hxxp://bdo-services[.]netlify[.]app

Resubmissions

11/04/2024, 09:47 UTC

240411-lsehhaca8y 1

11/04/2024, 09:44 UTC

240411-lqrp2sgh22 1

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
11/04/2024, 09:44 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://bdo-services.netlify.app

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 5 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier	firefox.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0	firefox.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature	firefox.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1497073144-2389943819-3385106915-1000_Classes\Local Settings	firefox.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2160	msedge.exe
2160	msedge.exe
4832	msedge.exe
4832	msedge.exe
4080	identity_helper.exe
4080	identity_helper.exe
5712	msedge.exe
5712	msedge.exe
5712	msedge.exe
5712	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe

Suspicious use of AdjustPrivilegeToken 2 IoCs

description	pid	Process
Token: SeDebugPrivilege	448	firefox.exe
Token: SeDebugPrivilege	448	firefox.exe

Suspicious use of FindShellTrayWindow 29 IoCs

pid	Process
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
448	firefox.exe
448	firefox.exe
448	firefox.exe
448	firefox.exe

Suspicious use of SendNotifyMessage 27 IoCs

pid	Process
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
4832	msedge.exe
448	firefox.exe
448	firefox.exe
448	firefox.exe

Suspicious use of SetWindowsHookEx 7 IoCs

pid	Process
448	firefox.exe
448	firefox.exe
448	firefox.exe
448	firefox.exe
448	firefox.exe
448	firefox.exe
448	firefox.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4832 wrote to memory of 832	4832	msedge.exe	83
PID 4832 wrote to memory of 832	4832	msedge.exe	83
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 1536	4832	msedge.exe	84
PID 4832 wrote to memory of 2160	4832	msedge.exe	85
PID 4832 wrote to memory of 2160	4832	msedge.exe	85
PID 4832 wrote to memory of 4676	4832	msedge.exe	86
PID 4832 wrote to memory of 4676	4832	msedge.exe	86
PID 4832 wrote to memory of 4676	4832	msedge.exe	86
PID 4832 wrote to memory of 4676	4832	msedge.exe	86
PID 4832 wrote to memory of 4676	4832	msedge.exe	86
PID 4832 wrote to memory of 4676	4832	msedge.exe	86
PID 4832 wrote to memory of 4676	4832	msedge.exe	86
PID 4832 wrote to memory of 4676	4832	msedge.exe	86
PID 4832 wrote to memory of 4676	4832	msedge.exe	86
PID 4832 wrote to memory of 4676	4832	msedge.exe	86
PID 4832 wrote to memory of 4676	4832	msedge.exe	86
PID 4832 wrote to memory of 4676	4832	msedge.exe	86
PID 4832 wrote to memory of 4676	4832	msedge.exe	86
PID 4832 wrote to memory of 4676	4832	msedge.exe	86
PID 4832 wrote to memory of 4676	4832	msedge.exe	86
PID 4832 wrote to memory of 4676	4832	msedge.exe	86
PID 4832 wrote to memory of 4676	4832	msedge.exe	86
PID 4832 wrote to memory of 4676	4832	msedge.exe	86
PID 4832 wrote to memory of 4676	4832	msedge.exe	86
PID 4832 wrote to memory of 4676	4832	msedge.exe	86

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://bdo-services.netlify.app
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff983bf46f8,0x7ff983bf4708,0x7ff983bf4718
  2⤵
  PID:832
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,8981119997743259570,17948609208460423459,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
  2⤵
  PID:1536
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,8981119997743259570,17948609208460423459,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2160
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2100,8981119997743259570,17948609208460423459,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2660 /prefetch:8
  2⤵
  PID:4676
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,8981119997743259570,17948609208460423459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3168 /prefetch:1
  2⤵
  PID:4980
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,8981119997743259570,17948609208460423459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:1244
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,8981119997743259570,17948609208460423459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1
  2⤵
  PID:4860
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,8981119997743259570,17948609208460423459,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5168 /prefetch:8
  2⤵
  PID:3320
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,8981119997743259570,17948609208460423459,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5168 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,8981119997743259570,17948609208460423459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1
  2⤵
  PID:4240
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,8981119997743259570,17948609208460423459,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
  2⤵
  PID:4556
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,8981119997743259570,17948609208460423459,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5688 /prefetch:1
  2⤵
  PID:3576
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,8981119997743259570,17948609208460423459,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
  2⤵
  PID:3844
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2100,8981119997743259570,17948609208460423459,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=2600 /prefetch:8
  2⤵
  PID:5836
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,8981119997743259570,17948609208460423459,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5020 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5712

