hxxp://app[.]connect[.]awspls[.]com/e/er?s=893759278&lid=110677&elqTra

Analysis

max time kernel
145s
max time network
151s
platform
windows11-21h2_x64
resource
win11-20240214-en
resource tags

arch:x64arch:x86image:win11-20240214-enlocale:en-usos:windows11-21h2-x64system
submitted
25/03/2024, 11:31 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://app.connect.awspls.com/e/er?s=893759278&lid=110677&elqTra

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
4668	msedge.exe
4668	msedge.exe
4616	msedge.exe
4616	msedge.exe
3476	identity_helper.exe
3476	identity_helper.exe
1580	msedge.exe
1580	msedge.exe
860	msedge.exe
860	msedge.exe
860	msedge.exe
860	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs

pid	Process
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe

Suspicious use of SendNotifyMessage 12 IoCs

pid	Process
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe
4616	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4616 wrote to memory of 3968	4616	msedge.exe	77
PID 4616 wrote to memory of 3968	4616	msedge.exe	77
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 1120	4616	msedge.exe	78
PID 4616 wrote to memory of 4668	4616	msedge.exe	79
PID 4616 wrote to memory of 4668	4616	msedge.exe	79
PID 4616 wrote to memory of 3896	4616	msedge.exe	80
PID 4616 wrote to memory of 3896	4616	msedge.exe	80
PID 4616 wrote to memory of 3896	4616	msedge.exe	80
PID 4616 wrote to memory of 3896	4616	msedge.exe	80
PID 4616 wrote to memory of 3896	4616	msedge.exe	80
PID 4616 wrote to memory of 3896	4616	msedge.exe	80
PID 4616 wrote to memory of 3896	4616	msedge.exe	80
PID 4616 wrote to memory of 3896	4616	msedge.exe	80
PID 4616 wrote to memory of 3896	4616	msedge.exe	80
PID 4616 wrote to memory of 3896	4616	msedge.exe	80
PID 4616 wrote to memory of 3896	4616	msedge.exe	80
PID 4616 wrote to memory of 3896	4616	msedge.exe	80
PID 4616 wrote to memory of 3896	4616	msedge.exe	80
PID 4616 wrote to memory of 3896	4616	msedge.exe	80
PID 4616 wrote to memory of 3896	4616	msedge.exe	80
PID 4616 wrote to memory of 3896	4616	msedge.exe	80
PID 4616 wrote to memory of 3896	4616	msedge.exe	80
PID 4616 wrote to memory of 3896	4616	msedge.exe	80
PID 4616 wrote to memory of 3896	4616	msedge.exe	80
PID 4616 wrote to memory of 3896	4616	msedge.exe	80

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://app.connect.awspls.com/e/er?s=893759278&lid=110677&elqTra
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4616
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xe4,0x10c,0x7ffd2eec3cb8,0x7ffd2eec3cc8,0x7ffd2eec3cd8
  2⤵
  PID:3968
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1928,18304842760454649801,12525754802264473554,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1924 /prefetch:2
  2⤵
  PID:1120
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1928,18304842760454649801,12525754802264473554,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2380 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1928,18304842760454649801,12525754802264473554,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2620 /prefetch:8
  2⤵
  PID:3896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18304842760454649801,12525754802264473554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:2240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18304842760454649801,12525754802264473554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
  2⤵
  PID:716
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18304842760454649801,12525754802264473554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5036 /prefetch:1
  2⤵
  PID:772
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18304842760454649801,12525754802264473554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4780 /prefetch:1
  2⤵
  PID:1572
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18304842760454649801,12525754802264473554,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
  2⤵
  PID:5028
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18304842760454649801,12525754802264473554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4076 /prefetch:1
  2⤵
  PID:5020
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18304842760454649801,12525754802264473554,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1
  2⤵
  PID:4004
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1928,18304842760454649801,12525754802264473554,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5472 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3476
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1928,18304842760454649801,12525754802264473554,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5252 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1580
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18304842760454649801,12525754802264473554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2748 /prefetch:1
  2⤵
  PID:3700
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18304842760454649801,12525754802264473554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6072 /prefetch:1
  2⤵
  PID:656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18304842760454649801,12525754802264473554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6312 /prefetch:1
  2⤵
  PID:484
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1928,18304842760454649801,12525754802264473554,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6516 /prefetch:1
  2⤵
  PID:1292
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1928,18304842760454649801,12525754802264473554,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5928 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:860

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2056

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4568

Network

DNS

app.connect.awspls.com

msedge.exe

Remote address:

8.8.8.8:53

Request

app.connect.awspls.com

IN A

Response

app.connect.awspls.com

IN CNAME

s893759278.t.en25.com

s893759278.t.en25.com

IN CNAME

p04f.t.en25.com

p04f.t.en25.com

IN A

147.154.47.72
DNS

ctldl.windowsupdate.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ctldl.windowsupdate.com

IN A

Response

ctldl.windowsupdate.com

IN CNAME

wu-bg-shim.trafficmanager.net

wu-bg-shim.trafficmanager.net

IN CNAME

download.windowsupdate.com.edgesuite.net

download.windowsupdate.com.edgesuite.net

IN CNAME

a767.dspw65.akamai.net

a767.dspw65.akamai.net

IN A

95.101.78.152

a767.dspw65.akamai.net

IN A

95.101.78.193
DNS

14.160.190.20.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

14.160.190.20.in-addr.arpa

IN PTR

Response
DNS

x.ss2.us

msedge.exe

Remote address:

8.8.8.8:53

Request

x.ss2.us

IN A

Response

x.ss2.us

IN A

3.161.82.85

x.ss2.us

IN A

3.161.82.37

x.ss2.us

IN A

3.161.82.59

x.ss2.us

IN A

3.161.82.119
DNS

85.82.161.3.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

85.82.161.3.in-addr.arpa

IN PTR

Response

85.82.161.3.in-addr.arpa

IN PTR

server-3-161-82-85fra56r cloudfrontnet
DNS

18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com

msedge.exe

Remote address:

8.8.8.8:53

Request

18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com

IN A

Response

18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com

IN A

143.204.215.71

18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com

IN A

143.204.215.64

18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com

IN A

143.204.215.50

18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com

IN A

143.204.215.124
DNS

71.215.204.143.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

71.215.204.143.in-addr.arpa

IN PTR

Response

71.215.204.143.in-addr.arpa

IN PTR

server-143-204-215-71fra53r cloudfrontnet
DNS

71.215.204.143.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

71.215.204.143.in-addr.arpa

IN PTR
GET

http://app.connect.awspls.com/e/er?s=893759278&lid=110677&elqTra

msedge.exe

Remote address:

147.154.47.72:80

Request

GET /e/er?s=893759278&lid=110677&elqTra HTTP/1.1
Host: app.connect.awspls.com
Connection: keep-alive
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Cache-Control: no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Location: https://s893759278.t.eloqua.com/e/er?s=893759278&lid=110677&elqTra
X-Robots-Tag: noindex, nofollow
X-Xss-Protection: 1; mode=block
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
X-Content-Type-Options: nosniff
Date: Mon, 25 Mar 2024 11:31:17 GMT
Content-Length: 191
GET

https://s893759278.t.eloqua.com/e/er?s=893759278&lid=110677&elqTra

msedge.exe

Remote address:

147.154.51.153:443

Request

GET /e/er?s=893759278&lid=110677&elqTra HTTP/1.1
Host: s893759278.t.eloqua.com
Connection: keep-alive
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Cache-Control: no-store
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Location: https://www.ssonetwork.com/finance-accounting/reports/intercompany?registerModal=true&elqTra
X-Robots-Tag: noindex, nofollow
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Set-Cookie: ELOQUA=GUID=FDEB62EC49DA4E1794447D3F76E1A233; domain=.eloqua.com; expires=Fri, 25-Apr-2025 11:31:18 GMT; path=/;SameSite=None; secure
Set-Cookie: ELQSTATUS=OK; domain=.eloqua.com; expires=Fri, 25-Apr-2025 11:31:18 GMT; path=/;SameSite=None; secure
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
X-Content-Type-Options: nosniff
Date: Mon, 25 Mar 2024 11:31:17 GMT
Content-Length: 213
GET

https://s893759278.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=893759278&ref=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&ref2=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&tzo=0&ms=21&optin=disabled

msedge.exe

Remote address:

147.154.51.153:443

Request

GET /visitor/v200/svrGP?pps=3&siteid=893759278&ref=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&ref2=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&tzo=0&ms=21&optin=disabled HTTP/1.1
Host: s893759278.t.eloqua.com
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.ssonetwork.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: ELOQUA=GUID=FDEB62EC49DA4E1794447D3F76E1A233; ELQSTATUS=OK

Response

HTTP/1.1 200 OK

Cache-Control: no-store
Pragma: no-cache
Content-Type: image/gif
Expires: -1
X-Robots-Tag: noindex, nofollow
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
X-Content-Type-Options: nosniff
Date: Mon, 25 Mar 2024 11:32:20 GMT
Content-Length: 49
GET

https://www.ssonetwork.com/finance-accounting/reports/intercompany?registerModal=true&elqTra

msedge.exe

Remote address:

15.197.145.235:443

Request

GET /finance-accounting/reports/intercompany?registerModal=true&elqTra HTTP/2.0
host: www.ssonetwork.com
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 405

server: awselb/2.0
date: Mon, 25 Mar 2024 11:31:19 GMT
content-length: 2503
x-amzn-waf-action: captcha
cache-control: no-store, max-age=0
content-type: text/html; charset=UTF-8
GET

https://www.ssonetwork.com/favicon.ico

msedge.exe

Remote address:

15.197.145.235:443

Request

GET /favicon.ico HTTP/2.0
host: www.ssonetwork.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/finance-accounting/reports/intercompany?registerModal=true&elqTra
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 405

server: awselb/2.0
date: Mon, 25 Mar 2024 11:31:21 GMT
content-length: 2503
x-amzn-waf-action: captcha
cache-control: no-store, max-age=0
content-type: text/html; charset=UTF-8
GET

https://www.ssonetwork.com/finance-accounting/reports/intercompany?registerModal=true&elqTra

msedge.exe

Remote address:

15.197.145.235:443

Request

GET /finance-accounting/reports/intercompany?registerModal=true&elqTra HTTP/2.0
host: www.ssonetwork.com
cache-control: max-age=0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://www.ssonetwork.com/finance-accounting/reports/intercompany?registerModal=true&elqTra
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: aws-waf-token=6262b6c1-c4fc-4899-9403-2d612eba42fb:EQoArPxQu+QBAAAA:aOWkkTGCCYYhIHwkQ/WN85VGd9weEntvjQMKxKE/z0sVpWIawlrBCIr4cXMM+Tj3Lil/YN32/z2qZCkt+/yXW2pcEeM/xpOtjG+7ighCz70KgFUAOdOELJcKwSMRpUxkQtrMa0yTZeti6d39MUVx7ebx7eTw5pcJruuw6j4XTkV9gs9fLkVQmQjpL2SOoRaxAqpF3LZiTqa0TMYV6+YS4avwzLFT6GGkJNG7imFETfHl5iKGLBEJQEXIY9JX56blzQURUYd/s91a

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:16 GMT
content-type: text/html; charset=UTF-8
set-cookie: AWSALB=0TzqylgLn3mYV4diuRRbYs/FBSInQgFmkVG+IX0yhof72c1xkwn+2yisLuaqp48X3hWPkeKMhZI+QbsUrnTn48v1nJ1l0urDJulltGUkI7gtgpKCDVXyUi+mGr/y; Expires=Mon, 01 Apr 2024 11:32:16 GMT; Path=/
set-cookie: AWSALBCORS=0TzqylgLn3mYV4diuRRbYs/FBSInQgFmkVG+IX0yhof72c1xkwn+2yisLuaqp48X3hWPkeKMhZI+QbsUrnTn48v1nJ1l0urDJulltGUkI7gtgpKCDVXyUi+mGr/y; Expires=Mon, 01 Apr 2024 11:32:16 GMT; Path=/; SameSite=None; Secure
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=*, encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), web-share=(self), xr-spatial-tracking=(self)
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-security-policy:
set-cookie: XSRF-TOKEN=eyJpdiI6Ik54MDZocWxrQkxnUHBlWStxUEx5TWc9PSIsInZhbHVlIjoienZuTGdtcU56TmJUcUZjanBOUEJLR3F1QjlSUEtiWVErYjM0eUk1Tjg5V3RMaGZzZ1NoSEdWV252TVN0dm1vcHRaQ2E5eDlVRWQ5TWVWL3NUdTd4d1Q1bDk4RHc2MzZPOTdkR1VUaUR2QkpBandLMi8zbmp4RWVLVmV4d0kwdFgiLCJtYWMiOiJjNTRhOTJlZDcyNWMyOTY1ZTk3YWNlMzI3ODE2ZTBkNjYxNTgxYjdhZDFiNjNhYmUyZjhmYzVjNmU1N2M2NDYyIiwidGFnIjoiIn0%3D; expires=Tue, 26-Mar-2024 11:32:16 GMT; Max-Age=86400; path=/
set-cookie: ecochannels_eco_app_session=eyJpdiI6IjdvYUZLc1h6bHlKSThRYXU0bTFqT1E9PSIsInZhbHVlIjoiM3c0UEs5T1pUZ283QUNOdWdJbEE5bXRLUUVzbVlCVW91SitZYTdxZG9na2dVQ21NSmNiU3U4TDNCVW1QNi9wOW5maUVuSkdtMlQrUFBZNHNaY0d3WjZXNytGU1E1WDQxbHlKTnV3UjRpT2lseDIrcDl6aGk3VDlidWtQWnk1bjgiLCJtYWMiOiJhYzFkMjRjYzAzMDJkYThiOWFjYzI4Y2FkZWYyZDZkMjIwMjgxYWIzYWIwOTY1YmQyZTQyOGJmMzYyOWI2OGY4IiwidGFnIjoiIn0%3D; expires=Tue, 26-Mar-2024 11:32:16 GMT; Max-Age=86400; path=/; httponly
set-cookie: channel_id=eyJpdiI6InI4MzhPeXBJZ3AyODdMUm9SQXA5NHc9PSIsInZhbHVlIjoiZDUxSmUzMisrZi9zUW1ybVR5aVQzMWNQU2Mwc3FWcjF4eVFTMEI2bURxcExNUU1zTmVZREF0cGxGZTd2cG00OXNDSVh6TTFidEVUNEt6SHJsM1lYMkxnSkdtdjhaZTM3a3ZxdVdBUEgwcVU9IiwibWFjIjoiZGRhOGYwNjMyZDhkNzZjZTM2NmIzMjYzMzM5MWI2MjZjZWYzYTE4MjVmNmQwMjVjMGJmMzZmNTk2YjMxMTkwMSIsInRhZyI6IiJ9; path=/; httponly
set-cookie: event_id=eyJpdiI6InhHclJybnArNEo2WXQxUFR3bTdBVUE9PSIsInZhbHVlIjoiV0N0cU56T1laWUQ3NExWRGp0dGNsdWNEaU83NktoeExXWk16a0lsVm5kRUxMbnFXUVpMbzZoZ2hsbG02QzNiYnNPblMrM0hFNW5lYjdBZDR3aXZZb3c9PSIsIm1hYyI6IjU1YmVhZmQwZTFiZjZhYmMwOTRhMjU1YWM1OWU2ZDY4ZDdiMWY1MTUzZGUyMjhiNGE1OWIxNjJmZjIxMTg3OGQiLCJ0YWciOiIifQ%3D%3D; expires=Wed, 27-Mar-2019 11:32:16 GMT; Max-Age=0; path=/; httponly
set-cookie: client_dashboard=eyJpdiI6IjZXclRPTzFvRkY0U3dOTVVsMkpkaEE9PSIsInZhbHVlIjoic1BLOXovSGIzTTRSTlFNRi94VVk1eFRTNVAwYmt5bEdkMUhVZDA2K0NiaEdWcHNaYk9acEQwMjNjaUx3bVV3NFczN0JQVjhHQ0JGN0pQK3hFeUZnUUE9PSIsIm1hYyI6IjhhMDgxOTQ2YjVjZThhNzNkZTA4ZjEyNjUxMzI5Zjc3MGFiOTEwMjNjMjIwY2QzMDVlODVmMmViNTIxZTA3OWQiLCJ0YWciOiIifQ%3D%3D; expires=Wed, 27-Mar-2019 11:32:16 GMT; Max-Age=0; path=/; httponly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
GET

https://www.ssonetwork.com/css/sson_app_web.css?id=ce30255416aaad4c36b4

msedge.exe

Remote address:

15.197.145.235:443

Request

GET /css/sson_app_web.css?id=ce30255416aaad4c36b4 HTTP/2.0
host: www.ssonetwork.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.ssonetwork.com/finance-accounting/reports/intercompany?registerModal=true&elqTra
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: aws-waf-token=6262b6c1-c4fc-4899-9403-2d612eba42fb:EQoArPxQu+QBAAAA:aOWkkTGCCYYhIHwkQ/WN85VGd9weEntvjQMKxKE/z0sVpWIawlrBCIr4cXMM+Tj3Lil/YN32/z2qZCkt+/yXW2pcEeM/xpOtjG+7ighCz70KgFUAOdOELJcKwSMRpUxkQtrMa0yTZeti6d39MUVx7ebx7eTw5pcJruuw6j4XTkV9gs9fLkVQmQjpL2SOoRaxAqpF3LZiTqa0TMYV6+YS4avwzLFT6GGkJNG7imFETfHl5iKGLBEJQEXIY9JX56blzQURUYd/s91a
cookie: AWSALB=0TzqylgLn3mYV4diuRRbYs/FBSInQgFmkVG+IX0yhof72c1xkwn+2yisLuaqp48X3hWPkeKMhZI+QbsUrnTn48v1nJ1l0urDJulltGUkI7gtgpKCDVXyUi+mGr/y
cookie: AWSALBCORS=0TzqylgLn3mYV4diuRRbYs/FBSInQgFmkVG+IX0yhof72c1xkwn+2yisLuaqp48X3hWPkeKMhZI+QbsUrnTn48v1nJ1l0urDJulltGUkI7gtgpKCDVXyUi+mGr/y
cookie: XSRF-TOKEN=eyJpdiI6Ik54MDZocWxrQkxnUHBlWStxUEx5TWc9PSIsInZhbHVlIjoienZuTGdtcU56TmJUcUZjanBOUEJLR3F1QjlSUEtiWVErYjM0eUk1Tjg5V3RMaGZzZ1NoSEdWV252TVN0dm1vcHRaQ2E5eDlVRWQ5TWVWL3NUdTd4d1Q1bDk4RHc2MzZPOTdkR1VUaUR2QkpBandLMi8zbmp4RWVLVmV4d0kwdFgiLCJtYWMiOiJjNTRhOTJlZDcyNWMyOTY1ZTk3YWNlMzI3ODE2ZTBkNjYxNTgxYjdhZDFiNjNhYmUyZjhmYzVjNmU1N2M2NDYyIiwidGFnIjoiIn0%3D
cookie: ecochannels_eco_app_session=eyJpdiI6IjdvYUZLc1h6bHlKSThRYXU0bTFqT1E9PSIsInZhbHVlIjoiM3c0UEs5T1pUZ283QUNOdWdJbEE5bXRLUUVzbVlCVW91SitZYTdxZG9na2dVQ21NSmNiU3U4TDNCVW1QNi9wOW5maUVuSkdtMlQrUFBZNHNaY0d3WjZXNytGU1E1WDQxbHlKTnV3UjRpT2lseDIrcDl6aGk3VDlidWtQWnk1bjgiLCJtYWMiOiJhYzFkMjRjYzAzMDJkYThiOWFjYzI4Y2FkZWYyZDZkMjIwMjgxYWIzYWIwOTY1YmQyZTQyOGJmMzYyOWI2OGY4IiwidGFnIjoiIn0%3D
cookie: channel_id=eyJpdiI6InI4MzhPeXBJZ3AyODdMUm9SQXA5NHc9PSIsInZhbHVlIjoiZDUxSmUzMisrZi9zUW1ybVR5aVQzMWNQU2Mwc3FWcjF4eVFTMEI2bURxcExNUU1zTmVZREF0cGxGZTd2cG00OXNDSVh6TTFidEVUNEt6SHJsM1lYMkxnSkdtdjhaZTM3a3ZxdVdBUEgwcVU9IiwibWFjIjoiZGRhOGYwNjMyZDhkNzZjZTM2NmIzMjYzMzM5MWI2MjZjZWYzYTE4MjVmNmQwMjVjMGJmMzZmNTk2YjMxMTkwMSIsInRhZyI6IiJ9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:16 GMT
content-type: text/css
set-cookie: AWSALB=QbIiwkNx/okIudm55PVokU9Fyyu9TTyTPvbcIM8Mk+o9p6r4Sbe7V3BvHlxcHW5ro4UujqGo5SZAXAhkLF++9UB+wd0As7PMFEsWNVtDnmwp10zWAnRphZrjAMq+; Expires=Mon, 01 Apr 2024 11:32:16 GMT; Path=/
set-cookie: AWSALBCORS=QbIiwkNx/okIudm55PVokU9Fyyu9TTyTPvbcIM8Mk+o9p6r4Sbe7V3BvHlxcHW5ro4UujqGo5SZAXAhkLF++9UB+wd0As7PMFEsWNVtDnmwp10zWAnRphZrjAMq+; Expires=Mon, 01 Apr 2024 11:32:16 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 22 Mar 2024 16:48:52 GMT
vary: Accept-Encoding
etag: W/"65fdb674-8e9d"
expires: Mon, 01 Apr 2024 11:32:16 GMT
cache-control: max-age=604800
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
GET

https://www.ssonetwork.com/css/app_web.css?id=ee76af947ece7b59937e

msedge.exe

Remote address:

