pa.googleapis.com

                        DNS Response

                        216.58.214.10
                        142.250.179.138
                        142.251.36.42
                        172.217.168.234
                        142.250.179.170
                        142.250.179.202
                        142.251.36.10
                        142.251.39.106
                        172.217.168.202
                        172.217.23.202

                      • 142.250.179.206:443
                        translate.google.com
                        https
                        chrome.exe
                        6.4kB
                         124.9kB
                         56
                        104
                      • 224.0.0.251:5353
                        chrome.exe
                        204 B
                         3
                      • 142.250.179.202:443
                        translate-pa.googleapis.com
                        https
                        chrome.exe
                        4.0kB
                         7.5kB
                         10
                        14
                      • 8.8.8.8:53
                        20.160.190.20.in-addr.arpa
                        dns
                        72 B
                         158 B
                         1
                        1

                        DNS Request

                        20.160.190.20.in-addr.arpa

                      MITRE ATT&CK Enterprise v15

                      Replay Monitor

                      Loading Replay Monitor...

                      Downloads

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                        Filesize

                        1KB

                        MD5

                        e5c3eb94b195a23c548d544dc2c1791d

                        SHA1

                        5e9d18af5d1c1306929fb1850f06581cd5a85082

                        SHA256

                        259d7f53d980da7db1db04ca93844af4700e6db5ec795fde4c608503a2a3f3c2

                        SHA512

                        501a0be592f8e64f1a9affa90f6170f19dceaed6b4b406bc9f0bdf664ea0bcee1c5dde7591545c77164d737c063e9933f0e91c6bbe026b3e9f10061bc3b22a5a

                        Download Submit

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                        Filesize

                        6KB

                        MD5

                        95e1cb071db9a5522cf90b16c2b696a7

                        SHA1

                        ca37db0eedd80e90172878cffec3b5bc029558e3

                        SHA256

                        dbf8f6b409e3dde501102b65c2b233029890cec4245619232f17858703b7a18f

                        SHA512

                        5c72150b1502c4690c6a6c96f62876142e915109177cdf33a8f314775ddc40c7384e51dbd8c3f8604c7155af3115fdfd7b2c576468b9eae544f4c1613a8c52f4

                        Download Submit

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                        Filesize

                        109KB

                        MD5

                        1a17efae4f3a656696f2ffed4a0da616

                        SHA1

                        b44203eae479d16c083f3c3178d3d4e80a1f6c6a

                        SHA256

                        7156e8113ac20e38fbf54264f77b1954fa36f9d8ac00284fd08324509c736261

                        SHA512

                        9af444a7993d0eab3df51a6bc3c751467a99c0a1f0402a91f2af5961a1e565fbcf3c94b14e47f83b8a6f2e01d48122cb2f62db291297ec26f7e9eb03e4bad36c

                        Download Submit

                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
                        Filesize

                        2B

                        MD5

                        99914b932bd37a50b983c5e7c90ae93b

                        SHA1

                        bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                        SHA256

                        44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                        SHA512

                        27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                        Download Submit

                      We care about your privacy.

                      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.