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1752

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2284

C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
1⤵
PID:1332
- C:\Program Files\Mozilla Firefox\firefox.exe
  "C:\Program Files\Mozilla Firefox\firefox.exe"
  2⤵
  - Checks processor information in registry
  - Modifies registry class
  - Suspicious use of AdjustPrivilegeToken
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:448
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="448.0.59973218\133635336" -parentBuildID 20221007134813 -prefsHandle 1900 -prefMapHandle 1892 -prefsLen 20749 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {eaae88c6-4bb2-49fa-8a89-146cc24f13e5} 448 "\\.\pipe\gecko-crash-server-pipe.448" 1788 1e5fedc2b58 gpu
    3⤵
    PID:3412
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="448.1.1887307188\1698140518" -parentBuildID 20221007134813 -prefsHandle 2368 -prefMapHandle 2364 -prefsLen 20785 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {68e155a5-5d48-4494-8c95-d7fae13be8bb} 448 "\\.\pipe\gecko-crash-server-pipe.448" 2380 1e5feafa258 socket
    3⤵
    PID:4712
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="448.2.2037936702\600734702" -childID 1 -isForBrowser -prefsHandle 3300 -prefMapHandle 3296 -prefsLen 20888 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {1f9f6aac-3373-4751-8364-32390871ad91} 448 "\\.\pipe\gecko-crash-server-pipe.448" 3308 1e585719558 tab
    3⤵
    PID:672
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="448.3.1499279593\1572296541" -childID 2 -isForBrowser -prefsHandle 3588 -prefMapHandle 3584 -prefsLen 26066 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6eb25852-0766-4012-8265-2db48ba220d5} 448 "\\.\pipe\gecko-crash-server-pipe.448" 3596 1e5ed95b858 tab
    3⤵
    PID:4976
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="448.4.436020304\175954768" -childID 3 -isForBrowser -prefsHandle 4432 -prefMapHandle 4428 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9ab1be75-ef29-463d-81c4-06a04b36b475} 448 "\\.\pipe\gecko-crash-server-pipe.448" 4444 1e586b28758 tab
    3⤵
    PID:4592
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="448.5.793011542\2067590389" -childID 4 -isForBrowser -prefsHandle 5096 -prefMapHandle 5048 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {611c64c3-87c2-4365-b784-137119d80d83} 448 "\\.\pipe\gecko-crash-server-pipe.448" 5108 1e587a24c58 tab
    3⤵
    PID:5336
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="448.6.414834440\1833364723" -childID 5 -isForBrowser -prefsHandle 5248 -prefMapHandle 5252 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {400a11d4-c0c0-4833-afb8-287d10ce46b3} 448 "\\.\pipe\gecko-crash-server-pipe.448" 5240 1e588031a58 tab
    3⤵
    PID:5344
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="448.7.493711676\1547680083" -childID 6 -isForBrowser -prefsHandle 5440 -prefMapHandle 5444 -prefsLen 26125 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {67ff11cb-869e-43c8-aaaf-6a2d1deac347} 448 "\\.\pipe\gecko-crash-server-pipe.448" 5432 1e588030558 tab
    3⤵
    PID:5352
- - C:\Program Files\Mozilla Firefox\firefox.exe
    "C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="448.8.2134580280\327644419" -childID 7 -isForBrowser -prefsHandle 4516 -prefMapHandle 4488 -prefsLen 26460 -prefMapSize 233444 -jsInitHandle 1356 -jsInitLen 246848 -a11yResourceId 64 -parentBuildID 20221007134813 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {9129ddf1-468c-4f0c-b5c9-6b3a7b8bd790} 448 "\\.\pipe\gecko-crash-server-pipe.448" 5024 1e584124858 tab
    3⤵
    PID:532

Network

DNS

bdo-services.netlify.app

firefox.exe

Remote address:

8.8.8.8:53

Request

bdo-services.netlify.app

IN A

Response

bdo-services.netlify.app

IN A

35.156.224.161

bdo-services.netlify.app

IN A

3.72.140.173
GET

http://bdo-services.netlify.app/

msedge.exe

Remote address:

35.156.224.161:80

Request

GET / HTTP/1.1
Host: bdo-services.netlify.app
Connection: keep-alive
DNT: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Content-Type: text/plain; charset=utf-8
Date: Thu, 11 Apr 2024 09:44:40 GMT
Location: https://bdo-services.netlify.app/
Server: Netlify
X-Nf-Request-Id: 01HV68Q232EQ2G66NBHTAD6JTB
Content-Length: 48
GET

https://bdo-services.netlify.app/

msedge.exe

Remote address:

35.156.224.161:443

Request

GET / HTTP/2.0
host: bdo-services.netlify.app
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
age: 34925
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: text/html; charset=UTF-8
date: Thu, 11 Apr 2024 09:44:40 GMT
etag: "97e461c2395b06c325aadbf8bbd92437-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HV68Q28Q1Y38RB3PFDG271F2
content-length: 637
GET

https://bdo-services.netlify.app/static/css/main.984924b5.css

msedge.exe

Remote address:

35.156.224.161:443

Request

GET /static/css/main.984924b5.css HTTP/2.0
host: bdo-services.netlify.app
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://bdo-services.netlify.app/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
age: 14689
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Thu, 11 Apr 2024 09:44:40 GMT
etag: "81c0741dbacf8e1d15af43b3a01f592a-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68Q2BTDJGJPRNEWFZ8BMF4
content-length: 65974
GET

https://bdo-services.netlify.app/static/js/main.cf1b7897.js

msedge.exe

Remote address:

35.156.224.161:443

Request

GET /static/js/main.cf1b7897.js HTTP/2.0
host: bdo-services.netlify.app
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://bdo-services.netlify.app/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
age: 14689
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: text/css; charset=UTF-8
date: Thu, 11 Apr 2024 09:44:40 GMT
etag: "78a3e086a3127b54dbc4142b885c7c9f-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68Q2BTX658J2AWEJ38A2W2
content-length: 4064
GET

https://bdo-services.netlify.app/static/media/on.0a461cdbae859e8ca237.png

msedge.exe

Remote address:

35.156.224.161:443

Request

GET /static/media/on.0a461cdbae859e8ca237.png HTTP/2.0
host: bdo-services.netlify.app
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://bdo-services.netlify.app/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
age: 14686
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: image/svg+xml
date: Thu, 11 Apr 2024 09:44:40 GMT
etag: "109ceec727639ee5e1f92587dff9bb2a-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68Q2HWZFZRF163EAM04JC9
content-length: 808
GET

https://bdo-services.netlify.app/static/media/loading.3cbf528bdee397140a68e29f4ab40054.svg

msedge.exe

Remote address:

35.156.224.161:443

Request

GET /static/media/loading.3cbf528bdee397140a68e29f4ab40054.svg HTTP/2.0
host: bdo-services.netlify.app
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://bdo-services.netlify.app/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
age: 14686
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/png
date: Thu, 11 Apr 2024 09:44:40 GMT
etag: "c23774df2f858ba0cd275e30135996f3-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HV68Q2HW0CJGK25NMG4YM0NM
content-length: 10536
GET

https://bdo-services.netlify.app/bdo_favicon.svg

msedge.exe

Remote address:

35.156.224.161:443

Request

GET /bdo_favicon.svg HTTP/2.0
host: bdo-services.netlify.app
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://bdo-services.netlify.app/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
age: 14687
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: image/svg+xml
date: Thu, 11 Apr 2024 09:44:41 GMT
etag: "a905a8f702d62000b05d3f9c1908a68a-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68Q2YR11YSB6XKCXHC16QK
content-length: 628
GET

https://bdo-services.netlify.app/

msedge.exe

Remote address:

35.156.224.161:443

Request

GET / HTTP/2.0
host: bdo-services.netlify.app
cache-control: max-age=0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
if-none-match: "97e461c2395b06c325aadbf8bbd92437-ssl"