15.197.145.235:443

Request

GET /css/app_web.css?id=ee76af947ece7b59937e HTTP/2.0
host: www.ssonetwork.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.ssonetwork.com/finance-accounting/reports/intercompany?registerModal=true&elqTra
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: aws-waf-token=6262b6c1-c4fc-4899-9403-2d612eba42fb:EQoArPxQu+QBAAAA:aOWkkTGCCYYhIHwkQ/WN85VGd9weEntvjQMKxKE/z0sVpWIawlrBCIr4cXMM+Tj3Lil/YN32/z2qZCkt+/yXW2pcEeM/xpOtjG+7ighCz70KgFUAOdOELJcKwSMRpUxkQtrMa0yTZeti6d39MUVx7ebx7eTw5pcJruuw6j4XTkV9gs9fLkVQmQjpL2SOoRaxAqpF3LZiTqa0TMYV6+YS4avwzLFT6GGkJNG7imFETfHl5iKGLBEJQEXIY9JX56blzQURUYd/s91a
cookie: AWSALB=0TzqylgLn3mYV4diuRRbYs/FBSInQgFmkVG+IX0yhof72c1xkwn+2yisLuaqp48X3hWPkeKMhZI+QbsUrnTn48v1nJ1l0urDJulltGUkI7gtgpKCDVXyUi+mGr/y
cookie: AWSALBCORS=0TzqylgLn3mYV4diuRRbYs/FBSInQgFmkVG+IX0yhof72c1xkwn+2yisLuaqp48X3hWPkeKMhZI+QbsUrnTn48v1nJ1l0urDJulltGUkI7gtgpKCDVXyUi+mGr/y
cookie: XSRF-TOKEN=eyJpdiI6Ik54MDZocWxrQkxnUHBlWStxUEx5TWc9PSIsInZhbHVlIjoienZuTGdtcU56TmJUcUZjanBOUEJLR3F1QjlSUEtiWVErYjM0eUk1Tjg5V3RMaGZzZ1NoSEdWV252TVN0dm1vcHRaQ2E5eDlVRWQ5TWVWL3NUdTd4d1Q1bDk4RHc2MzZPOTdkR1VUaUR2QkpBandLMi8zbmp4RWVLVmV4d0kwdFgiLCJtYWMiOiJjNTRhOTJlZDcyNWMyOTY1ZTk3YWNlMzI3ODE2ZTBkNjYxNTgxYjdhZDFiNjNhYmUyZjhmYzVjNmU1N2M2NDYyIiwidGFnIjoiIn0%3D
cookie: ecochannels_eco_app_session=eyJpdiI6IjdvYUZLc1h6bHlKSThRYXU0bTFqT1E9PSIsInZhbHVlIjoiM3c0UEs5T1pUZ283QUNOdWdJbEE5bXRLUUVzbVlCVW91SitZYTdxZG9na2dVQ21NSmNiU3U4TDNCVW1QNi9wOW5maUVuSkdtMlQrUFBZNHNaY0d3WjZXNytGU1E1WDQxbHlKTnV3UjRpT2lseDIrcDl6aGk3VDlidWtQWnk1bjgiLCJtYWMiOiJhYzFkMjRjYzAzMDJkYThiOWFjYzI4Y2FkZWYyZDZkMjIwMjgxYWIzYWIwOTY1YmQyZTQyOGJmMzYyOWI2OGY4IiwidGFnIjoiIn0%3D
cookie: channel_id=eyJpdiI6InI4MzhPeXBJZ3AyODdMUm9SQXA5NHc9PSIsInZhbHVlIjoiZDUxSmUzMisrZi9zUW1ybVR5aVQzMWNQU2Mwc3FWcjF4eVFTMEI2bURxcExNUU1zTmVZREF0cGxGZTd2cG00OXNDSVh6TTFidEVUNEt6SHJsM1lYMkxnSkdtdjhaZTM3a3ZxdVdBUEgwcVU9IiwibWFjIjoiZGRhOGYwNjMyZDhkNzZjZTM2NmIzMjYzMzM5MWI2MjZjZWYzYTE4MjVmNmQwMjVjMGJmMzZmNTk2YjMxMTkwMSIsInRhZyI6IiJ9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:16 GMT
content-type: text/css
set-cookie: AWSALB=5w0bt1gUdX8qMY6YrYJ6lRxId6xcWkhghAvm92R2dGHAkqdYfT7AwC/yqX3QdG5Zh9+7OksY6KrsMa0qXqy1tMOAwPnd4yQdnnzkBSfjp5fzd12SEe6fKMSpjQQ/; Expires=Mon, 01 Apr 2024 11:32:16 GMT; Path=/
set-cookie: AWSALBCORS=5w0bt1gUdX8qMY6YrYJ6lRxId6xcWkhghAvm92R2dGHAkqdYfT7AwC/yqX3QdG5Zh9+7OksY6KrsMa0qXqy1tMOAwPnd4yQdnnzkBSfjp5fzd12SEe6fKMSpjQQ/; Expires=Mon, 01 Apr 2024 11:32:16 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 22 Mar 2024 16:48:52 GMT
vary: Accept-Encoding
etag: W/"65fdb674-34752"
expires: Mon, 01 Apr 2024 11:32:16 GMT
cache-control: max-age=604800
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
GET

https://www.ssonetwork.com/js/app_web.js?id=6145b797a8f09c238bb8

msedge.exe

Remote address:

15.197.145.235:443

Request

GET /js/app_web.js?id=6145b797a8f09c238bb8 HTTP/2.0
host: www.ssonetwork.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/finance-accounting/reports/intercompany?registerModal=true&elqTra
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: aws-waf-token=6262b6c1-c4fc-4899-9403-2d612eba42fb:EQoArPxQu+QBAAAA:aOWkkTGCCYYhIHwkQ/WN85VGd9weEntvjQMKxKE/z0sVpWIawlrBCIr4cXMM+Tj3Lil/YN32/z2qZCkt+/yXW2pcEeM/xpOtjG+7ighCz70KgFUAOdOELJcKwSMRpUxkQtrMa0yTZeti6d39MUVx7ebx7eTw5pcJruuw6j4XTkV9gs9fLkVQmQjpL2SOoRaxAqpF3LZiTqa0TMYV6+YS4avwzLFT6GGkJNG7imFETfHl5iKGLBEJQEXIY9JX56blzQURUYd/s91a
cookie: XSRF-TOKEN=eyJpdiI6Ik54MDZocWxrQkxnUHBlWStxUEx5TWc9PSIsInZhbHVlIjoienZuTGdtcU56TmJUcUZjanBOUEJLR3F1QjlSUEtiWVErYjM0eUk1Tjg5V3RMaGZzZ1NoSEdWV252TVN0dm1vcHRaQ2E5eDlVRWQ5TWVWL3NUdTd4d1Q1bDk4RHc2MzZPOTdkR1VUaUR2QkpBandLMi8zbmp4RWVLVmV4d0kwdFgiLCJtYWMiOiJjNTRhOTJlZDcyNWMyOTY1ZTk3YWNlMzI3ODE2ZTBkNjYxNTgxYjdhZDFiNjNhYmUyZjhmYzVjNmU1N2M2NDYyIiwidGFnIjoiIn0%3D
cookie: ecochannels_eco_app_session=eyJpdiI6IjdvYUZLc1h6bHlKSThRYXU0bTFqT1E9PSIsInZhbHVlIjoiM3c0UEs5T1pUZ283QUNOdWdJbEE5bXRLUUVzbVlCVW91SitZYTdxZG9na2dVQ21NSmNiU3U4TDNCVW1QNi9wOW5maUVuSkdtMlQrUFBZNHNaY0d3WjZXNytGU1E1WDQxbHlKTnV3UjRpT2lseDIrcDl6aGk3VDlidWtQWnk1bjgiLCJtYWMiOiJhYzFkMjRjYzAzMDJkYThiOWFjYzI4Y2FkZWYyZDZkMjIwMjgxYWIzYWIwOTY1YmQyZTQyOGJmMzYyOWI2OGY4IiwidGFnIjoiIn0%3D
cookie: channel_id=eyJpdiI6InI4MzhPeXBJZ3AyODdMUm9SQXA5NHc9PSIsInZhbHVlIjoiZDUxSmUzMisrZi9zUW1ybVR5aVQzMWNQU2Mwc3FWcjF4eVFTMEI2bURxcExNUU1zTmVZREF0cGxGZTd2cG00OXNDSVh6TTFidEVUNEt6SHJsM1lYMkxnSkdtdjhaZTM3a3ZxdVdBUEgwcVU9IiwibWFjIjoiZGRhOGYwNjMyZDhkNzZjZTM2NmIzMjYzMzM5MWI2MjZjZWYzYTE4MjVmNmQwMjVjMGJmMzZmNTk2YjMxMTkwMSIsInRhZyI6IiJ9
cookie: AWSALB=5w0bt1gUdX8qMY6YrYJ6lRxId6xcWkhghAvm92R2dGHAkqdYfT7AwC/yqX3QdG5Zh9+7OksY6KrsMa0qXqy1tMOAwPnd4yQdnnzkBSfjp5fzd12SEe6fKMSpjQQ/
cookie: AWSALBCORS=5w0bt1gUdX8qMY6YrYJ6lRxId6xcWkhghAvm92R2dGHAkqdYfT7AwC/yqX3QdG5Zh9+7OksY6KrsMa0qXqy1tMOAwPnd4yQdnnzkBSfjp5fzd12SEe6fKMSpjQQ/

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:18 GMT
content-type: application/javascript; charset=utf-8
set-cookie: AWSALB=3amgHrGAjnuJLL5DMv7qcEd46/hs0Tufv/3to0vl7L5SWXPNsvLPkdEKPENT1SecEoOEol11tSu23K6IvU8Djw5bbUDObCy/OvER7xIMDhBE9bAgLhxHblAZHFgL; Expires=Mon, 01 Apr 2024 11:32:18 GMT; Path=/
set-cookie: AWSALBCORS=3amgHrGAjnuJLL5DMv7qcEd46/hs0Tufv/3to0vl7L5SWXPNsvLPkdEKPENT1SecEoOEol11tSu23K6IvU8Djw5bbUDObCy/OvER7xIMDhBE9bAgLhxHblAZHFgL; Expires=Mon, 01 Apr 2024 11:32:18 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 22 Mar 2024 16:48:52 GMT
vary: Accept-Encoding
etag: W/"65fdb674-68e63"
expires: Mon, 01 Apr 2024 11:32:18 GMT
cache-control: max-age=604800
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
GET

https://www.ssonetwork.com/js/content-detail.js?id=316c049a43a53a50df0f

msedge.exe

Remote address:

15.197.145.235:443

Request

GET /js/content-detail.js?id=316c049a43a53a50df0f HTTP/2.0
host: www.ssonetwork.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/finance-accounting/reports/intercompany?registerModal=true&elqTra
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: aws-waf-token=6262b6c1-c4fc-4899-9403-2d612eba42fb:EQoArPxQu+QBAAAA:aOWkkTGCCYYhIHwkQ/WN85VGd9weEntvjQMKxKE/z0sVpWIawlrBCIr4cXMM+Tj3Lil/YN32/z2qZCkt+/yXW2pcEeM/xpOtjG+7ighCz70KgFUAOdOELJcKwSMRpUxkQtrMa0yTZeti6d39MUVx7ebx7eTw5pcJruuw6j4XTkV9gs9fLkVQmQjpL2SOoRaxAqpF3LZiTqa0TMYV6+YS4avwzLFT6GGkJNG7imFETfHl5iKGLBEJQEXIY9JX56blzQURUYd/s91a
cookie: XSRF-TOKEN=eyJpdiI6Ik54MDZocWxrQkxnUHBlWStxUEx5TWc9PSIsInZhbHVlIjoienZuTGdtcU56TmJUcUZjanBOUEJLR3F1QjlSUEtiWVErYjM0eUk1Tjg5V3RMaGZzZ1NoSEdWV252TVN0dm1vcHRaQ2E5eDlVRWQ5TWVWL3NUdTd4d1Q1bDk4RHc2MzZPOTdkR1VUaUR2QkpBandLMi8zbmp4RWVLVmV4d0kwdFgiLCJtYWMiOiJjNTRhOTJlZDcyNWMyOTY1ZTk3YWNlMzI3ODE2ZTBkNjYxNTgxYjdhZDFiNjNhYmUyZjhmYzVjNmU1N2M2NDYyIiwidGFnIjoiIn0%3D
cookie: ecochannels_eco_app_session=eyJpdiI6IjdvYUZLc1h6bHlKSThRYXU0bTFqT1E9PSIsInZhbHVlIjoiM3c0UEs5T1pUZ283QUNOdWdJbEE5bXRLUUVzbVlCVW91SitZYTdxZG9na2dVQ21NSmNiU3U4TDNCVW1QNi9wOW5maUVuSkdtMlQrUFBZNHNaY0d3WjZXNytGU1E1WDQxbHlKTnV3UjRpT2lseDIrcDl6aGk3VDlidWtQWnk1bjgiLCJtYWMiOiJhYzFkMjRjYzAzMDJkYThiOWFjYzI4Y2FkZWYyZDZkMjIwMjgxYWIzYWIwOTY1YmQyZTQyOGJmMzYyOWI2OGY4IiwidGFnIjoiIn0%3D
cookie: channel_id=eyJpdiI6InI4MzhPeXBJZ3AyODdMUm9SQXA5NHc9PSIsInZhbHVlIjoiZDUxSmUzMisrZi9zUW1ybVR5aVQzMWNQU2Mwc3FWcjF4eVFTMEI2bURxcExNUU1zTmVZREF0cGxGZTd2cG00OXNDSVh6TTFidEVUNEt6SHJsM1lYMkxnSkdtdjhaZTM3a3ZxdVdBUEgwcVU9IiwibWFjIjoiZGRhOGYwNjMyZDhkNzZjZTM2NmIzMjYzMzM5MWI2MjZjZWYzYTE4MjVmNmQwMjVjMGJmMzZmNTk2YjMxMTkwMSIsInRhZyI6IiJ9
cookie: AWSALB=5w0bt1gUdX8qMY6YrYJ6lRxId6xcWkhghAvm92R2dGHAkqdYfT7AwC/yqX3QdG5Zh9+7OksY6KrsMa0qXqy1tMOAwPnd4yQdnnzkBSfjp5fzd12SEe6fKMSpjQQ/
cookie: AWSALBCORS=5w0bt1gUdX8qMY6YrYJ6lRxId6xcWkhghAvm92R2dGHAkqdYfT7AwC/yqX3QdG5Zh9+7OksY6KrsMa0qXqy1tMOAwPnd4yQdnnzkBSfjp5fzd12SEe6fKMSpjQQ/

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:18 GMT
content-type: application/javascript; charset=utf-8
set-cookie: AWSALB=Azpxz1RhZJ1A0KVejijD2pQMAWGaYujS23JmUvMBQO0Tg+PY34DPBzu/KDLDsiLISHEkW0paxMHCLbryCAfNR6vDVXb7NFAqVRIknuVxCdPe9ylM5VYPctLtLCLm; Expires=Mon, 01 Apr 2024 11:32:18 GMT; Path=/
set-cookie: AWSALBCORS=Azpxz1RhZJ1A0KVejijD2pQMAWGaYujS23JmUvMBQO0Tg+PY34DPBzu/KDLDsiLISHEkW0paxMHCLbryCAfNR6vDVXb7NFAqVRIknuVxCdPe9ylM5VYPctLtLCLm; Expires=Mon, 01 Apr 2024 11:32:18 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 22 Mar 2024 16:48:52 GMT
vary: Accept-Encoding
etag: W/"65fdb674-1ae709"
expires: Mon, 01 Apr 2024 11:32:18 GMT
cache-control: max-age=604800
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
GET

https://www.ssonetwork.com/images/popup_bg.jpg

msedge.exe

Remote address:

15.197.145.235:443

Request

GET /images/popup_bg.jpg HTTP/2.0
host: www.ssonetwork.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/finance-accounting/reports/intercompany?registerModal=true&elqTra
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: aws-waf-token=6262b6c1-c4fc-4899-9403-2d612eba42fb:EQoArPxQu+QBAAAA:aOWkkTGCCYYhIHwkQ/WN85VGd9weEntvjQMKxKE/z0sVpWIawlrBCIr4cXMM+Tj3Lil/YN32/z2qZCkt+/yXW2pcEeM/xpOtjG+7ighCz70KgFUAOdOELJcKwSMRpUxkQtrMa0yTZeti6d39MUVx7ebx7eTw5pcJruuw6j4XTkV9gs9fLkVQmQjpL2SOoRaxAqpF3LZiTqa0TMYV6+YS4avwzLFT6GGkJNG7imFETfHl5iKGLBEJQEXIY9JX56blzQURUYd/s91a
cookie: XSRF-TOKEN=eyJpdiI6Ik54MDZocWxrQkxnUHBlWStxUEx5TWc9PSIsInZhbHVlIjoienZuTGdtcU56TmJUcUZjanBOUEJLR3F1QjlSUEtiWVErYjM0eUk1Tjg5V3RMaGZzZ1NoSEdWV252TVN0dm1vcHRaQ2E5eDlVRWQ5TWVWL3NUdTd4d1Q1bDk4RHc2MzZPOTdkR1VUaUR2QkpBandLMi8zbmp4RWVLVmV4d0kwdFgiLCJtYWMiOiJjNTRhOTJlZDcyNWMyOTY1ZTk3YWNlMzI3ODE2ZTBkNjYxNTgxYjdhZDFiNjNhYmUyZjhmYzVjNmU1N2M2NDYyIiwidGFnIjoiIn0%3D
cookie: ecochannels_eco_app_session=eyJpdiI6IjdvYUZLc1h6bHlKSThRYXU0bTFqT1E9PSIsInZhbHVlIjoiM3c0UEs5T1pUZ283QUNOdWdJbEE5bXRLUUVzbVlCVW91SitZYTdxZG9na2dVQ21NSmNiU3U4TDNCVW1QNi9wOW5maUVuSkdtMlQrUFBZNHNaY0d3WjZXNytGU1E1WDQxbHlKTnV3UjRpT2lseDIrcDl6aGk3VDlidWtQWnk1bjgiLCJtYWMiOiJhYzFkMjRjYzAzMDJkYThiOWFjYzI4Y2FkZWYyZDZkMjIwMjgxYWIzYWIwOTY1YmQyZTQyOGJmMzYyOWI2OGY4IiwidGFnIjoiIn0%3D
cookie: channel_id=eyJpdiI6InI4MzhPeXBJZ3AyODdMUm9SQXA5NHc9PSIsInZhbHVlIjoiZDUxSmUzMisrZi9zUW1ybVR5aVQzMWNQU2Mwc3FWcjF4eVFTMEI2bURxcExNUU1zTmVZREF0cGxGZTd2cG00OXNDSVh6TTFidEVUNEt6SHJsM1lYMkxnSkdtdjhaZTM3a3ZxdVdBUEgwcVU9IiwibWFjIjoiZGRhOGYwNjMyZDhkNzZjZTM2NmIzMjYzMzM5MWI2MjZjZWYzYTE4MjVmNmQwMjVjMGJmMzZmNTk2YjMxMTkwMSIsInRhZyI6IiJ9
cookie: AWSALB=Azpxz1RhZJ1A0KVejijD2pQMAWGaYujS23JmUvMBQO0Tg+PY34DPBzu/KDLDsiLISHEkW0paxMHCLbryCAfNR6vDVXb7NFAqVRIknuVxCdPe9ylM5VYPctLtLCLm
cookie: AWSALBCORS=Azpxz1RhZJ1A0KVejijD2pQMAWGaYujS23JmUvMBQO0Tg+PY34DPBzu/KDLDsiLISHEkW0paxMHCLbryCAfNR6vDVXb7NFAqVRIknuVxCdPe9ylM5VYPctLtLCLm
cookie: _ju_v=4.1_6.04
cookie: _ju_dm=cookie
cookie: _ju_dn=1
cookie: _ga_4ECW8CEQJX=GS1.1.1711366338.1.0.1711366338.60.0.0
cookie: _ga=GA1.1.2037664641.1711366339