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:45:08 GMT
etag: "97e461c2395b06c325aadbf8bbd92437-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HV68QXQDQ08MRBQ1PC9QYTR7
GET

https://bdo-services.netlify.app/static/js/main.cf1b7897.js

msedge.exe

Remote address:

35.156.224.161:443

Request

GET /static/js/main.cf1b7897.js HTTP/2.0
host: bdo-services.netlify.app
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
if-none-match: "81c0741dbacf8e1d15af43b3a01f592a-ssl-df"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://bdo-services.netlify.app/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:45:08 GMT
etag: "78a3e086a3127b54dbc4142b885c7c9f-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68QXSV5480BTB4EKGM1KDM
GET

https://bdo-services.netlify.app/static/css/main.984924b5.css

msedge.exe

Remote address:

35.156.224.161:443

Request

GET /static/css/main.984924b5.css HTTP/2.0
host: bdo-services.netlify.app
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
if-none-match: "78a3e086a3127b54dbc4142b885c7c9f-ssl-df"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://bdo-services.netlify.app/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:45:08 GMT
etag: "81c0741dbacf8e1d15af43b3a01f592a-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68QXSVQE67CYA30YR2D0Q5
GET

https://bdo-services.netlify.app/static/media/on.0a461cdbae859e8ca237.png

msedge.exe

Remote address:

35.156.224.161:443

Request

GET /static/media/on.0a461cdbae859e8ca237.png HTTP/2.0
host: bdo-services.netlify.app
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
if-none-match: "c23774df2f858ba0cd275e30135996f3-ssl"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://bdo-services.netlify.app/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:45:08 GMT
etag: "c23774df2f858ba0cd275e30135996f3-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HV68QXW6AQM6TZG78VTPKFTV
GET

https://bdo-services.netlify.app/static/media/loading.3cbf528bdee397140a68e29f4ab40054.svg

msedge.exe

Remote address:

35.156.224.161:443

Request

GET /static/media/loading.3cbf528bdee397140a68e29f4ab40054.svg HTTP/2.0
host: bdo-services.netlify.app
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
if-none-match: "109ceec727639ee5e1f92587dff9bb2a-ssl-df"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://bdo-services.netlify.app/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:45:08 GMT
etag: "109ceec727639ee5e1f92587dff9bb2a-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68QXW7KR08M1G1MZ6MMFGH
GET

https://bdo-services.netlify.app/bdo_favicon.svg

msedge.exe

Remote address:

35.156.224.161:443

Request

GET /bdo_favicon.svg HTTP/2.0
host: bdo-services.netlify.app
pragma: no-cache
cache-control: no-cache
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://bdo-services.netlify.app/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
age: 14714
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: image/svg+xml
date: Thu, 11 Apr 2024 09:45:08 GMT
etag: "a905a8f702d62000b05d3f9c1908a68a-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68QXW81K74J77SN3SZ3MZ1
content-length: 628
DNS

rsms.me

firefox.exe

Remote address:

8.8.8.8:53

Request

rsms.me

IN A

Response

rsms.me

IN A

104.21.234.235

rsms.me

IN A

104.21.234.234
GET

https://rsms.me/inter/inter.css

msedge.exe

Remote address:

104.21.234.235:443

Request

GET /inter/inter.css HTTP/2.0
host: rsms.me
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://bdo-services.netlify.app/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 11 Apr 2024 09:44:41 GMT
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
access-control-allow-origin: *
etag: W/"6601abff-1b8d"
expires: Sat, 06 Apr 2024 00:44:13 GMT
cache-control: max-age=14400
x-proxy-cache: HIT
x-github-request-id: D99C:0EA7:1790B49:17F8BFA:6601AC0B
via: 1.1 varnish
age: 101
x-served-by: cache-lcy-eglc8600065-LCY
x-cache: HIT
x-cache-hits: 1
x-timer: S1711385669.215207,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 4412002234a5ae20239b76fa239ec07be7e7be9f
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ihsf3iIhSTVKUxzvl1CHRBexoC6INPhsokTEvBbERCSpk5ZgMzeNKDQAmm2NNHOXaSvcUXunjNa2MclwYVrey3tQ4TwhEKClwDINMzcnb1JXavbZ2%2BCzys7V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 872a0a18dc1d657a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
DNS

apps.identrust.com

msedge.exe

Remote address:

8.8.8.8:53

Request

apps.identrust.com

IN A

Response

apps.identrust.com

IN CNAME

identrust.edgesuite.net

identrust.edgesuite.net

IN CNAME

a1952.dscq.akamai.net

a1952.dscq.akamai.net

IN A

23.63.101.177
DNS

bittalorchids.in

firefox.exe

Remote address:

8.8.8.8:53

Request

bittalorchids.in

IN A

Response

bittalorchids.in

IN A

185.187.241.25
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

msedge.exe

Remote address:

23.63.101.177:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Referrer-Policy: same-origin
Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
ETag: "37d-6079b8c0929c0"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Thu, 11 Apr 2024 10:44:40 GMT
Date: Thu, 11 Apr 2024 09:44:40 GMT
Connection: keep-alive
OPTIONS

https://bittalorchids.in/assets/fonts/license/

msedge.exe

Remote address:

185.187.241.25:443

Request

OPTIONS /assets/fonts/license/ HTTP/2.0
host: bittalorchids.in
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type
origin: https://bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://bdo-services.netlify.app/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-powered-by: PHP/8.1.26
content-type: application/json
access-control-allow-origin: https://bdo-services.netlify.app
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
content-length: 0
date: Thu, 11 Apr 2024 09:44:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
POST

https://bittalorchids.in/assets/fonts/license/

msedge.exe

Remote address:

185.187.241.25:443

Request

POST /assets/fonts/license/ HTTP/2.0
host: bittalorchids.in
content-length: 65
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
accept: application/json, text/plain, */*
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
origin: https://bdo-services.netlify.app
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://bdo-services.netlify.app/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-powered-by: PHP/8.1.26
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
access-control-allow-origin: https://bdo-services.netlify.app
access-control-allow-credentials: true
access-control-max-age: 86400
content-type: application/json
content-length: 68
content-encoding: br
vary: Accept-Encoding
date: Thu, 11 Apr 2024 09:44:43 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
DNS

183.142.211.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.142.211.20.in-addr.arpa

IN PTR

Response
DNS

161.224.156.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

161.224.156.35.in-addr.arpa

IN PTR

Response

161.224.156.35.in-addr.arpa

IN PTR

ec2-35-156-224-161eu-central-1compute amazonawscom
DNS

68.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

68.159.190.20.in-addr.arpa

IN PTR

Response
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

235.234.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

235.234.21.104.in-addr.arpa

IN PTR

Response
DNS

177.101.63.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

177.101.63.23.in-addr.arpa

IN PTR

Response

177.101.63.23.in-addr.arpa

IN PTR

a23-63-101-177deploystaticakamaitechnologiescom
DNS

25.241.187.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

25.241.187.185.in-addr.arpa

IN PTR

Response
DNS

133.211.185.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.211.185.52.in-addr.arpa

IN PTR

Response
DNS

183.59.114.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.59.114.20.in-addr.arpa

IN PTR

Response
DNS

198.187.3.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.187.3.20.in-addr.arpa

IN PTR

Response
DNS

17.143.109.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

17.143.109.104.in-addr.arpa

IN PTR

Response

17.143.109.104.in-addr.arpa

IN PTR

a104-109-143-17deploystaticakamaitechnologiescom
DNS

contile.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

contile.services.mozilla.com

IN A

Response

contile.services.mozilla.com

IN A

34.117.237.239
DNS

content-signature-2.cdn.mozilla.net

firefox.exe

Remote address:

8.8.8.8:53

Request

content-signature-2.cdn.mozilla.net

IN A

Response

content-signature-2.cdn.mozilla.net

IN CNAME

content-signature-chains.prod.autograph.services.mozaws.net

content-signature-chains.prod.autograph.services.mozaws.net

IN CNAME

prod.content-signature-chains.prod.webservices.mozgcp.net

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

shavar.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.services.mozilla.com