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:20 GMT
content-type: image/jpeg
content-length: 20403
set-cookie: AWSALB=jAuCv33zCK4IlbZNkRBISNGV9f9OeOUy1jaXxw7OWMDW0TES0vRo4SPMI6fC1iNgDN244fpG28hkZA+aifPGgxwMEMSbDFPGandVVcwrWlg2IATZ7XQeTIz9jIZH; Expires=Mon, 01 Apr 2024 11:32:20 GMT; Path=/
set-cookie: AWSALBCORS=jAuCv33zCK4IlbZNkRBISNGV9f9OeOUy1jaXxw7OWMDW0TES0vRo4SPMI6fC1iNgDN244fpG28hkZA+aifPGgxwMEMSbDFPGandVVcwrWlg2IATZ7XQeTIz9jIZH; Expires=Mon, 01 Apr 2024 11:32:20 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Fri, 22 Mar 2024 16:33:34 GMT
etag: "65fdb2de-4fb3"
expires: Mon, 01 Apr 2024 11:32:20 GMT
cache-control: max-age=604800
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
POST

https://www.ssonetwork.com/api/user-onboarding/sign-in-sign-up/65e1995204b3d275cd295e34

msedge.exe

Remote address:

15.197.145.235:443

Request

POST /api/user-onboarding/sign-in-sign-up/65e1995204b3d275cd295e34 HTTP/2.0
host: www.ssonetwork.com
content-length: 278
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
accept: application/json, text/plain, */*
dnt: 1
x-xsrf-token: eyJpdiI6Ik54MDZocWxrQkxnUHBlWStxUEx5TWc9PSIsInZhbHVlIjoienZuTGdtcU56TmJUcUZjanBOUEJLR3F1QjlSUEtiWVErYjM0eUk1Tjg5V3RMaGZzZ1NoSEdWV252TVN0dm1vcHRaQ2E5eDlVRWQ5TWVWL3NUdTd4d1Q1bDk4RHc2MzZPOTdkR1VUaUR2QkpBandLMi8zbmp4RWVLVmV4d0kwdFgiLCJtYWMiOiJjNTRhOTJlZDcyNWMyOTY1ZTk3YWNlMzI3ODE2ZTBkNjYxNTgxYjdhZDFiNjNhYmUyZjhmYzVjNmU1N2M2NDYyIiwidGFnIjoiIn0=
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: multipart/form-data; boundary=----WebKitFormBoundaryoakSxy562ATmNyAn
origin: https://www.ssonetwork.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.ssonetwork.com/finance-accounting/reports/intercompany?registerModal=true&elqTra
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: aws-waf-token=6262b6c1-c4fc-4899-9403-2d612eba42fb:EQoArPxQu+QBAAAA:aOWkkTGCCYYhIHwkQ/WN85VGd9weEntvjQMKxKE/z0sVpWIawlrBCIr4cXMM+Tj3Lil/YN32/z2qZCkt+/yXW2pcEeM/xpOtjG+7ighCz70KgFUAOdOELJcKwSMRpUxkQtrMa0yTZeti6d39MUVx7ebx7eTw5pcJruuw6j4XTkV9gs9fLkVQmQjpL2SOoRaxAqpF3LZiTqa0TMYV6+YS4avwzLFT6GGkJNG7imFETfHl5iKGLBEJQEXIY9JX56blzQURUYd/s91a
cookie: XSRF-TOKEN=eyJpdiI6Ik54MDZocWxrQkxnUHBlWStxUEx5TWc9PSIsInZhbHVlIjoienZuTGdtcU56TmJUcUZjanBOUEJLR3F1QjlSUEtiWVErYjM0eUk1Tjg5V3RMaGZzZ1NoSEdWV252TVN0dm1vcHRaQ2E5eDlVRWQ5TWVWL3NUdTd4d1Q1bDk4RHc2MzZPOTdkR1VUaUR2QkpBandLMi8zbmp4RWVLVmV4d0kwdFgiLCJtYWMiOiJjNTRhOTJlZDcyNWMyOTY1ZTk3YWNlMzI3ODE2ZTBkNjYxNTgxYjdhZDFiNjNhYmUyZjhmYzVjNmU1N2M2NDYyIiwidGFnIjoiIn0%3D
cookie: ecochannels_eco_app_session=eyJpdiI6IjdvYUZLc1h6bHlKSThRYXU0bTFqT1E9PSIsInZhbHVlIjoiM3c0UEs5T1pUZ283QUNOdWdJbEE5bXRLUUVzbVlCVW91SitZYTdxZG9na2dVQ21NSmNiU3U4TDNCVW1QNi9wOW5maUVuSkdtMlQrUFBZNHNaY0d3WjZXNytGU1E1WDQxbHlKTnV3UjRpT2lseDIrcDl6aGk3VDlidWtQWnk1bjgiLCJtYWMiOiJhYzFkMjRjYzAzMDJkYThiOWFjYzI4Y2FkZWYyZDZkMjIwMjgxYWIzYWIwOTY1YmQyZTQyOGJmMzYyOWI2OGY4IiwidGFnIjoiIn0%3D
cookie: channel_id=eyJpdiI6InI4MzhPeXBJZ3AyODdMUm9SQXA5NHc9PSIsInZhbHVlIjoiZDUxSmUzMisrZi9zUW1ybVR5aVQzMWNQU2Mwc3FWcjF4eVFTMEI2bURxcExNUU1zTmVZREF0cGxGZTd2cG00OXNDSVh6TTFidEVUNEt6SHJsM1lYMkxnSkdtdjhaZTM3a3ZxdVdBUEgwcVU9IiwibWFjIjoiZGRhOGYwNjMyZDhkNzZjZTM2NmIzMjYzMzM5MWI2MjZjZWYzYTE4MjVmNmQwMjVjMGJmMzZmNTk2YjMxMTkwMSIsInRhZyI6IiJ9
cookie: _ju_v=4.1_6.04
cookie: _ju_dm=cookie
cookie: _ju_dn=1
cookie: _ga_4ECW8CEQJX=GS1.1.1711366338.1.0.1711366338.60.0.0
cookie: AWSALB=jAuCv33zCK4IlbZNkRBISNGV9f9OeOUy1jaXxw7OWMDW0TES0vRo4SPMI6fC1iNgDN244fpG28hkZA+aifPGgxwMEMSbDFPGandVVcwrWlg2IATZ7XQeTIz9jIZH
cookie: AWSALBCORS=jAuCv33zCK4IlbZNkRBISNGV9f9OeOUy1jaXxw7OWMDW0TES0vRo4SPMI6fC1iNgDN244fpG28hkZA+aifPGgxwMEMSbDFPGandVVcwrWlg2IATZ7XQeTIz9jIZH
cookie: _ga=GA1.2.2037664641.1711366339
cookie: _gid=GA1.2.1756016747.1711366340
cookie: __gads=ID=7164dce842e82f91:T=1711366340:RT=1711366340:S=ALNI_MaozalBf5udTW7gJJxkeLhXNNgwig
cookie: __gpi=UID=00000d4e9743035e:T=1711366340:RT=1711366340:S=ALNI_MaSs8hM-CLJpL-vgmnGTQqBSODjLQ
cookie: __eoi=ID=2169983d9f72f9d8:T=1711366340:RT=1711366340:S=AA-AfjbDfphmXKxDTDqrR04-zVms
cookie: _ju_dc=579d00fb-ea9b-11ee-ab59-71d3dcb7a3e7
cookie: _ju_pn=1
cookie: _gat=1
cookie: OptanonAlertBoxClosed=2024-03-25T11:32:23.561Z
cookie: OptanonConsent=isGpcEnabled=0&datestamp=Mon+Mar+25+2024+11%3A32%3A23+GMT%2B0000+(Greenwich+Mean+Time)&version=6.35.0&isIABGlobal=false&hosts=&landingPath=NotLandingPage&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0

Response

HTTP/2.0 422

date: Mon, 25 Mar 2024 11:32:30 GMT
content-type: application/json
set-cookie: AWSALB=9SQQMplyVw9gKQkWmMFCzzH3WaglLgmrQXN5Vw8AN4m28ndvIr0hC78/X0jpC6d4+1MN/VIs//aUsK6IPbtXCfhf3FJgrrPMSmk8i49EmzoZG08du4emG7d9TO8C; Expires=Mon, 01 Apr 2024 11:32:30 GMT; Path=/
set-cookie: AWSALBCORS=9SQQMplyVw9gKQkWmMFCzzH3WaglLgmrQXN5Vw8AN4m28ndvIr0hC78/X0jpC6d4+1MN/VIs//aUsK6IPbtXCfhf3FJgrrPMSmk8i49EmzoZG08du4emG7d9TO8C; Expires=Mon, 01 Apr 2024 11:32:30 GMT; Path=/; SameSite=None; Secure
server: nginx
cache-control: no-cache, private
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=*, encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), web-share=(self), xr-spatial-tracking=(self)
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-security-policy:
set-cookie: XSRF-TOKEN=eyJpdiI6IkVVODdER1FTS2I1SUdxUERuSGF4YUE9PSIsInZhbHVlIjoiTGhoaWVQZTdtWXJjOGxBS2ZxSVAzd0dJOEo2cEVCRm5vNnNBMmtrbDdGYndWMzlNQUx6UXhFeGdOend4VTlySHZGckVPd3RjNm51MXdDYkIzUlFQcDYzeWNpRktXcFFMRnM0a2kwOUQ4WStobU9ZZXl2bC9hRXd5amV1ZFJPQ3QiLCJtYWMiOiIyYWU4ZjIwZmIyOWFlMGI2N2UzMWM2OWFiNGIyYzgxNDYwMDM0NWYwMTBjZTI2MDRhNDQ1ZDU4YjVmY2FhMWQ1IiwidGFnIjoiIn0%3D; expires=Tue, 26-Mar-2024 11:32:30 GMT; Max-Age=86400; path=/
set-cookie: ecochannels_eco_app_session=eyJpdiI6IkRRZEdoUzh0NiswYy8yV0EzQmxhYlE9PSIsInZhbHVlIjoid0ExTlVqWCtHaCtLdTJCWEZubVp3TWRXVzk3VmlsR214dEc5c2FFRGk4d2E1WStteVpEdnZ6amlGeUo3V0RIaXhyWGNSS2E5QU9YK1VEWDczN0N1YkpMaDlseU11SlJiNndnWTMvUHZZUmFJQUhlR2M1V1IzVXEwbTRGejdjaHIiLCJtYWMiOiIxMWQ4YmY0MDcxYmJkYjc1OGU3NWNiOGNkMjNjODUwM2JjOGU3ZGI0NGFmYWIxZGZiZTcyOWI5MWUzY2Q5ZDczIiwidGFnIjoiIn0%3D; expires=Tue, 26-Mar-2024 11:32:30 GMT; Max-Age=86400; path=/; httponly
set-cookie: channel_id=eyJpdiI6IjJqREswancvQnZmZ1VZYnl3NlpqSVE9PSIsInZhbHVlIjoiSTRZeXVwcU01dGpyVUdrS3d3ZHNUdlQyZG51aHUvWlloNHRoMi9VMlRmMTZPMngrOG55WitTT0xZZmYyR1BEQTYzeUdvN083eW0zTGt1K0JjZ0FLRHV5b004aW40dzhKcXhQTVVvUERTQkU9IiwibWFjIjoiNzQ3NWRjMTY2ZGI3NTlmYWRlNjFiMWI3NGRkZGNmNjYyZmNhYWRjNzllMjE2NzE2YzJmZDhlOWFiMmU5ZjM5MSIsInRhZyI6IiJ9; path=/; httponly
set-cookie: event_id=eyJpdiI6IkhHWGY4MTN2b0NXU2szdW1ESXNjMVE9PSIsInZhbHVlIjoiLzFWYWtONmgzL3diWkp0Unp4aDFzUFpwTnlaVkVkMDZ4NjVXSURnMWpVQ1RzcmU5OTF0KzYyeFNOUFErK0F4MTJwUlVjZXJuMEdpbThyMDFrckR1aGc9PSIsIm1hYyI6IjcyZWEwODY2NzVlODczZjUxMTc2ZDEzNTlhNjY4OGExMzY3ZDgwODZmNDg1YzhhNzkyNWNkOTA0ZTVkZmI0NTMiLCJ0YWciOiIifQ%3D%3D; expires=Wed, 27-Mar-2019 11:32:30 GMT; Max-Age=0; path=/; httponly
set-cookie: client_dashboard=eyJpdiI6IkxYczdaWHV1Q1BuL2xFSFRlanZkMHc9PSIsInZhbHVlIjoiV1BrZjdqdjRRRnBVRlljN2RUdGMybjVVRm1wYzNnU1NjZU5lSWF5dDFHQWZHREtUWms5WWVLcExDbVZ2M1hQMml0aGhwazNiKzF3M3BuTUZ5Qm9kaXc9PSIsIm1hYyI6IjE0OWE2NDA1OTEwMjFiMTMyNzNkYThmMzk5MzljOWU1ZWMxOTEzNzVkNWRhNzhjZmNmNDYyZTBkZDU4NzA0MTgiLCJ0YWciOiIifQ%3D%3D; expires=Wed, 27-Mar-2019 11:32:30 GMT; Max-Age=0; path=/; httponly
GET

https://18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/challenge.js

msedge.exe

Remote address:

143.204.215.71:443

Request

GET /18f1ff95f8c2/124e0fe93e27/12a9002e3553/challenge.js HTTP/2.0
host: 18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript
vary: Accept-Encoding
date: Mon, 25 Mar 2024 11:31:19 GMT
cache-control: private, max-age=86400
last-modified: Mon, 25 Mar 2024 11:31:19 +0000
pragma: no-cache
expires: 0
x-amzn-waf-challenge-id: Root=1-66016087-5c50e6c52a21e46d7187bbbf
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 2OyYpl47wUOj8OcQBOLto7Z3hauqy1HpMY-jmHmr63HEk7ucfBUWhA==
GET

https://18f1ff95f8c2.4d528e22.us-east-1.captcha.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/captcha.js

msedge.exe

Remote address:

65.9.66.58:443

Request

GET /18f1ff95f8c2/124e0fe93e27/12a9002e3553/captcha.js HTTP/2.0
host: 18f1ff95f8c2.4d528e22.us-east-1.captcha.awswaf.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript
vary: Accept-Encoding
date: Mon, 25 Mar 2024 11:31:19 GMT
x-amzn-waf-captcha-id: Root=1-66016087-5dbb693c2b20949c5aa4c036
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: VxKL1PycAUWtkvd3NpTbKW9ZvlDbGXlZKQZ26US-uiaUpgY_8tzSOA==
POST

https://18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/verify

msedge.exe

Remote address:

143.204.215.71:443

Request

POST /18f1ff95f8c2/124e0fe93e27/12a9002e3553/verify HTTP/2.0
host: 18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com
content-length: 9820
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.ssonetwork.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
content-length: 288
date: Mon, 25 Mar 2024 11:31:21 GMT
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-amzn-waf-challenge-id: Root=1-66016089-3ec99ce947e489372db34257
x-cache: Miss from cloudfront
via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 5cwgo2kUwDcMLeImqOxwdp9gz0GxxaA1dN7jcAqlPhMO2okyFGrI8w==
POST

https://18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/telemetry

msedge.exe

Remote address:

143.204.215.71:443

Request

POST /18f1ff95f8c2/124e0fe93e27/12a9002e3553/telemetry HTTP/2.0
host: 18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com
content-length: 1265
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.ssonetwork.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
content-length: 852
date: Mon, 25 Mar 2024 11:31:22 GMT
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-amzn-waf-challenge-id: Root=1-6601608a-54c00ce64f624d8931120fad
x-cache: Miss from cloudfront
via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: zkvObMv38Z8L4J84aT5Jt85dG9tWjRD8SxIZMMaajhnIS3yfEc6ZsA==
POST

https://18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/telemetry

msedge.exe

Remote address:

143.204.215.71:443

Request

POST /18f1ff95f8c2/124e0fe93e27/12a9002e3553/telemetry HTTP/2.0
host: 18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com
content-length: 1781
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.ssonetwork.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
content-length: 940
date: Mon, 25 Mar 2024 11:31:23 GMT
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-amzn-waf-challenge-id: Root=1-6601608b-1747155f7f4c4e7334bd6411
x-cache: Miss from cloudfront
via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: aHktZOTRlxj_MATHD2x25Hs_hW2qj0wMIBc-qc0Au7v99OUp8Q34BQ==
POST

https://18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/telemetry

msedge.exe

Remote address:

143.204.215.71:443

Request

POST /18f1ff95f8c2/124e0fe93e27/12a9002e3553/telemetry HTTP/2.0
host: 18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com
content-length: 4894
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.ssonetwork.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
vary: Accept-Encoding
date: Mon, 25 Mar 2024 11:31:32 GMT
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-amzn-waf-challenge-id: Root=1-66016094-406b10bf069a16470b93e47f
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: zjf4NqgStWM3ivkfLqyTvqmCpe6ZgZQWhbWgRu3108-r5KuxC_Ac9w==
POST

https://18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/telemetry

msedge.exe

Remote address:

143.204.215.71:443

Request

POST /18f1ff95f8c2/124e0fe93e27/12a9002e3553/telemetry HTTP/2.0
host: 18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com
content-length: 1869
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.ssonetwork.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
vary: Accept-Encoding
date: Mon, 25 Mar 2024 11:31:32 GMT
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-amzn-waf-challenge-id: Root=1-66016094-4760b1794572b02e23742596
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: G_CEwYUFuK3tTfmv2SG01ngmDp6bC9Jgfk5i_rwVqwwZIH3ytKjZHw==
POST

https://18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/voucher

msedge.exe

Remote address:

143.204.215.71:443

Request

POST /18f1ff95f8c2/124e0fe93e27/12a9002e3553/voucher HTTP/2.0
host: 18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com
content-length: 725
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.ssonetwork.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
content-length: 334
date: Mon, 25 Mar 2024 11:32:15 GMT
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,GET,POST
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-amzn-waf-challenge-id: Root=1-660160bf-259b0890759be00f25bae370
x-cache: Miss from cloudfront
via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: Kai5T9F0FaMBKdyDsOUjm6Z-Pl3n1ZpPLviDbKrwkpMaZG4e93wUTg==
GET

https://static.captcha.awswaf.com/fonts/AmazonEmberLt/stylesheet.css

msedge.exe

Remote address:

108.138.26.101:443

Request

GET /fonts/AmazonEmberLt/stylesheet.css HTTP/2.0
host: static.captcha.awswaf.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/css
content-length: 230
last-modified: Tue, 20 Feb 2024 19:30:14 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 24 Mar 2024 21:32:00 GMT
etag: "d8674d16f372c9cdafa1314ef9710c64"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: umwA68UASDiOlWJpW88VJORU7YZVA_e8-mqCir3vObrtnDF0HDuJbw==
age: 50362
GET

https://static.captcha.awswaf.com/fonts/AmazonEmberLt/AmazonEmber-Light.woff2

msedge.exe

Remote address:

108.138.26.101:443

Request

GET /fonts/AmazonEmberLt/AmazonEmber-Light.woff2 HTTP/2.0
host: static.captcha.awswaf.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://www.ssonetwork.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://static.captcha.awswaf.com/fonts/AmazonEmberLt/stylesheet.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: binary/octet-stream
content-length: 30648
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Tue, 20 Feb 2024 19:30:13 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 25 Mar 2024 03:47:51 GMT
etag: "64824a4253db63d5f9a7c4501c702c16"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: xOW0aXxozZ1fcjjs1i8xroobCLkSSOK_cVCYqtm0pXeB6pk7Yg-tdg==
age: 50356
GET

https://18f1ff95f8c2.4d528e22.us-east-1.captcha.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/problem?kind=visual&domain=www.ssonetwork.com&locale=en-us

msedge.exe

Remote address:

65.9.66.58:443

Request

GET /18f1ff95f8c2/124e0fe93e27/12a9002e3553/problem?kind=visual&domain=www.ssonetwork.com&locale=en-us HTTP/2.0
host: 18f1ff95f8c2.4d528e22.us-east-1.captcha.awswaf.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.ssonetwork.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
vary: Accept-Encoding
date: Mon, 25 Mar 2024 11:31:28 GMT
access-control-allow-origin: https://www.ssonetwork.com
x-amzn-waf-captcha-id: Root=1-66016090-4768b2a8373308eb115e0fc2
cache-control: no-cache
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: HPnoMq7ZP2rHycvOYRdzBl0c2NgXqkCtBfRIDAVk554fj1cvuVC7TA==
POST

https://18f1ff95f8c2.4d528e22.us-east-1.captcha.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/verify

msedge.exe

Remote address:

65.9.66.58:443

Request

POST /18f1ff95f8c2/124e0fe93e27/12a9002e3553/verify HTTP/2.0
host: 18f1ff95f8c2.4d528e22.us-east-1.captcha.awswaf.com
content-length: 2268
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.ssonetwork.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
vary: Accept-Encoding
date: Mon, 25 Mar 2024 11:31:55 GMT
access-control-allow-origin: https://www.ssonetwork.com
x-amzn-waf-captcha-id: Root=1-660160ab-526037b5442c03d247ba1cac
cache-control: no-cache
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: dWimaYi3BVJ2EH3On0A3HpkHd44ALeTZzXoeRcKvcSGyEUmEbM755A==
POST

https://18f1ff95f8c2.4d528e22.us-east-1.captcha.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/verify

msedge.exe

Remote address:

65.9.66.58:443

Request

POST /18f1ff95f8c2/124e0fe93e27/12a9002e3553/verify HTTP/2.0
host: 18f1ff95f8c2.4d528e22.us-east-1.captcha.awswaf.com
content-length: 2272
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.ssonetwork.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
content-length: 493
date: Mon, 25 Mar 2024 11:32:15 GMT
access-control-allow-origin: https://www.ssonetwork.com
x-amzn-waf-captcha-id: Root=1-660160bf-788cb46c029138e74a722473
cache-control: no-cache
x-cache: Miss from cloudfront
via: 1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: T7OEeqn6xheKzINeSOAh7MXNFNlSg4_G0KziJSqnWjMbqtfrzUI2zg==
DNS

use.fontawesome.com

msedge.exe

Remote address:

8.8.8.8:53

Request

use.fontawesome.com

IN A

Response

use.fontawesome.com

IN CNAME

use.fontawesome.com.cdn.cloudflare.net

use.fontawesome.com.cdn.cloudflare.net

IN A

172.64.206.38

use.fontawesome.com.cdn.cloudflare.net

IN A

172.64.207.38
DNS

use.fontawesome.com

msedge.exe

Remote address:

8.8.8.8:53

Request

use.fontawesome.com

IN A
DNS

use.fontawesome.com

msedge.exe

Remote address:

8.8.8.8:53

Request

use.fontawesome.com

IN A
GET

https://cdn.jsdelivr.net/npm/animate.css@3.5.2/animate.min.css

msedge.exe

Remote address:

151.101.1.229:443

Request

GET /npm/animate.css@3.5.2/animate.min.css HTTP/2.0
host: cdn.jsdelivr.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://www.ssonetwork.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 3.5.2
x-jsd-version-type: version
etag: W/"ce35-l6+hUVafBGsuAfJ8GHFkbpzYfK8"
content-encoding: br
accept-ranges: bytes
date: Mon, 25 Mar 2024 11:32:18 GMT
age: 2185043
x-served-by: cache-fra-eddf8230057-FRA, cache-lcy-eglc8600041-LCY
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4356
GET

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/fonts/bootstrap-icons.woff?4601c71fb26c9277391ec80789bfde9c

msedge.exe

Remote address:

151.101.1.229:443

Request

GET /npm/bootstrap-icons@1.3.0/font/fonts/bootstrap-icons.woff?4601c71fb26c9277391ec80789bfde9c HTTP/2.0
host: cdn.jsdelivr.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://www.ssonetwork.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/bootstrap-icons.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff
x-jsd-version: 1.3.0
x-jsd-version-type: version
etag: W/"1a13c-GxDOCA4lYqi36DlQRNPKg9wRKZk"
accept-ranges: bytes
date: Mon, 25 Mar 2024 11:32:18 GMT
age: 2636902
x-served-by: cache-fra-eddf8230039-FRA, cache-lcy-eglc8600041-LCY
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 106812
GET

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/bootstrap-icons.css

msedge.exe

Remote address:

151.101.1.229:443

Request

GET /npm/bootstrap-icons@1.3.0/font/bootstrap-icons.css HTTP/2.0
host: cdn.jsdelivr.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.3.0
x-jsd-version-type: version
etag: W/"edbb-Du3MPQ7GnRobCfGvnAP4Uqb5QVI"
content-encoding: br
accept-ranges: bytes
date: Mon, 25 Mar 2024 11:32:17 GMT
age: 2715261
x-served-by: cache-fra-eddf8230052-FRA, cache-lcy-eglc8600052-LCY
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8017
DNS

229.1.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

229.1.101.151.in-addr.arpa

IN PTR

Response
DNS

securepubads.g.doubleclick.net

Remote address:

8.8.8.8:53

Request

securepubads.g.doubleclick.net

IN A

Response

securepubads.g.doubleclick.net

IN CNAME

securepubads46.g.doubleclick.net

securepubads46.g.doubleclick.net

IN A

172.217.169.34
DNS

buttons-config.sharethis.com

Remote address:

8.8.8.8:53

Request

buttons-config.sharethis.com

IN A

Response

buttons-config.sharethis.com

IN CNAME

d2znr2yi078d75.cloudfront.net

d2znr2yi078d75.cloudfront.net

IN A

65.9.66.121

d2znr2yi078d75.cloudfront.net

IN A

65.9.66.81

d2znr2yi078d75.cloudfront.net

IN A

65.9.66.11

d2znr2yi078d75.cloudfront.net

IN A

65.9.66.100
DNS

234.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.179.250.142.in-addr.arpa

IN PTR

Response

234.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f101e100net
DNS

stats.g.doubleclick.net

Remote address:

8.8.8.8:53

Request

stats.g.doubleclick.net

IN A

Response

stats.g.doubleclick.net

IN A

142.251.173.157

stats.g.doubleclick.net

IN A

142.251.173.155

stats.g.doubleclick.net

IN A

142.251.173.156

stats.g.doubleclick.net

IN A

142.251.173.154
DNS

238.16.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

238.16.217.172.in-addr.arpa

IN PTR

Response

238.16.217.172.in-addr.arpa

IN PTR

mad08s04-in-f141e100net

238.16.217.172.in-addr.arpa

IN PTR

lhr48s28-in-f14�I
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.178.4
DNS

4.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

4.178.250.142.in-addr.arpa

IN PTR

Response

4.178.250.142.in-addr.arpa

IN PTR

lhr48s27-in-f41e100net
DNS

insight.adsrvr.org

Remote address:

8.8.8.8:53

Request

insight.adsrvr.org

IN A

Response

insight.adsrvr.org

IN A

52.223.40.198

insight.adsrvr.org

IN A

35.71.131.137

insight.adsrvr.org

IN A

15.197.193.217

insight.adsrvr.org

IN A

3.33.220.150
DNS

insight.adsrvr.org

Remote address:

8.8.8.8:53

Request

insight.adsrvr.org

IN A
DNS

226.20.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

226.20.18.104.in-addr.arpa

IN PTR

Response
DNS

www.googletagmanager.com

Remote address:

8.8.8.8:53

Request

www.googletagmanager.com

IN A

Response

www.googletagmanager.com

IN A

142.250.179.232
DNS

ws.zoominfo.com

Remote address:

8.8.8.8:53

Request

ws.zoominfo.com

IN A

Response

ws.zoominfo.com

IN A

104.16.136.15

ws.zoominfo.com

IN A

104.16.137.15
DNS

geolocation.onetrust.com

Remote address:

8.8.8.8:53

Request

geolocation.onetrust.com

IN A

Response

geolocation.onetrust.com

IN A

104.18.32.137

geolocation.onetrust.com

IN A

172.64.155.119
DNS

geolocation.onetrust.com

Remote address:

8.8.8.8:53

Request

geolocation.onetrust.com

IN A
DNS

cdn-ukwest.onetrust.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn-ukwest.onetrust.com

IN A

Response

cdn-ukwest.onetrust.com

IN A

104.18.32.137

cdn-ukwest.onetrust.com

IN A

172.64.155.119
DNS

apps.identrust.com

msedge.exe

Remote address:

8.8.8.8:53

Request

apps.identrust.com

IN A

Response

apps.identrust.com

IN CNAME

identrust.edgesuite.net

identrust.edgesuite.net

IN CNAME

a1952.dscq.akamai.net

a1952.dscq.akamai.net

IN A

96.17.179.184

a1952.dscq.akamai.net

IN A

96.17.179.205
DNS

227.179.250.142.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

227.179.250.142.in-addr.arpa

IN PTR

Response

227.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f31e100net
DNS

www.google-analytics.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.google-analytics.com

IN A

Response

www.google-analytics.com

IN A

172.217.16.238
DNS

6.224.197.54.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

6.224.197.54.in-addr.arpa

IN PTR

Response

6.224.197.54.in-addr.arpa

IN PTR

ec2-54-197-224-6 compute-1 amazonawscom
DNS

img04.en25.com

msedge.exe

Remote address:

8.8.8.8:53

Request

img04.en25.com

IN A

Response

img04.en25.com

IN CNAME

wildcard.en25.com.edgekey.net

wildcard.en25.com.edgekey.net

IN CNAME

e5763.x.akamaiedge.net

e5763.x.akamaiedge.net

IN A

23.59.67.49
DNS

49.67.59.23.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

49.67.59.23.in-addr.arpa

IN PTR

Response

49.67.59.23.in-addr.arpa

IN PTR

a23-59-67-49deploystaticakamaitechnologiescom
DNS

120.77.208.52.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

120.77.208.52.in-addr.arpa

IN PTR

Response

120.77.208.52.in-addr.arpa

IN PTR

ec2-52-208-77-120 eu-west-1compute amazonawscom
DNS

platform-api.sharethis.com

msedge.exe

Remote address:

8.8.8.8:53

Request

platform-api.sharethis.com

IN A

Response

platform-api.sharethis.com

IN A

3.160.150.14

platform-api.sharethis.com

IN A

3.160.150.115

platform-api.sharethis.com

IN A

3.160.150.71

platform-api.sharethis.com

IN A

3.160.150.46
DNS

my.jst.ai

msedge.exe

Remote address:

8.8.8.8:53

Request

my.jst.ai

IN A

Response

my.jst.ai

IN CNAME

my.justuno.com

my.justuno.com

IN A

104.17.202.53

my.justuno.com

IN A

104.17.203.53
DNS

platform-cdn.sharethis.com

msedge.exe

Remote address:

8.8.8.8:53

Request

platform-cdn.sharethis.com

IN A

Response

platform-cdn.sharethis.com

IN CNAME

d3oiwf0xhhk8m1.cloudfront.net

d3oiwf0xhhk8m1.cloudfront.net

IN A

143.204.98.56

d3oiwf0xhhk8m1.cloudfront.net

IN A

143.204.98.46

d3oiwf0xhhk8m1.cloudfront.net

IN A

143.204.98.51

d3oiwf0xhhk8m1.cloudfront.net

IN A

143.204.98.72
DNS

cdn.jst.ai

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.jst.ai

IN A

Response

cdn.jst.ai

IN CNAME

cdn.justuno.com

cdn.justuno.com

IN A

104.17.202.53

cdn.justuno.com

IN A

104.17.203.53
DNS

count-server.sharethis.com

msedge.exe

Remote address:

8.8.8.8:53

Request

count-server.sharethis.com

IN A

Response

count-server.sharethis.com

IN A

13.32.121.95

count-server.sharethis.com

IN A

13.32.121.126

count-server.sharethis.com

IN A

13.32.121.81

count-server.sharethis.com

IN A

13.32.121.68
DNS

cdn.jst.ai

msedge.exe

Remote address:

8.8.8.8:53

Request

cdn.jst.ai

IN A

Response

cdn.jst.ai

IN CNAME

cdn.justuno.com

cdn.justuno.com

IN A

104.17.203.53

cdn.justuno.com

IN A

104.17.202.53
DNS

42.27.32.13.in-addr.arpa

msedge.exe

Remote address:

8.8.8.8:53

Request

42.27.32.13.in-addr.arpa

IN PTR

Response

42.27.32.13.in-addr.arpa

IN PTR

server-13-32-27-42fra56r cloudfrontnet
DNS

hemsync.clickagy.com

msedge.exe

Remote address:

8.8.8.8:53

Request

hemsync.clickagy.com

IN A

Response

hemsync.clickagy.com

IN CNAME

hem-sync-prod-lb-7374702.us-east-1.elb.amazonaws.com

hem-sync-prod-lb-7374702.us-east-1.elb.amazonaws.com

IN A

34.231.129.236

hem-sync-prod-lb-7374702.us-east-1.elb.amazonaws.com

IN A

54.237.104.157

hem-sync-prod-lb-7374702.us-east-1.elb.amazonaws.com

IN A

3.223.146.56

hem-sync-prod-lb-7374702.us-east-1.elb.amazonaws.com

IN A

52.22.227.116
DNS

dpm.demdex.net

msedge.exe

Remote address:

8.8.8.8:53

Request

dpm.demdex.net

IN A

Response

dpm.demdex.net

IN CNAME

gslb-2.demdex.net

gslb-2.demdex.net

IN CNAME

edge-irl1.demdex.net

edge-irl1.demdex.net

IN CNAME

dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com

dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com

IN A

52.208.77.120

dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com

IN A

52.49.147.36

dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com

IN A

52.50.105.129

dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com

IN A

52.211.62.76

dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com

IN A

54.76.68.76

dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com

IN A

52.31.24.3

dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com

IN A

54.74.69.97

dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com

IN A

54.229.250.195
DNS

nexusrules.officeapps.live.com

msedge.exe

Remote address:

8.8.8.8:53

Request

nexusrules.officeapps.live.com

IN A

Response

nexusrules.officeapps.live.com

IN CNAME

prod.nexusrules.live.com.akadns.net

prod.nexusrules.live.com.akadns.net

IN A

52.111.227.14
DNS

nexusrules.officeapps.live.com

msedge.exe

Remote address:

8.8.8.8:53

Request

nexusrules.officeapps.live.com

IN A
DNS

ml314.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ml314.com

IN A

Response

ml314.com

IN A

34.117.77.79
DNS

in.ml314.com

msedge.exe

Remote address:

8.8.8.8:53

Request

in.ml314.com

IN A

Response

in.ml314.com

IN A

54.197.224.6

in.ml314.com

IN A

54.225.107.7
DNS

in.ml314.com

msedge.exe

Remote address:

8.8.8.8:53

Request

in.ml314.com

IN A
GET

https://platform-api.sharethis.com/js/sharethis.js

msedge.exe

Remote address:

3.160.150.14:443

Request

GET /js/sharethis.js HTTP/2.0
host: platform-api.sharethis.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript; charset=utf-8
content-encoding: gzip
edge-control: cache-maxage=60m,downstream-ttl=60m
x-frame-options: SAMEORIGIN
cache-control: max-age=600, public
date: Mon, 25 Mar 2024 11:29:13 GMT
etag: W/"336d0-g/6wprihOkYe7HpMswOVDodT6lU"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 21f03f5333352c6494e837ba1b3bb6ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-amz-cf-id: cc-epvPschAI4gC3qxvu06mD0w7_W7rNnpNmoggTniFA8xR6KC-WnA==
age: 185
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://securepubads.g.doubleclick.net/tag/js/gpt.js

msedge.exe

Remote address:

172.217.169.34:443

Request

GET /tag/js/gpt.js HTTP/2.0
host: securepubads.g.doubleclick.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://eco-cdn.iqpc.com/eco/images/channel_content/images/sson_logotzu7er07EQYEzgFkZrelbmnok9gb10SVIHwTy0bh.png

msedge.exe

Remote address:

13.32.27.42:443

Request

GET /eco/images/channel_content/images/sson_logotzu7er07EQYEzgFkZrelbmnok9gb10SVIHwTy0bh.png HTTP/2.0
host: eco-cdn.iqpc.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-length: 15040
x-amz-replication-status: COMPLETED
last-modified: Mon, 11 Mar 2024 09:02:27 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: qWaVQfzQR8vs_HP6MN0ZITQlyfFpOxZ9
accept-ranges: bytes
server: AmazonS3
date: Mon, 25 Mar 2024 07:08:16 GMT
etag: "d550f04d05bc22623494d0a155ba7508"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 8sawaCbdogCDyDinF8uOEgz5fVkMKxszYNfms13hAANaynXEcq_zhw==
age: 15844
GET

https://eco-cdn.iqpc.com/eco/images/channel_content/images/ra_stacked_logo__1__copyZZxxUA6gL7ffjhWbz4QOiSxK77KHGcOZL3RJxmco.jpg

msedge.exe

Remote address:

13.32.27.42:443

Request

GET /eco/images/channel_content/images/ra_stacked_logo__1__copyZZxxUA6gL7ffjhWbz4QOiSxK77KHGcOZL3RJxmco.jpg HTTP/2.0
host: eco-cdn.iqpc.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/jpeg
content-length: 13393
x-amz-replication-status: COMPLETED
last-modified: Sun, 03 Mar 2024 21:14:07 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: gqdu8umedh7.QRKpWh0D9h7VQVuTuSRq
accept-ranges: bytes
server: AmazonS3
date: Sun, 24 Mar 2024 19:09:43 GMT
etag: "b034ea6d6af77abf9bd0e64fd5891aa8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: wdD9ViKgFfFoYfX7XZdJ4vA9N5nAe-sfI8-zD1KHCfwTAl-shatvfA==
age: 58957
GET

https://eco-cdn.iqpc.com/eco/images/channel_content/images/capture_4.webp

msedge.exe

Remote address:

13.32.27.42:443

Request

GET /eco/images/channel_content/images/capture_4.webp HTTP/2.0
host: eco-cdn.iqpc.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/webp
content-length: 12458
x-amz-replication-status: COMPLETED
last-modified: Sun, 03 Mar 2024 06:54:05 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: u.pP4wEJr7wqS51TOLa2ljSY6Ltx25Jb
accept-ranges: bytes
server: AmazonS3
date: Sun, 24 Mar 2024 14:14:32 GMT
etag: "49a9d324de1d47096f71da7ccd0b1882"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: w2-Qbu_kSQpMCaJFzVJ9g6Fk95vvNxrEEeTCbq-wHwqNO6Owa5oY7w==
age: 76667
GET

https://eco-cdn.iqpc.com/eco/images/channel_content/images/rsz_screenshot_2024-03-03_at_74257a______amIc6Q9WWp5s4GCA4BLzvFxRmaopECaXxe72acKa58.webp

msedge.exe

Remote address:

13.32.27.42:443

Request

GET /eco/images/channel_content/images/rsz_screenshot_2024-03-03_at_74257a______amIc6Q9WWp5s4GCA4BLzvFxRmaopECaXxe72acKa58.webp HTTP/2.0
host: eco-cdn.iqpc.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/webp
content-length: 32136
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Nov 2022 12:18:57 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: VFteBa4xXVIpK6jd0oaDsCNLObXM4Oy9
accept-ranges: bytes
server: AmazonS3
date: Sun, 24 Mar 2024 17:15:11 GMT
etag: "3fad9741d9652dc8cdaa52882eeef3ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: AD4WTOtp7ufXbqAVZDrpD_QW2gexFjjec1X7IK4ICkCDS1qnUaUlRQ==
age: 65829
GET

https://eco-cdn.iqpc.com/eco/images/channel_content/images/future_finance_3502502.webp

msedge.exe

Remote address:

13.32.27.42:443

Request

GET /eco/images/channel_content/images/future_finance_3502502.webp HTTP/2.0
host: eco-cdn.iqpc.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/webp
content-length: 19244
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Nov 2022 12:18:57 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Egeg8rdDRtbBb5_Rgl35hhHTKlF0mze8
accept-ranges: bytes
server: AmazonS3
date: Sun, 24 Mar 2024 19:09:43 GMT
etag: "868e2397e1d3fcc23d2152300a7a665a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: LWkh0Kt6mJE9dUxCm7brmMajxiqw-VV8qO6ZjX4lS63YteSj4pngSQ==
age: 58957
GET

https://eco-cdn.iqpc.com/eco/images/channel_content/images/future_finance350250.webp

msedge.exe

Remote address:

13.32.27.42:443

Request

GET /eco/images/channel_content/images/future_finance350250.webp HTTP/2.0
host: eco-cdn.iqpc.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-length: 21589
x-amz-replication-status: COMPLETED
last-modified: Sun, 11 Feb 2018 20:38:45 GMT
x-amz-version-id: BD3SMJhGPWfYuk2HXS8Php32oWTkMl2C
accept-ranges: bytes
server: AmazonS3
date: Mon, 25 Mar 2024 11:32:19 GMT
cache-control: max-age=180
etag: "005af36ec3238358b514b9a4e8e981ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 0mdPy5YdyXT8gn5HLRsOahkH3patxH0NxVLjtf-z2-hax4Z997jBHg==
age: 30
GET

https://eco-cdn.iqpc.com/gmedia/_5PteCblackline_logo.png

msedge.exe

Remote address:

13.32.27.42:443

Request

GET /gmedia/_5PteCblackline_logo.png HTTP/2.0
host: eco-cdn.iqpc.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/webp
content-length: 39092
x-amz-replication-status: COMPLETED
last-modified: Fri, 18 Nov 2022 22:43:40 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: EmlmSiNLzmzowd0hR7Nzm0IFnDoIEtmz
accept-ranges: bytes
server: AmazonS3
date: Sun, 24 Mar 2024 17:15:11 GMT
etag: "45bc8559ca1c73c1d1c5ac4e0fd9f31d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: rEzcIfRBqgm15njiLC_K_FuT8l_8pYJi3xRVRD5Lfg9napqtsZRm0w==
age: 65829
GET

https://eco-cdn.iqpc.com/eco/images/channel_content/images/blackline_quartnerly.webp

msedge.exe

Remote address:

13.32.27.42:443

Request

GET /eco/images/channel_content/images/blackline_quartnerly.webp HTTP/2.0
host: eco-cdn.iqpc.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/webp
content-length: 17456
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Oct 2022 22:23:48 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: cTxDigC7f5BR2yM5xMtTrfSoux8JXCK0
accept-ranges: bytes
server: AmazonS3
date: Sun, 24 Mar 2024 17:15:11 GMT
etag: "e13e1c953c46980ac75fd0b2f583c66d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -ALCMwrL1xsFS-Bt9tAzBqu8wdQoC6DwGqUuWxvhXZ5S8TPsNQ4uVQ==
age: 65829
GET

https://eco-cdn.iqpc.com/eco/images/channel_content/images/hr_news_beat_pay_taboo_accounting-blur-budget.webp

msedge.exe

Remote address:

13.32.27.42:443

Request

GET /eco/images/channel_content/images/hr_news_beat_pay_taboo_accounting-blur-budget.webp HTTP/2.0
host: eco-cdn.iqpc.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/webp
content-length: 27724
x-amz-replication-status: COMPLETED
last-modified: Thu, 06 Oct 2022 02:00:05 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: CO176q3n0QvwSpt.edll.HlWBh.y8DFa
accept-ranges: bytes
server: AmazonS3
date: Sun, 24 Mar 2024 17:15:11 GMT
etag: "ec67f7e827c9171ea1b032f289a5ac4c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: M53JbtkAlJyHL81u1e-Og_chnRMCj7bDsjBKqY9_Ii6_fVGavcNuSw==
age: 65829
GET

https://eco-cdn.iqpc.com/eco/images/channel_content/images/business_change.webp

msedge.exe

Remote address:

13.32.27.42:443

Request

GET /eco/images/channel_content/images/business_change.webp HTTP/2.0
host: eco-cdn.iqpc.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/webp
content-length: 56018
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Nov 2022 12:18:57 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 0eX9Xl4WCFUVSAVAylLpqJZbzM3dcv21
accept-ranges: bytes
server: AmazonS3
date: Sun, 24 Mar 2024 17:15:11 GMT
etag: "90728234ff0aadaf1c330bc4a1c13463"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: MlD2NJtFHIAFRhMtY79sTrZwmIk35O9rmkpBdGzT46xkyUtwd8fAFQ==
age: 65829
GET

https://eco-cdn.iqpc.com/eco/images/channel_content/images/clock.webp

msedge.exe

Remote address:

13.32.27.42:443

Request

GET /eco/images/channel_content/images/clock.webp HTTP/2.0
host: eco-cdn.iqpc.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/webp
content-length: 108624
x-amz-replication-status: COMPLETED
last-modified: Thu, 06 Oct 2022 12:47:13 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: LMEn2jNdQO5LsnRLTvVwh82YIVD.pxfv
accept-ranges: bytes
server: AmazonS3
date: Sun, 24 Mar 2024 17:15:11 GMT
etag: "f9ac1da8ffc6f50d7d8928cfda06cfaa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IXR6JvgFmhTtAEmOKGIrBZPxfTvnFYD2lFloGzbg8ZrdWwHSpN0hQg==
age: 65829
GET

https://eco-cdn.iqpc.com/site/1503688666.ico

msedge.exe

Remote address:

13.32.27.42:443

Request

GET /site/1503688666.ico HTTP/2.0
host: eco-cdn.iqpc.com
pragma: no-cache
cache-control: no-cache
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/vnd.microsoft.icon
content-length: 1776
x-amz-replication-status: COMPLETED
last-modified: Fri, 25 Aug 2017 19:19:19 GMT
x-amz-version-id: E.VBy3Ti9F6rgMZfofOtvlErioGjjKcw
accept-ranges: bytes
server: AmazonS3
date: Mon, 25 Mar 2024 07:23:50 GMT
etag: "5e7d9a71dee11bd91b93f4712e071454"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: lEHS51dzVrVvv5rOKsNGZVmhJCIuaYacJ-NoRgUAPZN5lb1h5-a3sg==
age: 18167
GET

https://cdn.jst.ai/vck.js

msedge.exe

Remote address:

104.17.202.53:443

Request

GET /vck.js HTTP/2.0
host: cdn.jst.ai
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:18 GMT
content-type: application/javascript
access-control-max-age: 3000
cache-control: public, max-age=700000
cf-bgj: minify
cf-polished: origSize=3382
etag: W/"de9d3c64cb6a7e9481dbb15b803f850d"
last-modified: Wed, 06 Sep 2023 15:44:12 GMT
vary: Accept-Encoding
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-77-age: 1208186
x-77-cache: HIT
x-77-nzt: EgwBWbunAQHXoYQJAAwBuUwKAQH32eoIAA
x-77-nzt-ray: 9a26d7265ef11adbfea2f86523109304
x-77-pop: londonGB
x-accel-date: 1710169693
x-age: 623777
x-age-lb: 584409
x-cache: HIT
x-cache-lb: HIT
x-amz-id-2: Qp9aXQby8yIFGk3RxAH3d/YucmFD4okRDwOJEv89gX2p9R2s4i6R2Ddyptew5RRW77R7Xn97ZsM=
x-amz-request-id: 3KF3D0T8T83WYD75
x-amz-server-side-encryption: AES256
x-amz-version-id: CnszTNSxnkFOjv9OpzBFbt7XWANcLgkT
cf-cache-status: HIT
age: 572868
expires: Tue, 02 Apr 2024 13:58:58 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cloudflare
cf-ray: 869e945fdaaa942d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://cdn.jst.ai/mwgt_4.1.js?v=6.04

msedge.exe

Remote address:

104.17.202.53:443

Request

GET /mwgt_4.1.js?v=6.04 HTTP/2.0
host: cdn.jst.ai
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:18 GMT
content-type: application/javascript
cache-control: public, max-age=700000
cf-bgj: minify
cf-polished: origSize=283709
etag: W/"14f60b85831f11a379e93a5d93be18fe"
last-modified: Wed, 17 Jan 2024 00:18:25 GMT
vary: Accept-Encoding
x-77-age: 758753
x-77-cache: HIT
x-77-nzt: EwwBWbunAQHXH5QGAAwBuUwKEwH3G9EBAAwBisclxAH3py4DAA
x-77-nzt-ray: 9a26d726c3de43929176f8658a3dd908
x-77-pop: londonGB
x-accel-date: 1710350962
x-age: 431135
x-cache: HIT
x-amz-id-2: WyhGnt3EdJBYsBTYi5+hxaRD7MbGeNmxKOf/dSrsE5CYIe3sGgZ5yzFw0BCtKe0AN2A+hhgYNns=
x-amz-request-id: MKYM22AQ7JT2EHX5
x-amz-server-side-encryption: AES256
x-amz-version-id: C4vLw_csO2AiZVjSleP_0651w1kE3XOc
cf-cache-status: HIT
age: 584241
expires: Tue, 02 Apr 2024 13:58:58 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cloudflare
cf-ray: 869e94625e6d942d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://cdn.jst.ai/jquery-3.3.1.min.js

msedge.exe

Remote address:

104.17.202.53:443

Request

GET /jquery-3.3.1.min.js HTTP/2.0
host: cdn.jst.ai
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:19 GMT
content-type: application/javascript
vary: Accept-Encoding
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-id-2: QkQDfc/c+BxeEV7Mb9T71izlaxjj27d6rckZ0CWChj+oHRgBIzetmsTprvfIwk4nuDE06PRh+ZA=
x-amz-request-id: E0AH8K1JFTA56BAK
access-control-max-age: 3000
last-modified: Tue, 14 May 2019 18:11:41 GMT
etag: W/"378087a64e1394fc51f300bb9c11878c"
cache-control: public, max-age=700000
x-amz-version-id: WVSarkncFMGMbDTFtItJEyauJ_gI3R_b
x-77-nzt: EwwBw7WkDQHXGOACAAwBuUwKDAH343EJAAwBJRPCMQH3KFAGAA
x-77-nzt-ray: d09eba0f8a1e1144b3f9fc653a4fe609
x-accel-date: 1710889371
x-77-cache: HIT
x-77-age: 1221155
x-cache: HIT
x-age: 188440
x-77-pop: londonGB
cf-cache-status: HIT
age: 288528
expires: Tue, 02 Apr 2024 13:58:59 GMT
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cloudflare
cf-ray: 869e94630f6f942d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://cdn.jst.ai/store_4.1.html?v=6.04

msedge.exe

Remote address:

104.17.202.53:443

Request

GET /store_4.1.html?v=6.04 HTTP/2.0
host: cdn.jst.ai
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:19 GMT
content-type: text/html
vary: Accept-Encoding
x-amz-id-2: W47MYYm/Oqhgea3DBxqfTbsRu+36dMHA3d8SrLcSX0dxdj5Yu2pXBMaspxSXQi2H/NgVImCPFXQ=
x-amz-request-id: BW3QRDX8XRWHEQC7
last-modified: Tue, 31 Mar 2020 15:31:26 GMT
cache-control: max-age=700000
x-amz-version-id: n8._QaxL6VauG4hu9U02QXwqY3LVnM24
x-77-nzt: EwwBWbunAQH39s8EAAwBuUwKCQH3DgAAAAgBisclwQGB
x-77-nzt-ray: 9a26d7268008a8f6c3600166625b8909
x-77-cache: HIT
x-accel-date: 1711050957
x-cache-lb: HIT
x-age-lb: 14
x-77-age: 315396
x-cache: HIT
x-age: 315382
x-77-pop: londonGB
cf-cache-status: DYNAMIC
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cloudflare
cf-ray: 869e9463a83a942d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

msedge.exe

Remote address:

104.18.32.137:443

Request

GET /scripttemplates/otSDKStub.js HTTP/2.0
host: cdn-ukwest.onetrust.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:18 GMT
content-type: application/javascript
content-length: 6842
content-encoding: gzip
content-md5: /RTAD1TAPuPWblD15GN1pg==
last-modified: Wed, 13 Mar 2024 22:17:20 GMT
etag: 0x8DC43AB59EB7B5F
x-ms-request-id: 380ca892-101e-0039-459d-7b643f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 75116
expires: Tue, 26 Mar 2024 11:32:18 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 869e9460a8fe6325-LHR
GET

https://cdn-ukwest.onetrust.com/scripttemplates/6.35.0/otBannerSdk.js

msedge.exe

Remote address:

104.18.32.137:443

Request

GET /scripttemplates/6.35.0/otBannerSdk.js HTTP/2.0
host: cdn-ukwest.onetrust.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:20 GMT
content-type: application/javascript
content-length: 87115
content-encoding: gzip
content-md5: bDp57sS049dDkRqCL4m53Q==
last-modified: Tue, 10 May 2022 17:23:29 GMT
etag: 0x8DA32A9CCA800B5
x-ms-request-id: cc2ada54-d01e-0042-3a9d-7b0f8f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 75118
expires: Tue, 26 Mar 2024 11:32:20 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 869e946b48116325-LHR
GET

https://cdn-ukwest.onetrust.com/logos/static/powered_by_logo.svg

msedge.exe

Remote address:

104.18.32.137:443

Request

GET /logos/static/powered_by_logo.svg HTTP/2.0
host: cdn-ukwest.onetrust.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:20 GMT
content-type: image/svg+xml
content-md5: Y+c301RBZNK39PvKQWrIBw==
last-modified: Wed, 13 Mar 2024 22:17:23 GMT
x-ms-request-id: 787b8dad-801e-0037-769d-7b8834000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 75118
expires: Tue, 26 Mar 2024 11:32:20 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 869e946e1bfd6325-LHR
content-encoding: gzip
GET

https://ml314.com/tag.aspx?2522024

msedge.exe

Remote address:

34.117.77.79:443

Request

GET /tag.aspx?2522024 HTTP/2.0
host: ml314.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=82660&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&pv=1711366338370_5qsvf413l&bl=en-us&cb=2184704&return=&ht=&d=&dc=&si=1711366338370_5qsvf413l&cid=SSON-%2Ffinance-accounting%2Freports%2Fintercompany&s=1280x720&rp=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&v=2.7.1.157

msedge.exe

Remote address:

34.117.77.79:443

Request

GET /utsync.ashx?pub=&adv=&et=0&eid=82660&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&pv=1711366338370_5qsvf413l&bl=en-us&cb=2184704&return=&ht=&d=&dc=&si=1711366338370_5qsvf413l&cid=SSON-%2Ffinance-accounting%2Freports%2Fintercompany&s=1280x720&rp=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&v=2.7.1.157 HTTP/2.0
host: ml314.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ws.zoominfo.com/pixel/62c2c51eae2f00008f208515

msedge.exe

Remote address:

104.16.136.15:443

Request

GET /pixel/62c2c51eae2f00008f208515 HTTP/2.0
host: ws.zoominfo.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/finance-accounting/reports/intercompany?registerModal=true&elqTra
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:20 GMT
content-type: text/javascript
vary: Accept-Encoding
x-powered-by: Express
x-content-type-options: nosniff
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-credentials: true
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
set-cookie: visitorId=1524ae2fd687bcd8cb4dd2a36ddd6501afe2f5c7f94688d98e3fab4492e3dafd; Max-Age=31536000; Domain=ws.zoominfo.com; Path=/; Expires=Tue, 25 Mar 2025 11:32:20 GMT; Secure; SameSite=None
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=rO9ScQ3zB8kkgalWusyRm8WJrqCPOjjAnwb3XjpdaRE-1711366340-1.0.1.1-Nt1AGc0muGKX5CNecDx292SUJwTIGYqYDELlmgLTZdv8QpeJbJjIoYqQcBm3gLROwToKnihqCjCtgi.6xSplrA; path=/; expires=Mon, 25-Mar-24 12:02:20 GMT; domain=.zoominfo.com; HttpOnly; Secure; SameSite=None
set-cookie: _cfuvid=bNb8h3WefY4nNIPgz48SV_ctWY8o44l.H_n98wlI2sE-1711366340267-0.0.1.1-604800000; path=/; domain=.zoominfo.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 869e94685f6e9472-LHR
alt-svc: h3=":443"; ma=86400
GET

https://my.jst.ai/ajax/account_version_check.html?id=6D01137F-4A75-44AE-93C6-77CD97FFB703

msedge.exe

Remote address:

104.17.202.53:443

Request

GET /ajax/account_version_check.html?id=6D01137F-4A75-44AE-93C6-77CD97FFB703 HTTP/2.0
host: my.jst.ai
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:18 GMT
content-type: application/json
content-length: 36
cache-control: public, max-age=30
last-modified: Mon, 25 Mar 2024 04:29:29 PST
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIa CONa OUR BUS DSP NON COR"
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: X-CSRFToken, x-csrf-token, x-rover-source, X-Requested-With, origin, content-type, accept
cf-cache-status: HIT
age: 169
expires: Mon, 25 Mar 2024 11:32:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 869e9461c88a4595-LHR
alt-svc: h3=":443"; ma=86400
GET

https://my.jst.ai/ajax/account_config_4.1.html?callback=jsonCallback&m=0&id=6D01137F-4A75-44AE-93C6-77CD97FFB703&p=0&cm=0&pl=

msedge.exe

Remote address:

104.17.202.53:443

Request

GET /ajax/account_config_4.1.html?callback=jsonCallback&m=0&id=6D01137F-4A75-44AE-93C6-77CD97FFB703&p=0&cm=0&pl= HTTP/2.0
host: my.jst.ai
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:20 GMT
content-type: application/json; Charset=UTF-8
cache-control: no-store,private
expires: Mon, 25 Mar 2024 11:16:23 GMT
last-modified: Mon, 25 Mar 2024 04:16:23 PST
p3p: CP="CURa ADMa DEVa TAIa CONa OUR BUS DSP NON COR"
referrer-policy: no-referrer-when-downgrade
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: X-CSRFToken, x-csrf-token, x-rover-source, X-Requested-With, origin, content-type, accept
cf-cache-status: HIT
age: 957
vary: Accept-Encoding
server: cloudflare
cf-ray: 869e946acbea4595-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://cdn-ukwest.onetrust.com/consent/58577b4c-caea-4790-b630-7585b63b3819/58577b4c-caea-4790-b630-7585b63b3819.json

msedge.exe

Remote address:

104.18.32.137:443

Request

GET /consent/58577b4c-caea-4790-b630-7585b63b3819/58577b4c-caea-4790-b630-7585b63b3819.json HTTP/2.0
host: cdn-ukwest.onetrust.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.ssonetwork.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:18 GMT
content-type: application/x-javascript
content-length: 1771
cf-ray: 869e9461ca71888b-LHR
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 74168
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC442E3F11472C
last-modified: Thu, 14 Mar 2024 13:54:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: R1ZrhSmr1+YfizFeLzqTqQ==
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 1a3295ae-d01e-002f-6fd4-7aa5a1000000
x-ms-version: 2009-09-19
server: cloudflare
GET

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

msedge.exe

Remote address:

104.18.32.137:443

Request

GET /cookieconsentpub/v1/geo/location HTTP/2.0
host: geolocation.onetrust.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
accept: application/json
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
origin: https://www.ssonetwork.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:20 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 869e946acfb6888b-LHR
content-encoding: gzip
GET

https://cdn-ukwest.onetrust.com/consent/58577b4c-caea-4790-b630-7585b63b3819/018e375c-81bd-724c-8f67-d5bc6f2c25a5/en.json

msedge.exe

Remote address:

104.18.32.137:443

Request

GET /consent/58577b4c-caea-4790-b630-7585b63b3819/018e375c-81bd-724c-8f67-d5bc6f2c25a5/en.json HTTP/2.0
host: cdn-ukwest.onetrust.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.ssonetwork.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:20 GMT
content-type: application/x-javascript
content-length: 17059
cf-ray: 869e946c3950888b-LHR
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 18168
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC442E3FB20D91
last-modified: Thu, 14 Mar 2024 13:54:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: uZW/ToV1+Cus07yvhPpnEg==
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 724395c6-301e-0088-491b-7cb2fa000000
x-ms-version: 2009-09-19
server: cloudflare
GET

https://cdn-ukwest.onetrust.com/scripttemplates/6.35.0/assets/otFloatingRounded.json

msedge.exe

Remote address:

104.18.32.137:443

Request

GET /scripttemplates/6.35.0/assets/otFloatingRounded.json HTTP/2.0
host: cdn-ukwest.onetrust.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.ssonetwork.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:20 GMT
content-type: application/json
content-length: 2586
content-encoding: gzip
content-md5: j6viHgnXyaWelfgyNmzafQ==
last-modified: Tue, 10 May 2022 17:23:15 GMT
etag: 0x8DA32A9C4CB4374
x-ms-request-id: 47213a83-401e-0008-69d4-7a3fe8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 73927
expires: Tue, 26 Mar 2024 11:32:20 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 869e946d5a93888b-LHR
GET

https://cdn-ukwest.onetrust.com/scripttemplates/6.35.0/assets/v2/otPcPanel.json

msedge.exe

Remote address:

104.18.32.137:443

Request

GET /scripttemplates/6.35.0/assets/v2/otPcPanel.json HTTP/2.0
host: cdn-ukwest.onetrust.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.ssonetwork.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:20 GMT
content-type: application/json
content-length: 13040
content-encoding: gzip
content-md5: kkbLc8AdOxCxBnqLTnAQpg==
last-modified: Tue, 10 May 2022 17:23:18 GMT
etag: 0x8DA32A9C6850385
x-ms-request-id: 77901634-a01e-0020-5ed4-7a4857000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 73927
expires: Tue, 26 Mar 2024 11:32:20 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 869e946d5a95888b-LHR
GET

https://cdn-ukwest.onetrust.com/scripttemplates/6.35.0/assets/otCommonStyles.css

msedge.exe

Remote address:

104.18.32.137:443

Request

GET /scripttemplates/6.35.0/assets/otCommonStyles.css HTTP/2.0
host: cdn-ukwest.onetrust.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.ssonetwork.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:20 GMT
content-type: text/css
content-md5: /wtHD+oYY7dZRzCx50GZrQ==
last-modified: Tue, 10 May 2022 17:23:41 GMT
x-ms-request-id: fddec4a2-601e-0036-56d4-7a89c9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 74169
expires: Tue, 26 Mar 2024 11:32:20 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 869e946d5a97888b-LHR
content-encoding: gzip
GET

https://buttons-config.sharethis.com/js/64ad620a9c5ef400190228dc.js

msedge.exe

Remote address:

65.9.66.121:443

Request

GET /js/64ad620a9c5ef400190228dc.js HTTP/2.0
host: buttons-config.sharethis.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript
content-length: 548
last-modified: Tue, 11 Jul 2023 14:08:14 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 25 Mar 2024 11:32:18 GMT
cache-control: public, max-age=60
etag: "277d19221bf28c5fdd7553caabb90a97"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: eNPVV63SIdG9GaFdZsDSjl0bC3LkbQAp9IZo_sq_-PkLrhgau-9mOQ==
age: 28
strict-transport-security: max-age=31536000; includeSubDomains
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

msedge.exe

Remote address:

96.17.179.184:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Referrer-Policy: same-origin
Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
ETag: "37d-6079b8c0929c0"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Mon, 25 Mar 2024 12:32:19 GMT
Date: Mon, 25 Mar 2024 11:32:19 GMT
Connection: keep-alive
GET

https://use.fontawesome.com/releases/v6.4.2/css/all.css

msedge.exe

Remote address:

172.64.206.38:443

Request

GET /releases/v6.4.2/css/all.css HTTP/2.0
host: use.fontawesome.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:19 GMT
content-type: text/css
etag: W/"5222e06b77a1692fa2520a219840e6be"
last-modified: Fri, 22 Sep 2023 01:46:33 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 223753
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1SbOoL68T1UqiAk3n7MN1Mr1uXc8HAPkx7Ay4vA9n9qGq9sCVknzim33GIsN%2FmdR7Vr86pEKG64yQrUBD8oEtjPtwPBTuNthq8xzKc9WqtXcjfc7nXSQJjRjLz%2BZLe9usMpsea7r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 869e94636820769b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
DNS

232.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

232.179.250.142.in-addr.arpa

IN PTR

Response

232.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f81e100net
DNS

38.206.64.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

38.206.64.172.in-addr.arpa

IN PTR

Response
DNS

aorta.clickagy.com

Remote address:

8.8.8.8:53

Request

aorta.clickagy.com

IN A

Response

aorta.clickagy.com

IN A

54.175.45.20

aorta.clickagy.com

IN A

18.209.135.119

aorta.clickagy.com

IN A

44.213.220.50

aorta.clickagy.com

IN A

35.170.115.58
DNS

236.129.231.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

236.129.231.34.in-addr.arpa

IN PTR

Response

236.129.231.34.in-addr.arpa

IN PTR

ec2-34-231-129-236 compute-1 amazonawscom
DNS

193.212.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

193.212.58.216.in-addr.arpa

IN PTR

Response

193.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f1931e100net

193.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f1�J

193.212.58.216.in-addr.arpa

IN PTR

lhr25s27-in-f1�J
DNS

53.202.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

53.202.17.104.in-addr.arpa

IN PTR

Response
DNS

137.32.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

137.32.18.104.in-addr.arpa

IN PTR

Response
DNS

95.121.32.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.121.32.13.in-addr.arpa

IN PTR

Response

95.121.32.13.in-addr.arpa

IN PTR

server-13-32-121-95fra60r cloudfrontnet
DNS

aly.jst.ai

Remote address:

8.8.8.8:53

Request

aly.jst.ai

IN A

Response

aly.jst.ai

IN CNAME

analytics.justuno.com

analytics.justuno.com

IN A

104.17.203.53

analytics.justuno.com

IN A

104.17.202.53
DNS

3.213.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.213.58.216.in-addr.arpa

IN PTR

Response

3.213.58.216.in-addr.arpa

IN PTR

lhr25s25-in-f31e100net

3.213.58.216.in-addr.arpa

IN PTR

ber01s14-in-f3�F
DNS

tpc.googlesyndication.com

Remote address:

8.8.8.8:53

Request

tpc.googlesyndication.com

IN A

Response

tpc.googlesyndication.com

IN A

216.58.212.193
DNS

79.77.117.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

79.77.117.34.in-addr.arpa

IN PTR

Response

79.77.117.34.in-addr.arpa

IN PTR

797711734bcgoogleusercontentcom
DNS

157.173.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

157.173.251.142.in-addr.arpa

IN PTR

Response

157.173.251.142.in-addr.arpa

IN PTR

wi-in-f1571e100net
DNS

tags.clickagy.com

Remote address:

8.8.8.8:53

Request

tags.clickagy.com

IN A

Response

tags.clickagy.com

IN CNAME

d3i9xyriglxn0r.cloudfront.net

d3i9xyriglxn0r.cloudfront.net

IN A

13.32.27.64

d3i9xyriglxn0r.cloudfront.net

IN A

13.32.27.94

d3i9xyriglxn0r.cloudfront.net

IN A

13.32.27.121

d3i9xyriglxn0r.cloudfront.net

IN A

13.32.27.108
DNS

101.103.172.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

101.103.172.18.in-addr.arpa

IN PTR

Response

101.103.172.18.in-addr.arpa

IN PTR

server-18-172-103-101fra60r cloudfrontnet
DNS

tpc.googlesyndication.com

Remote address:

8.8.8.8:53

Request

tpc.googlesyndication.com

IN A

Response

tpc.googlesyndication.com

IN A

216.58.212.193
DNS

14.150.160.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.150.160.3.in-addr.arpa

IN PTR

Response

14.150.160.3.in-addr.arpa

IN PTR

server-3-160-150-14fra60r cloudfrontnet
DNS

56.98.204.143.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.98.204.143.in-addr.arpa

IN PTR

Response

56.98.204.143.in-addr.arpa

IN PTR

server-143-204-98-56fra50r cloudfrontnet
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.178.4
DNS

pagead2.googlesyndication.com

Remote address:

8.8.8.8:53

Request

pagead2.googlesyndication.com

IN A

Response

pagead2.googlesyndication.com

IN A

216.58.204.66
DNS

14.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.227.111.52.in-addr.arpa

IN PTR

Response
DNS

15.136.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.136.16.104.in-addr.arpa

IN PTR

Response
DNS

34.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

34.169.217.172.in-addr.arpa

IN PTR

Response

34.169.217.172.in-addr.arpa

IN PTR

lhr48s08-in-f21e100net
DNS

c32f36c4036827ffc24b274f1fb3bedf.safeframe.googlesyndication.com

Remote address:

8.8.8.8:53

Request

c32f36c4036827ffc24b274f1fb3bedf.safeframe.googlesyndication.com

IN A

Response

c32f36c4036827ffc24b274f1fb3bedf.safeframe.googlesyndication.com

IN CNAME

pagead-googlehosted.l.google.com

pagead-googlehosted.l.google.com

IN A

216.58.204.65
DNS

65.204.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

65.204.58.216.in-addr.arpa

IN PTR

Response

65.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f11e100net

65.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f65�G

65.204.58.216.in-addr.arpa

IN PTR

lhr48s49-in-f1�G
DNS

20.45.175.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

20.45.175.54.in-addr.arpa

IN PTR

Response

20.45.175.54.in-addr.arpa

IN PTR

ec2-54-175-45-20 compute-1 amazonawscom
DNS

69.85.171.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

69.85.171.54.in-addr.arpa

IN PTR

Response

69.85.171.54.in-addr.arpa

IN PTR

ec2-54-171-85-69 eu-west-1compute amazonawscom
DNS

121.66.9.65.in-addr.arpa

Remote address:

8.8.8.8:53

Request

121.66.9.65.in-addr.arpa

IN PTR

Response

121.66.9.65.in-addr.arpa

IN PTR

server-65-9-66-121fra56r cloudfrontnet
DNS

181.38.239.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

181.38.239.216.in-addr.arpa

IN PTR

Response
DNS

www.gstatic.com

Remote address:

8.8.8.8:53

Request

www.gstatic.com

IN A

Response

www.gstatic.com

IN A

216.58.213.3
DNS

64.27.32.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

64.27.32.13.in-addr.arpa

IN PTR

Response

64.27.32.13.in-addr.arpa

IN PTR

server-13-32-27-64fra56r cloudfrontnet
DNS

66.204.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

66.204.58.216.in-addr.arpa

IN PTR

Response

66.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f661e100net

66.204.58.216.in-addr.arpa

IN PTR

lhr48s49-in-f2�H

66.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f2�H
GET

https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra

msedge.exe

Remote address:

13.32.121.95:443

Request

GET /v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra HTTP/2.0
host: count-server.sharethis.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript
content-length: 229
date: Mon, 25 Mar 2024 11:32:19 GMT
cache-control: public, max-age=60
etag: f441f757f5d1f303fe53d0e753192af9
apigw-requestid: VLwOji6uIAMEP9w=
x-cache: Miss from cloudfront
via: 1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: N-AegtxVlJ9T5Jcz2MQ1_ol7MD1PtjPEQpfxRdrWARGlQG2MI1kG_g==
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://platform-cdn.sharethis.com/img/facebook.svg

msedge.exe

Remote address:

143.204.98.56:443

Request

GET /img/facebook.svg HTTP/2.0
host: platform-cdn.sharethis.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/svg+xml
content-length: 301
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Tue, 05 Mar 2024 04:47:02 GMT
cache-control: public, max-age=2592000
etag: "c6e9be45643e197ce1db1d7e24a99adc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: BzMV2EuB_yeV2ESc60eYDsLbwcg-b2apahdg4qzDybNVJGF3HN5p1A==
age: 1752318
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://platform-cdn.sharethis.com/img/twitter.svg

msedge.exe

Remote address:

143.204.98.56:443

Request

GET /img/twitter.svg HTTP/2.0
host: platform-cdn.sharethis.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/svg+xml
content-length: 368
last-modified: Fri, 15 Sep 2023 16:58:49 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 25 Mar 2024 11:27:23 GMT
etag: "2deb3d5121d475d195577a70b0a91a0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 680SPVa32T9VLnaTO0Lbs2OjQJFdri5FroTDDfcJppPWy1LSOqxfZA==
age: 300
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://platform-cdn.sharethis.com/img/email.svg

msedge.exe

Remote address:

143.204.98.56:443

Request

GET /img/email.svg HTTP/2.0
host: platform-cdn.sharethis.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/svg+xml
content-length: 343
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 07 Mar 2024 09:29:40 GMT
cache-control: public, max-age=2592000
etag: "5977437466e857c7ddcadda6f6d88c2a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: vJFAvDS9bhPWDTZ2A7jkB8KrssDSjp5N4akGrAeWDMbeOU_RKTp6ug==
age: 1562560
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://platform-cdn.sharethis.com/img/linkedin.svg

msedge.exe

Remote address:

143.204.98.56:443

Request

GET /img/linkedin.svg HTTP/2.0
host: platform-cdn.sharethis.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/svg+xml
content-length: 456
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 16 Mar 2024 09:21:03 GMT
cache-control: public, max-age=2592000
etag: "fa43b4ede18498b114fc7185993f6da7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 5V9eWRwket2HumNhiZeG7PkHAQezO1XoBefpQhQPeF9KvKDZJAKNSw==
age: 785477
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://platform-cdn.sharethis.com/img/sharethis.svg

msedge.exe

Remote address:

143.204.98.56:443

Request

GET /img/sharethis.svg HTTP/2.0
host: platform-cdn.sharethis.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/svg+xml
content-length: 514
date: Thu, 29 Feb 2024 03:36:45 GMT
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
etag: "deecdaa377907db5cc1722fc831670a1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: WZN6kaUF1NVFcMfvEY78D-LkFFGoJ0KGFSWJkrSglHwHcegc8c7RJg==
age: 2188535
strict-transport-security: max-age=31536000; includeSubDomains
GET

https://use.fontawesome.com/releases/v6.4.2/webfonts/fa-solid-900.woff2

msedge.exe

Remote address:

172.64.206.38:443

Request

GET /releases/v6.4.2/webfonts/fa-solid-900.woff2 HTTP/2.0
host: use.fontawesome.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://www.ssonetwork.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://use.fontawesome.com/releases/v6.4.2/css/all.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:19 GMT
content-type: font/woff2
content-length: 150020
access-control-allow-origin: *
etag: "d5e647388e2415268b700d3df2e30a0d"
last-modified: Fri, 22 Sep 2023 01:46:37 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 218927
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iUderEGZ9MGaNLwWD0KSXf6B9YWl1JA36G63IdHoGX9d2QDwLRLo4bfCEB%2BPEkAHAy6rwQQa0%2FZLvRARB9T0EUTyziA4xUHjFCycytZXJ28leOLz2hSLZ%2FFNKuZwfqQiSRwn68cR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 869e94653bfdd184-LHR
alt-svc: h3=":443"; ma=86400
GET

https://use.fontawesome.com/releases/v6.4.2/webfonts/fa-brands-400.woff2

msedge.exe

Remote address:

172.64.206.38:443

Request

GET /releases/v6.4.2/webfonts/fa-brands-400.woff2 HTTP/2.0
host: use.fontawesome.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
origin: https://www.ssonetwork.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://use.fontawesome.com/releases/v6.4.2/css/all.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:19 GMT
content-type: font/woff2
content-length: 109808
access-control-allow-origin: *
etag: "005c9aa92b564b73b7582cc4f1fa49cb"
last-modified: Fri, 22 Sep 2023 01:46:37 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 82038
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TW2fW92cwDoKd0yYYBtmym%2BXWSsYXDIzJcI2AbPPh1ailk7cgbFhPYPcAzMlWEivhEMfcwFlz0DwOAtlKSVd%2FxeCo%2FcOZkfEK738VSxImjCoPvpI1KmBU8IhUWvb7VsJU4UI8%2F2P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 869e94653c00d184-LHR
alt-svc: h3=":443"; ma=86400
POST

https://analytics.google.com/g/collect?v=2&tid=G-4ECW8CEQJX&gtm=45je43k0v868584830z8893384477za200&_p=1711366336478&_gaz=1&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&cid=2037664641.1711366339&ul=en-us&sr=1280x720&ir=1&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1711366338&sct=1&seg=0&dl=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&dr=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&dt=The%20Hidden%20Costs%20of%20Intercompany%20Inefficiency&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_event_name=finance-accounting&ep.event_portal=www.ssonetwork.com&ep.event_event_code=22719.001&ep.event_event_office=Shared%20Services&up.user_portal=www.ssonetwork.com&up.user_event_name=finance-accounting&up.user_event_code=22719.001&up.user_event_office=Shared%20Services&tfd=3444

msedge.exe

Remote address:

216.239.38.181:443

Request

POST /g/collect?v=2&tid=G-4ECW8CEQJX&gtm=45je43k0v868584830z8893384477za200&_p=1711366336478&_gaz=1&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&cid=2037664641.1711366339&ul=en-us&sr=1280x720&ir=1&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1711366338&sct=1&seg=0&dl=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&dr=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&dt=The%20Hidden%20Costs%20of%20Intercompany%20Inefficiency&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_event_name=finance-accounting&ep.event_portal=www.ssonetwork.com&ep.event_event_code=22719.001&ep.event_event_office=Shared%20Services&up.user_portal=www.ssonetwork.com&up.user_event_name=finance-accounting&up.user_event_code=22719.001&up.user_event_office=Shared%20Services&tfd=3444 HTTP/2.0
host: analytics.google.com
content-length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.ssonetwork.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4ECW8CEQJX&cid=2037664641.1711366339&gtm=45je43k0v868584830z8893384477za200&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0

msedge.exe

Remote address:

142.251.173.157:443

Request

POST /g/collect?v=2&tid=G-4ECW8CEQJX&cid=2037664641.1711366339&gtm=45je43k0v868584830z8893384477za200&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0 HTTP/2.0
host: stats.g.doubleclick.net
content-length: 0
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.ssonetwork.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.google.com/recaptcha/api.js?render=explicit

msedge.exe

Remote address:

142.250.178.4:443

Request

GET /recaptcha/api.js?render=explicit HTTP/2.0
host: www.google.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://c32f36c4036827ffc24b274f1fb3bedf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

msedge.exe

Remote address:

216.58.204.65:443

Request

GET /safeframe/1-0-40/html/container.html HTTP/2.0
host: c32f36c4036827ffc24b274f1fb3bedf.safeframe.googlesyndication.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://aly.jst.ai/api/session/findp?callback=jsonFindCallback&accid=6D01137F-4A75-44AE-93C6-77CD97FFB703&genhash=&device_static_hash=&userid_hash=&pageId=0os24f&guid=&time=0&segment=0&language=en-US&camefrom=&thisurl=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F90.0.4430.212%20Safari%2F537.36%20Edg%2F90.0.818.66&sw=1280&sh=720

msedge.exe

Remote address:

104.17.203.53:443

Request

GET /api/session/findp?callback=jsonFindCallback&accid=6D01137F-4A75-44AE-93C6-77CD97FFB703&genhash=&device_static_hash=&userid_hash=&pageId=0os24f&guid=&time=0&segment=0&language=en-US&camefrom=&thisurl=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F90.0.4430.212%20Safari%2F537.36%20Edg%2F90.0.818.66&sw=1280&sh=720 HTTP/2.0
host: aly.jst.ai
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:20 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-Token, x-rover-source, origin, x-requested-with, content-type, accept, cache-control
access-control-allow-methods: GET, POST
access-control-expose-headers: DAV, content-length, Allow
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28w1Xe92a6MDGAYhYGQEDF84ZWVCU8VL1pci7QvDB; SameSite=None; Secure; path=/; expires=Mon, 25-Mar-24 12:02:20 GMT; HttpOnly
server: cloudflare
cf-ray: 869e946c2b7a7762-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://js.adsrvr.org/up_loader.1.1.0.js

msedge.exe

Remote address:

18.172.103.101:443

Request

GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
Connection: keep-alive
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://www.ssonetwork.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 01 Mar 2024 19:43:19 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 25 Mar 2024 04:57:49 GMT
ETag: W/"a023114c374b2d4f49e3420f667f8e66"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 cc4cf609fb0281d98d6d93c0f4650efa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P8
X-Amz-Cf-Id: jqxt6kCRUecz7WPbExvn47dx7Ao1bvDEcms_s20ViUa0Eq3Ry_rjYQ==
Age: 23672
GET

https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95

msedge.exe

Remote address:

13.32.27.64:443

Request

GET /data.js?rnd=62fe5c0e6ad95 HTTP/2.0
host: tags.clickagy.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
last-modified: Thu, 08 Feb 2024 19:03:11 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 9OWM.Z0Dh.HHVWQAeO49BBTVx4LoDSWJ
server: AmazonS3
content-encoding: gzip
date: Mon, 25 Mar 2024 11:03:20 GMT
etag: W/"9d6129b555ace3efebf194d38a3e562d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: xH3j2-rKKahOiI36bOSB-9vMPFbS2-OhPUOBk9YlOgnNsYi1NMPNNA==
age: 1742
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Origin
GET

https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null

msedge.exe

Remote address:

34.231.129.236:443

Request

GET /external/hasHashes?clkgypv=jstag&cb=null HTTP/2.0
host: hemsync.clickagy.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
origin: https://www.ssonetwork.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:21 GMT
content-type: text/plain; charset=utf-8
content-length: 28
access-control-allow-origin: https://www.ssonetwork.com
vary: origin
access-control-allow-credentials: true
access-control-expose-headers: content-length
access-control-expose-headers: last-modified
access-control-expose-headers: expires
access-control-expose-headers: content-type
content-encoding: gzip
GET

https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:d0a40826df2897758947b478361acdf3&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D

msedge.exe

Remote address:

52.208.77.120:443

Request

GET /ibs:dpid=79908&dpuuid=c:d0a40826df2897758947b478361acdf3&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP/2.0
host: dpm.demdex.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Mon, 25 Mar 2024 11:32:21 GMT
content-length: 0
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=79908&dpuuid=c:d0a40826df2897758947b478361acdf3&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D
x-tid: bhDGgVzmTnE=
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 UTC
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
dcs: dcs-prod-irl1-1-v058-0ac85c9a9.edge-irl1.demdex.com 1 ms
set-cookie: demdex=71745818858066595013246824463176299403; Max-Age=15552000; Expires=Sat, 21 Sep 2024 11:32:21 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
GET

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=79908&dpuuid=c:d0a40826df2897758947b478361acdf3&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D

msedge.exe

Remote address:

52.208.77.120:443

Request

GET /demconf.jpg?et:ibs%7cdata:dpid=79908&dpuuid=c:d0a40826df2897758947b478361acdf3&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D HTTP/2.0
host: dpm.demdex.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 25 Mar 2024 11:32:21 GMT
content-type: image/gif
content-length: 59
x-tid: z11ZA4IQSKY=
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 UTC
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
x-content-type-options: nosniff
dcs: dcs-prod-irl1-1-v058-03d5276f5.edge-irl1.demdex.com 1 ms
content-encoding: gzip
GET

https://tpc.googlesyndication.com/sodar/sodar2.js

msedge.exe

Remote address:

216.58.212.193:443

Request

GET /sodar/sodar2.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

msedge.exe

Remote address:

216.58.212.193:443

Request

GET /sodar/sodar2/225/runner.html HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ssonetwork.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

147.154.47.72:80

app.connect.awspls.com

msedge.exe

340 B
172 B
7
4
147.154.47.72:80

app.connect.awspls.com

msedge.exe

340 B
172 B
7
4
147.154.47.72:80

http://app.connect.awspls.com/e/er?s=893759278&lid=110677&elqTra

http

msedge.exe

764 B
866 B
6
6

HTTP Request

GET http://app.connect.awspls.com/e/er?s=893759278&lid=110677&elqTra

HTTP Response

302
147.154.51.153:443

https://s893759278.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=893759278&ref=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&ref2=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&tzo=0&ms=21&optin=disabled

tls, http

msedge.exe

2.8kB
6.5kB
12
13

HTTP Request

GET https://s893759278.t.eloqua.com/e/er?s=893759278&lid=110677&elqTra

HTTP Response

302

HTTP Request

GET https://s893759278.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=893759278&ref=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&ref2=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&tzo=0&ms=21&optin=disabled

HTTP Response

200
15.197.145.235:443

https://www.ssonetwork.com/api/user-onboarding/sign-in-sign-up/65e1995204b3d275cd295e34

tls, http2

msedge.exe

21.6kB
695.2kB
320
531

HTTP Request

GET https://www.ssonetwork.com/finance-accounting/reports/intercompany?registerModal=true&elqTra

HTTP Response

405

HTTP Request

GET https://www.ssonetwork.com/favicon.ico

HTTP Response

405

HTTP Request

GET https://www.ssonetwork.com/finance-accounting/reports/intercompany?registerModal=true&elqTra

HTTP Response

200

HTTP Request

GET https://www.ssonetwork.com/css/sson_app_web.css?id=ce30255416aaad4c36b4

HTTP Request

GET https://www.ssonetwork.com/css/app_web.css?id=ee76af947ece7b59937e

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.ssonetwork.com/js/app_web.js?id=6145b797a8f09c238bb8

HTTP Request

GET https://www.ssonetwork.com/js/content-detail.js?id=316c049a43a53a50df0f

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.ssonetwork.com/images/popup_bg.jpg

HTTP Response

200

HTTP Request

POST https://www.ssonetwork.com/api/user-onboarding/sign-in-sign-up/65e1995204b3d275cd295e34

HTTP Response

422
143.204.215.71:443

18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com

tls, http2

msedge.exe

2.1kB
850 B
11
9
65.9.66.58:443

18f1ff95f8c2.4d528e22.us-east-1.captcha.awswaf.com

tls, http2

msedge.exe

1.0kB
826 B
10
9
143.204.215.71:443

https://18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/challenge.js

tls, http2

msedge.exe

10.9kB
307.9kB
183
239

HTTP Request

GET https://18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/challenge.js

HTTP Response

200
65.9.66.58:443

https://18f1ff95f8c2.4d528e22.us-east-1.captcha.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/captcha.js

tls, http2

msedge.exe

3.8kB
75.6kB
53
67

HTTP Request

GET https://18f1ff95f8c2.4d528e22.us-east-1.captcha.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/captcha.js

HTTP Response

200
143.204.215.71:443

https://18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/voucher

tls, http2

msedge.exe

24.1kB
15.1kB
44
48

HTTP Request

POST https://18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/verify

HTTP Response

200

HTTP Request

POST https://18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/telemetry

HTTP Response

200

HTTP Request

POST https://18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/telemetry

HTTP Response

200

HTTP Request

POST https://18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/telemetry

HTTP Response

200

HTTP Request

POST https://18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/telemetry

HTTP Response

200

HTTP Request

POST https://18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/voucher

HTTP Response

200
108.138.26.101:443

https://static.captcha.awswaf.com/fonts/AmazonEmberLt/stylesheet.css

tls, http2

msedge.exe

1.7kB
7.4kB
13
14

HTTP Request

GET https://static.captcha.awswaf.com/fonts/AmazonEmberLt/stylesheet.css

HTTP Response

200
108.138.26.101:443

https://static.captcha.awswaf.com/fonts/AmazonEmberLt/AmazonEmber-Light.woff2

tls, http2

msedge.exe

2.9kB
38.9kB
38
37

HTTP Request

GET https://static.captcha.awswaf.com/fonts/AmazonEmberLt/AmazonEmber-Light.woff2

HTTP Response

200
65.9.66.58:443

https://18f1ff95f8c2.4d528e22.us-east-1.captcha.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/verify

tls, http2

msedge.exe

8.7kB
61.3kB
54
65

HTTP Request

GET https://18f1ff95f8c2.4d528e22.us-east-1.captcha.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/problem?kind=visual&domain=www.ssonetwork.com&locale=en-us

HTTP Response

200

HTTP Request

POST https://18f1ff95f8c2.4d528e22.us-east-1.captcha.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/verify

HTTP Response

200

HTTP Request

POST https://18f1ff95f8c2.4d528e22.us-east-1.captcha.awswaf.com/18f1ff95f8c2/124e0fe93e27/12a9002e3553/verify

HTTP Response

200
151.101.1.229:443

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/fonts/bootstrap-icons.woff?4601c71fb26c9277391ec80789bfde9c

tls, http2

msedge.exe

5.9kB
121.1kB
84
97

HTTP Request

GET https://cdn.jsdelivr.net/npm/animate.css@3.5.2/animate.min.css

HTTP Response

200

HTTP Request

GET https://cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/fonts/bootstrap-icons.woff?4601c71fb26c9277391ec80789bfde9c

HTTP Response

200
151.101.1.229:443

cdn.jsdelivr.net

tls

msedge.exe

872 B
677 B
6
5
151.101.1.229:443

cdn.jsdelivr.net

tls

msedge.exe

872 B
625 B
6
4
151.101.1.229:443

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/bootstrap-icons.css

tls, http2

msedge.exe

2.5kB
15.0kB
19
17

HTTP Request

GET https://cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/bootstrap-icons.css

HTTP Response

200
3.160.150.14:443

https://platform-api.sharethis.com/js/sharethis.js

tls, http2

msedge.exe

3.6kB
55.6kB
46
45

HTTP Request

GET https://platform-api.sharethis.com/js/sharethis.js

HTTP Response

200
172.217.169.34:443

https://securepubads.g.doubleclick.net/tag/js/gpt.js

tls, http2

msedge.exe

2.8kB
36.7kB
35
34

HTTP Request

GET https://securepubads.g.doubleclick.net/tag/js/gpt.js
13.32.27.42:443

https://eco-cdn.iqpc.com/site/1503688666.ico

tls, http2

msedge.exe

16.1kB
390.0kB
302
293

HTTP Request

GET https://eco-cdn.iqpc.com/eco/images/channel_content/images/sson_logotzu7er07EQYEzgFkZrelbmnok9gb10SVIHwTy0bh.png

HTTP Request

GET https://eco-cdn.iqpc.com/eco/images/channel_content/images/ra_stacked_logo__1__copyZZxxUA6gL7ffjhWbz4QOiSxK77KHGcOZL3RJxmco.jpg

HTTP Request

GET https://eco-cdn.iqpc.com/eco/images/channel_content/images/capture_4.webp

HTTP Request

GET https://eco-cdn.iqpc.com/eco/images/channel_content/images/rsz_screenshot_2024-03-03_at_74257a______amIc6Q9WWp5s4GCA4BLzvFxRmaopECaXxe72acKa58.webp

HTTP Request

GET https://eco-cdn.iqpc.com/eco/images/channel_content/images/future_finance_3502502.webp

HTTP Request

GET https://eco-cdn.iqpc.com/eco/images/channel_content/images/future_finance350250.webp

HTTP Request

GET https://eco-cdn.iqpc.com/gmedia/_5PteCblackline_logo.png

HTTP Request

GET https://eco-cdn.iqpc.com/eco/images/channel_content/images/blackline_quartnerly.webp

HTTP Request

GET https://eco-cdn.iqpc.com/eco/images/channel_content/images/hr_news_beat_pay_taboo_accounting-blur-budget.webp

HTTP Request

GET https://eco-cdn.iqpc.com/eco/images/channel_content/images/business_change.webp

HTTP Request

GET https://eco-cdn.iqpc.com/eco/images/channel_content/images/clock.webp

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://eco-cdn.iqpc.com/site/1503688666.ico

HTTP Response

200
13.32.27.42:443

eco-cdn.iqpc.com

msedge.exe

104 B
2
13.32.27.42:443

eco-cdn.iqpc.com

tls

msedge.exe

1.2kB
7.2kB
14
11
13.32.27.42:443

eco-cdn.iqpc.com

tls

msedge.exe

937 B
4.4kB
9
7
13.32.27.42:443

eco-cdn.iqpc.com

tls

msedge.exe

1.0kB
6.9kB
11
8
13.32.27.42:443

eco-cdn.iqpc.com

tls

msedge.exe

983 B
6.9kB
10
8
104.18.32.137:443

cdn-ukwest.onetrust.com

tls, http2

msedge.exe

941 B
948 B
7
5
34.117.77.79:443

ml314.com

tls, http2

msedge.exe

980 B
1.1kB
7
5
104.16.136.15:443

ws.zoominfo.com

tls

msedge.exe

1.0kB
5.4kB
10
7
104.17.202.53:443

https://cdn.jst.ai/store_4.1.html?v=6.04

tls, http2

msedge.exe

3.9kB
95.2kB
54
87

HTTP Request

GET https://cdn.jst.ai/vck.js

HTTP Response

200

HTTP Request

GET https://cdn.jst.ai/mwgt_4.1.js?v=6.04

HTTP Response

200

HTTP Request

GET https://cdn.jst.ai/jquery-3.3.1.min.js

HTTP Response

200

HTTP Request

GET https://cdn.jst.ai/store_4.1.html?v=6.04

HTTP Response

200
172.217.169.34:443

securepubads.g.doubleclick.net

tls, http2

msedge.exe

991 B
1.1kB
7
5
104.18.32.137:443

https://cdn-ukwest.onetrust.com/logos/static/powered_by_logo.svg

tls, http2

msedge.exe

4.8kB
106.8kB
73
88

HTTP Request

GET https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js

HTTP Response

200

HTTP Request

GET https://cdn-ukwest.onetrust.com/scripttemplates/6.35.0/otBannerSdk.js

HTTP Response

200

HTTP Request

GET https://cdn-ukwest.onetrust.com/logos/static/powered_by_logo.svg

HTTP Response

200
34.117.77.79:443

https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=82660&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&pv=1711366338370_5qsvf413l&bl=en-us&cb=2184704&return=&ht=&d=&dc=&si=1711366338370_5qsvf413l&cid=SSON-%2Ffinance-accounting%2Freports%2Fintercompany&s=1280x720&rp=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&v=2.7.1.157

tls, http2

msedge.exe

2.7kB
18.2kB
26
27

HTTP Request

GET https://ml314.com/tag.aspx?2522024

HTTP Request

GET https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=82660&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&pv=1711366338370_5qsvf413l&bl=en-us&cb=2184704&return=&ht=&d=&dc=&si=1711366338370_5qsvf413l&cid=SSON-%2Ffinance-accounting%2Freports%2Fintercompany&s=1280x720&rp=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&v=2.7.1.157
104.16.136.15:443

https://ws.zoominfo.com/pixel/62c2c51eae2f00008f208515

tls, http2

msedge.exe

1.8kB
9.5kB
14
15

HTTP Request

GET https://ws.zoominfo.com/pixel/62c2c51eae2f00008f208515

HTTP Response

200
104.17.202.53:443

https://my.jst.ai/ajax/account_config_4.1.html?callback=jsonCallback&m=0&id=6D01137F-4A75-44AE-93C6-77CD97FFB703&p=0&cm=0&pl=

tls, http2

msedge.exe

1.9kB
7.6kB
14
16

HTTP Request

GET https://my.jst.ai/ajax/account_version_check.html?id=6D01137F-4A75-44AE-93C6-77CD97FFB703

HTTP Response

200

HTTP Request

GET https://my.jst.ai/ajax/account_config_4.1.html?callback=jsonCallback&m=0&id=6D01137F-4A75-44AE-93C6-77CD97FFB703&p=0&cm=0&pl=

HTTP Response

200
104.18.32.137:443

https://cdn-ukwest.onetrust.com/scripttemplates/6.35.0/assets/otCommonStyles.css

tls, http2

msedge.exe

3.6kB
48.4kB
41
57

HTTP Request

GET https://cdn-ukwest.onetrust.com/consent/58577b4c-caea-4790-b630-7585b63b3819/58577b4c-caea-4790-b630-7585b63b3819.json

HTTP Response

200

HTTP Request

GET https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

HTTP Response

200

HTTP Request

GET https://cdn-ukwest.onetrust.com/consent/58577b4c-caea-4790-b630-7585b63b3819/018e375c-81bd-724c-8f67-d5bc6f2c25a5/en.json

HTTP Response

200

HTTP Request

GET https://cdn-ukwest.onetrust.com/scripttemplates/6.35.0/assets/otFloatingRounded.json

HTTP Request

GET https://cdn-ukwest.onetrust.com/scripttemplates/6.35.0/assets/v2/otPcPanel.json

HTTP Request

GET https://cdn-ukwest.onetrust.com/scripttemplates/6.35.0/assets/otCommonStyles.css

HTTP Response

200

HTTP Response

200

HTTP Response

200
54.171.85.69:443

l.sharethis.com

tls

msedge.exe

2.7kB
6.6kB
14
15
65.9.66.121:443

https://buttons-config.sharethis.com/js/64ad620a9c5ef400190228dc.js

tls, http2

msedge.exe

1.7kB
8.0kB
13
16

HTTP Request

GET https://buttons-config.sharethis.com/js/64ad620a9c5ef400190228dc.js

HTTP Response

200
96.17.179.184:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

msedge.exe

428 B
1.6kB
6
5

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
172.64.206.38:443

https://use.fontawesome.com/releases/v6.4.2/css/all.css

tls, http2

msedge.exe

2.3kB
27.7kB
27
28

HTTP Request

GET https://use.fontawesome.com/releases/v6.4.2/css/all.css

HTTP Response

200
13.32.121.95:443

https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra

tls, http2

msedge.exe

1.7kB
7.5kB
12
15

HTTP Request

GET https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra

HTTP Response

200
143.204.98.56:443

https://platform-cdn.sharethis.com/img/sharethis.svg

tls, http2

msedge.exe

2.3kB
11.2kB
20
16

HTTP Request

GET https://platform-cdn.sharethis.com/img/facebook.svg

HTTP Request

GET https://platform-cdn.sharethis.com/img/twitter.svg

HTTP Request

GET https://platform-cdn.sharethis.com/img/email.svg

HTTP Request

GET https://platform-cdn.sharethis.com/img/linkedin.svg

HTTP Request

GET https://platform-cdn.sharethis.com/img/sharethis.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
143.204.98.56:443

platform-cdn.sharethis.com

tls

msedge.exe

1.0kB
6.6kB
9
8
143.204.98.56:443

platform-cdn.sharethis.com

tls

msedge.exe

989 B
6.4kB
10
7
143.204.98.56:443

platform-cdn.sharethis.com

tls

msedge.exe

983 B
7.8kB
10
8
143.204.98.56:443

platform-cdn.sharethis.com

tls

msedge.exe

989 B
6.4kB
10
7
172.64.206.38:443

https://use.fontawesome.com/releases/v6.4.2/webfonts/fa-brands-400.woff2

tls, http2

msedge.exe

9.9kB
273.5kB
166
205

HTTP Request

GET https://use.fontawesome.com/releases/v6.4.2/webfonts/fa-solid-900.woff2

HTTP Request

GET https://use.fontawesome.com/releases/v6.4.2/webfonts/fa-brands-400.woff2

HTTP Response

200

HTTP Response

200
216.239.38.181:443

https://analytics.google.com/g/collect?v=2&tid=G-4ECW8CEQJX&gtm=45je43k0v868584830z8893384477za200&_p=1711366336478&_gaz=1&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&cid=2037664641.1711366339&ul=en-us&sr=1280x720&ir=1&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1711366338&sct=1&seg=0&dl=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&dr=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&dt=The%20Hidden%20Costs%20of%20Intercompany%20Inefficiency&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_event_name=finance-accounting&ep.event_portal=www.ssonetwork.com&ep.event_event_code=22719.001&ep.event_event_office=Shared%20Services&up.user_portal=www.ssonetwork.com&up.user_event_name=finance-accounting&up.user_event_code=22719.001&up.user_event_office=Shared%20Services&tfd=3444

tls, http2

msedge.exe

2.4kB
8.4kB
13
15

HTTP Request

POST https://analytics.google.com/g/collect?v=2&tid=G-4ECW8CEQJX&gtm=45je43k0v868584830z8893384477za200&_p=1711366336478&_gaz=1&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&cid=2037664641.1711366339&ul=en-us&sr=1280x720&ir=1&uaa=x86&uamb=0&uam=&uap=Windows&uapv=10.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1711366338&sct=1&seg=0&dl=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&dr=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&dt=The%20Hidden%20Costs%20of%20Intercompany%20Inefficiency&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_event_name=finance-accounting&ep.event_portal=www.ssonetwork.com&ep.event_event_code=22719.001&ep.event_event_office=Shared%20Services&up.user_portal=www.ssonetwork.com&up.user_event_name=finance-accounting&up.user_event_code=22719.001&up.user_event_office=Shared%20Services&tfd=3444
142.251.173.157:443

https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4ECW8CEQJX&cid=2037664641.1711366339&gtm=45je43k0v868584830z8893384477za200&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0

tls, http2

msedge.exe

2.5kB
6.2kB
14
15

HTTP Request

POST https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4ECW8CEQJX&cid=2037664641.1711366339&gtm=45je43k0v868584830z8893384477za200&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0
54.197.224.6:443

in.ml314.com

tls

msedge.exe

2.5kB
7.4kB
15
16
23.59.67.49:443

img04.en25.com

tls

msedge.exe

1.8kB
11.3kB
13
12
142.250.178.4:443

https://www.google.com/recaptcha/api.js?render=explicit

tls, http2

msedge.exe

1.9kB
7.0kB
16
16

HTTP Request

GET https://www.google.com/recaptcha/api.js?render=explicit
216.58.204.65:443

https://c32f36c4036827ffc24b274f1fb3bedf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

tls, http2

msedge.exe

1.9kB
9.1kB
14
16

HTTP Request

GET https://c32f36c4036827ffc24b274f1fb3bedf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
104.17.203.53:443

https://aly.jst.ai/api/session/findp?callback=jsonFindCallback&accid=6D01137F-4A75-44AE-93C6-77CD97FFB703&genhash=&device_static_hash=&userid_hash=&pageId=0os24f&guid=&time=0&segment=0&language=en-US&camefrom=&thisurl=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F90.0.4430.212%20Safari%2F537.36%20Edg%2F90.0.818.66&sw=1280&sh=720

tls, http2

msedge.exe

1.9kB
5.9kB
11
12

HTTP Request

GET https://aly.jst.ai/api/session/findp?callback=jsonFindCallback&accid=6D01137F-4A75-44AE-93C6-77CD97FFB703&genhash=&device_static_hash=&userid_hash=&pageId=0os24f&guid=&time=0&segment=0&language=en-US&camefrom=&thisurl=https%3A%2F%2Fwww.ssonetwork.com%2Ffinance-accounting%2Freports%2Fintercompany%3FregisterModal%3Dtrue%26elqTra&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F90.0.4430.212%20Safari%2F537.36%20Edg%2F90.0.818.66&sw=1280&sh=720

HTTP Response

200
18.172.103.101:443

https://js.adsrvr.org/up_loader.1.1.0.js

tls, http

msedge.exe

1.6kB
9.8kB
11
13

HTTP Request

GET https://js.adsrvr.org/up_loader.1.1.0.js

HTTP Response

200
13.32.27.64:443

https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95

tls, http2

msedge.exe

2.1kB
19.4kB
22
23

HTTP Request

GET https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95

HTTP Response

200
54.175.45.20:443

aorta.clickagy.com

msedge.exe

98 B
52 B
2
1
54.175.45.20:443

aorta.clickagy.com

tls

msedge.exe

1.0kB
738 B
10
10
34.231.129.236:443

https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null

tls, http2

msedge.exe

1.9kB
5.8kB
16
16

HTTP Request

GET https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null

HTTP Response

200
54.175.45.20:443

aorta.clickagy.com

tls

msedge.exe

2.7kB
7.6kB
20
19
52.208.77.120:443

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=79908&dpuuid=c:d0a40826df2897758947b478361acdf3&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D

tls, http2

msedge.exe

2.4kB
6.8kB
21
20

HTTP Request

GET https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:d0a40826df2897758947b478361acdf3&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D

HTTP Response

302

HTTP Request

GET https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=79908&dpuuid=c:d0a40826df2897758947b478361acdf3&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D124%26cm%3D%24%7BDD_UUID%7D

HTTP Response

200
216.58.212.193:443

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

tls, http2

msedge.exe

3.0kB
19.1kB
25
28

HTTP Request

GET https://tpc.googlesyndication.com/sodar/sodar2.js

HTTP Request

GET https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
52.223.40.198:443

insight.adsrvr.org

tls

msedge.exe

2.9kB
4.9kB
16
14
52.111.227.11:443

322 B
7

8.8.8.8:53

app.connect.awspls.com

dns

msedge.exe

573 B
1.1kB
8
7

DNS Request

app.connect.awspls.com

DNS Response

147.154.47.72

DNS Request

ctldl.windowsupdate.com

DNS Response

95.101.78.152

95.101.78.193

DNS Request

14.160.190.20.in-addr.arpa

DNS Request

x.ss2.us

DNS Response

3.161.82.85

3.161.82.37

3.161.82.59

3.161.82.119

DNS Request

85.82.161.3.in-addr.arpa

DNS Request

18f1ff95f8c2.4d528e22.us-east-1.token.awswaf.com

DNS Response

143.204.215.71

143.204.215.64

143.204.215.50

143.204.215.124

DNS Request

71.215.204.143.in-addr.arpa

DNS Request

71.215.204.143.in-addr.arpa
224.0.0.251:5353

msedge.exe

574 B
9
8.8.8.8:53

use.fontawesome.com

dns

msedge.exe

195 B
149 B
3
1

DNS Request

use.fontawesome.com

DNS Request

use.fontawesome.com

DNS Request

use.fontawesome.com

DNS Response

172.64.206.38

172.64.207.38
8.8.8.8:53

229.1.101.151.in-addr.arpa

dns

698 B
1.1kB
10
9

DNS Request

229.1.101.151.in-addr.arpa

DNS Request

securepubads.g.doubleclick.net

DNS Response

172.217.169.34

DNS Request

buttons-config.sharethis.com

DNS Response

65.9.66.121

65.9.66.81

65.9.66.11

65.9.66.100

DNS Request

234.179.250.142.in-addr.arpa

DNS Request

stats.g.doubleclick.net

DNS Response

142.251.173.157

142.251.173.155

142.251.173.156

142.251.173.154

DNS Request

238.16.217.172.in-addr.arpa

DNS Request

www.google.com

DNS Response

142.250.178.4

DNS Request

4.178.250.142.in-addr.arpa

DNS Request

insight.adsrvr.org

DNS Request

insight.adsrvr.org

DNS Response

52.223.40.198

35.71.131.137

15.197.193.217

3.33.220.150
8.8.8.8:53

226.20.18.104.in-addr.arpa

dns

343 B
415 B
5
4

DNS Request

226.20.18.104.in-addr.arpa

DNS Request

www.googletagmanager.com

DNS Response

142.250.179.232

DNS Request

ws.zoominfo.com

DNS Response

104.16.136.15

104.16.137.15

DNS Request

geolocation.onetrust.com

DNS Request

geolocation.onetrust.com

DNS Response

104.18.32.137

172.64.155.119
151.101.1.229:443

cdn.jsdelivr.net

https

msedge.exe

3.2kB
4.2kB
7
6
8.8.8.8:53

cdn-ukwest.onetrust.com

dns

msedge.exe

550 B
1.0kB
8
8

DNS Request

cdn-ukwest.onetrust.com

DNS Response

104.18.32.137

172.64.155.119

DNS Request

apps.identrust.com

DNS Response

96.17.179.184

96.17.179.205

DNS Request

227.179.250.142.in-addr.arpa

DNS Request

www.google-analytics.com

DNS Response

172.217.16.238

DNS Request

6.224.197.54.in-addr.arpa

DNS Request

img04.en25.com

DNS Response

23.59.67.49

DNS Request

49.67.59.23.in-addr.arpa

DNS Request

120.77.208.52.in-addr.arpa
8.8.8.8:53

platform-api.sharethis.com

dns

msedge.exe

199 B
430 B
3
3

DNS Request

platform-api.sharethis.com

DNS Response

3.160.150.14

3.160.150.115

3.160.150.71

3.160.150.46

DNS Request

my.jst.ai

DNS Response

104.17.202.53

104.17.203.53

DNS Request

platform-cdn.sharethis.com

DNS Response

143.204.98.56

143.204.98.46

143.204.98.51

143.204.98.72
8.8.8.8:53

cdn.jst.ai

dns

msedge.exe

532 B
1.1kB
8
7

DNS Request

cdn.jst.ai

DNS Response

104.17.202.53

104.17.203.53

DNS Request

count-server.sharethis.com

DNS Response

13.32.121.95

13.32.121.126

13.32.121.81

13.32.121.68

DNS Request

cdn.jst.ai

DNS Response

104.17.203.53

104.17.202.53

DNS Request

42.27.32.13.in-addr.arpa

DNS Request

hemsync.clickagy.com

DNS Response

34.231.129.236

54.237.104.157

3.223.146.56

52.22.227.116

DNS Request

dpm.demdex.net

DNS Response

52.208.77.120

52.49.147.36

52.50.105.129

52.211.62.76

54.76.68.76

52.31.24.3

54.74.69.97

54.229.250.195

DNS Request

nexusrules.officeapps.live.com

DNS Request

nexusrules.officeapps.live.com

DNS Response

52.111.227.14
8.8.8.8:53

ml314.com

dns

msedge.exe

171 B
161 B
3
2

DNS Request

ml314.com

DNS Response

34.117.77.79

DNS Request

in.ml314.com

DNS Request

in.ml314.com

DNS Response

54.197.224.6

54.225.107.7
34.117.77.79:443

ml314.com

https

msedge.exe

3.5kB
5.3kB
10
8
8.8.8.8:53

232.179.250.142.in-addr.arpa

dns

356 B
674 B
5
5

DNS Request

232.179.250.142.in-addr.arpa

DNS Request

38.206.64.172.in-addr.arpa

DNS Request

aorta.clickagy.com

DNS Response

54.175.45.20

18.209.135.119

44.213.220.50

35.170.115.58

DNS Request

236.129.231.34.in-addr.arpa

DNS Request

193.212.58.216.in-addr.arpa
8.8.8.8:53

53.202.17.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

53.202.17.104.in-addr.arpa
8.8.8.8:53

137.32.18.104.in-addr.arpa

dns

341 B
609 B
5
5

DNS Request

137.32.18.104.in-addr.arpa

DNS Request

95.121.32.13.in-addr.arpa

DNS Request

aly.jst.ai

DNS Response

104.17.203.53

104.17.202.53

DNS Request

3.213.58.216.in-addr.arpa

DNS Request

tpc.googlesyndication.com

DNS Response

216.58.212.193
8.8.8.8:53

79.77.117.34.in-addr.arpa

dns

352 B
618 B
5
5

DNS Request

79.77.117.34.in-addr.arpa

DNS Request

157.173.251.142.in-addr.arpa

DNS Request

tags.clickagy.com

DNS Response

13.32.27.64

13.32.27.94

13.32.27.121

13.32.27.108

DNS Request

101.103.172.18.in-addr.arpa

DNS Request

tpc.googlesyndication.com

DNS Response

216.58.212.193
8.8.8.8:53

14.150.160.3.in-addr.arpa

dns

350 B
581 B
5
5

DNS Request

14.150.160.3.in-addr.arpa

DNS Request

56.98.204.143.in-addr.arpa

DNS Request

www.google.com

DNS Response

142.250.178.4

DNS Request

pagead2.googlesyndication.com

DNS Response

216.58.204.66

DNS Request

14.227.111.52.in-addr.arpa
8.8.8.8:53

15.136.16.104.in-addr.arpa

dns

398 B
708 B
5
5

DNS Request

15.136.16.104.in-addr.arpa

DNS Request

34.169.217.172.in-addr.arpa

DNS Request

c32f36c4036827ffc24b274f1fb3bedf.safeframe.googlesyndication.com

DNS Response

216.58.204.65

DNS Request

65.204.58.216.in-addr.arpa

DNS Request

20.45.175.54.in-addr.arpa
8.8.8.8:53

69.85.171.54.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

69.85.171.54.in-addr.arpa
8.8.8.8:53

121.66.9.65.in-addr.arpa

dns

346 B
629 B
5
5

DNS Request

121.66.9.65.in-addr.arpa

DNS Request

181.38.239.216.in-addr.arpa

DNS Request

www.gstatic.com

DNS Response

216.58.213.3

DNS Request

64.27.32.13.in-addr.arpa

DNS Request

66.204.58.216.in-addr.arpa
172.217.169.34:443

securepubads.g.doubleclick.net

https

msedge.exe

10.7kB
157.0kB
68
130
142.250.178.4:443

www.google.com

https

msedge.exe

16.4kB
50.2kB
48
66
142.250.178.4:443

www.google.com

https

msedge.exe

3.9kB
16.5kB
11
17
216.58.212.193:443

tpc.googlesyndication.com

https

msedge.exe

4.0kB
6.4kB
14
11

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ec7568123e3bee98a389e115698dffeb

SHA1
1542627dbcbaf7d93fcadb771191f18c2248238c

SHA256
5b5e61fe004e83477411dd2b6194e90591d36f2f145cc3b4faa20cf7ae266a75

SHA512
4a53fbbd7281a1a391f0040f6ff5515cedf6e1f97f2dae4ab495b4f76eb4f929dcda6b347f9bf7f66a899330f8897e1ed117314945d1de27b035cc170fa447d3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

Filesize
197KB

MD5
5e28e72b443ded036a4cf369d0dda3bf

SHA1
0500de4480a54243b12d096745c6ba04c9479e66

SHA256
15fc7a054efbb9f76d937448fbb4814d7b3f25a6d137e24c1a69e32947eae71e

SHA512
7d17a5248e54e4dda8fd17a4d662edbb274629161a1e25b3b7f7f5112541663a5040788177268c53b2c78bc7e6d2204ccfb342d93c2ceec0a12d8a41788c088b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
6b3c3d39f82e8a0f1abcfe6a9f36c0f1

SHA1
e454a1e0cbca2027d339ba4c7f53b1da57fcb398

SHA256
d32cc3ea497635c3f7e98337eacfedeb52cb3fd8af748d4f5e466e7e0de59bf3

SHA512
be1f9b0fa2224a9d5f052582c574fa3ede0a9424fc8a77be131dfaf25901fc660497201f0ed6843196ffdf5ea3702e7bd7b7f14bdf18ca94428cd2c718a6674b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
720B

MD5
2d27fcc0627bceb4b0bc35245b69039a

SHA1
a66bbdcb79600d873b0a14c39932d7fc5fb4e448

SHA256
dcd7de4d9eb09d18b83b2318ea775577cd2f2d00cc6708752f14a3ffb133a199

SHA512
9f178d61845b01e45924a464730d09952697b6ffab5085007c8a3dae49318337735f7b6fe622ab63696d0c831e48530c578360fe4ff8b14f74ec1de5fe8be1fc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
62f4283409598594a81a8caaa039aaf3

SHA1
a920968eb69c7fa2facda6dc0529255e82e260ac

SHA256
f06875aad75e2bf2584de1d0708b30ccf7fd713ff4b51c0aeb909b8fc102be9d

SHA512
345476c8e3db2275451cb6a4e327adba9eefa0f1474a3a8e26ca9e1d6136b6b50d6ee6e3024f0c858ac9ba1f559320c3eab06b5f9ba746ac200f8dc2a7dd45b1

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
4KB

MD5
15f9453ae73f399c4afcb1e416f0488f

SHA1
30b821bc2060cd17be6f1d3fe9dd428edb33f75b

SHA256
9f3a8f704575d61403b679b33cd7169031e89151ac7377041bbdc5c883679972

SHA512
08c43178b2a57fa56447acc5b4bd9513a0ef41c433739372882de25aead1b81a2bac046485c3edb008f5e4f43fe7bb2f48560026a00e698ab2aa6970ac82c39a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
4KB

MD5
27fa4c20cfcc4c76ea977a51cec1bb91

SHA1
82fc89562f01fb1c9032880f9e45d1ff02592ff2

SHA256
5cc3db374415e6b47de72d945a3e609f7a9ab96c9f31bd6ef5512e52730bfaf8

SHA512
739c4699fb9b1be9e4bd6877017dbe33a41e70505b1fa6b0e0d9a7becc8a7c36278ebbf6caff2bca27e0b0ad4047694edbca84a19868da5b358ce8bed05986ce

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
c848c8c08474581fa813360232b59960

SHA1
b899f83c968c8b776aef46ab65f1c93073b7de90

SHA256
12b6e69493dffe5c51a39ef9163775320171319f9ae64e3a51f35b0592227664

SHA512
8577e3efc5ac41b7ae7ad7e5de4d7c150cb9d37d5ff66be4c44ba06c952dea83f332d536236bea269166e17d6b080cfa74e2c7b333653518e98977e3e87a1721

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
286b87315bd1a624bc093656c7f1a57f

SHA1
01071ee34ad6adecc1aa0413d3b7e5ecd97e021a

SHA256
beff20ab5b3ad43522ce5730ed964f2ab025d62dbd4a798922c9a3b4d19c97f8

SHA512
55a527d488bfd0eec1f611ece8dee2d80244289146a6256850ef4165e97b053dd435c036c154ff7f28407d76b19af7f236edee8b9dc440c916434af0cc0d76e5

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
3fe2b29174146bdf9744c1902a34c6f4

SHA1
e3a7b4a65b79f9964fbae5e872140fc4d2ece709

SHA256
733325aa61425c6381318b66f7f026457b6ef8d2ab89298b6292016726798a77

SHA512
47929081e2d2deec5f0759ec295f6f05ce097239d4fe43005e1a8c5efd8bdc05dfe4e4e4310077d10f164d739d26f9a673077bd4a9bd18f441cfaa7716ebb73b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
25KB

MD5
0ba15f72ffb0a37243558588d3e78221

SHA1
814bdfffd723f7de9f8d6d6a0bc8d85a9f275cc0

SHA256
3d0223e1f8bb35870db41872cfbbe467f65bf9a1208dcb4d4ad874e250ccc10a

SHA512
02b168ef9cc226a08955092173c3745a55b28faa438b8152acb90d3bc1d9f433de7d8341def8b452db1986392a59cabc7c69689ad00825c58371ca78021183be

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
71591372dd66f396c5f3a20a736f636b

SHA1
4df0aa345dd9f6a10282f726dd1d057e35addd88

SHA256
5ea65927c397d80fc7bec19100988d5da41f4d3b37c5d5700f30da25f5ac5273

SHA512
2375825026b1476fdf83403298725f5295fd39f87f1bf56040736bfec29d235adb0d44153d0e7ac4130f93f1fe0d292fc2baac22a1f7bd6b2e07a4db7bacf48a

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
2KB

MD5
e4c29d968f92a70ad93011671033d5e4

SHA1
5eb6bb8fd07eed12c5a1c9cd0c8124349f968cf7

SHA256
3ebfae3255a4bdc13949c7263680782a68d59e6b08eb78b78a243e644717d051

SHA512
c8c4304a532187b0e60a6934b9a3ff6de29b593e9befb6bbfed719922a531021fe1c90ed897bb3a7b5d0330f409992b8e1ed2ce8cc77da40582c7d4a8136434e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58772f.TMP

Filesize
201B

MD5
fca268e202ab6a09ef0162121f0ed42c

SHA1
c079a027ca195faaa16e4737b7a681001aadbca9

SHA256
1e6952e4a0bfef9f623572956776caaf134c616857d49b85d90a82186e7ae187

SHA512
a4fb2c6c3d9b6a0df09da615512425f68048563f7361c255b30a0244d1a1cb314289b388d0b9ec089d6957c37f62fc0f7148514dae9d70365caff8b0ca54653b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
76cf8c0d37c791f4346bb25e8cafe525

SHA1
d1c72fa41c500f56268d9dbdde34ad3ab1e4a5e5

SHA256
cf3fe44d70789c0eee115b25607426148b2b85e2d47ce299aaadfdaae2c27529

SHA512
a455bce5b3d86f9530f17ca9b4f2904af839013246e0e3b974d064456bfdb3e5e2579bd2a772f1bba15598234989e590d06501735e75ecac39c95308d1f4922b

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.exc

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response