IN A

Response

shavar.services.mozilla.com

IN CNAME

shavar.prod.mozaws.net

shavar.prod.mozaws.net

IN A

52.10.78.57

shavar.prod.mozaws.net

IN A

54.245.32.185

shavar.prod.mozaws.net

IN A

44.239.14.124
DNS

push.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

push.services.mozilla.com

IN A

Response

push.services.mozilla.com

IN CNAME

autopush.prod.mozaws.net

autopush.prod.mozaws.net

IN A

34.107.243.93
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN A

34.160.144.191
DNS

shavar.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.prod.mozaws.net

IN A

Response

shavar.prod.mozaws.net

IN A

44.239.14.124

shavar.prod.mozaws.net

IN A

52.10.78.57

shavar.prod.mozaws.net

IN A

54.245.32.185
DNS

firefox.settings.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

firefox.settings.services.mozilla.com

IN A

Response

firefox.settings.services.mozilla.com

IN CNAME

prod.remote-settings.prod.webservices.mozgcp.net

prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.149.100.209
GET

https://contile.services.mozilla.com/v1/tiles

firefox.exe

Remote address:

34.117.237.239:443

Request

GET /v1/tiles HTTP/2.0
host: contile.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers
DNS

contile.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

contile.services.mozilla.com

IN A

Response

contile.services.mozilla.com

IN A

34.117.237.239
DNS

prod.content-signature-chains.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

Response

prod.content-signature-chains.prod.webservices.mozgcp.net

IN AAAA

2600:1901:0:92a9::
DNS

shavar.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

shavar.prod.mozaws.net

IN AAAA

Response
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
if-modified-since: Fri, 25 Mar 2022 17:45:46 GMT
if-none-match: "1648230346554"
te: trailers

Response

HTTP/2.0 200

server: nginx
content-length: 232
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Backoff, Content-Type, Retry-After
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Thu, 11 Apr 2024 09:23:54 GMT
age: 1306
last-modified: Thu, 11 Apr 2024 06:31:02 GMT
content-type: application/json
last-modified: Thu, 11 Apr 2024 06:31:02 GMT
content-type: application/json
GET

https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?collection=partitioning-exempt-urls&bucket=main&_expected=0

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/monitor/collections/changes/changeset?collection=partitioning-exempt-urls&bucket=main&_expected=0 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
content-length: 232
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Backoff, Content-Type, Retry-After
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Thu, 11 Apr 2024 09:23:54 GMT
age: 1306
last-modified: Thu, 11 Apr 2024 06:31:02 GMT
content-type: application/json
last-modified: Thu, 11 Apr 2024 06:31:02 GMT
content-type: application/json
GET

https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1702403047185

firefox.exe

Remote address:

34.149.100.209:443

Request

GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1702403047185 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

server: nginx
content-length: 232
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Backoff, Content-Type, Retry-After
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Thu, 11 Apr 2024 09:23:54 GMT
age: 1306
last-modified: Thu, 11 Apr 2024 06:31:02 GMT
content-type: application/json
last-modified: Thu, 11 Apr 2024 06:31:02 GMT
content-type: application/json
GET

https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221712817062516%22

firefox.exe

Remote address:

34.149.100.209:443

Response

HTTP/2.0 200

server: nginx
content-length: 232
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Backoff, Content-Type, Retry-After
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Thu, 11 Apr 2024 09:23:54 GMT
age: 1306
last-modified: Thu, 11 Apr 2024 06:31:02 GMT
content-type: application/json
last-modified: Thu, 11 Apr 2024 06:31:02 GMT
content-type: application/json

Request

GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221712817062516%22 HTTP/2.0
host: firefox.settings.services.mozilla.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
sec-fetch-dest: empty
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers
DNS

firefox.exe

Remote address:

34.149.100.209:443

Response

HTTP/2.0 200

server: nginx
content-length: 232
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Backoff, Content-Type, Retry-After
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Thu, 11 Apr 2024 09:23:54 GMT
age: 1306
last-modified: Thu, 11 Apr 2024 06:31:02 GMT
content-type: application/json
last-modified: Thu, 11 Apr 2024 06:31:02 GMT
content-type: application/json
DNS

firefox.exe

Remote address:

34.149.100.209:443

Response

HTTP/2.0 200

server: nginx
content-length: 232
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Backoff, Content-Type, Retry-After
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Thu, 11 Apr 2024 09:23:54 GMT
age: 1306
last-modified: Thu, 11 Apr 2024 06:31:02 GMT
content-type: application/json
last-modified: Thu, 11 Apr 2024 06:31:02 GMT
content-type: application/json
DNS

firefox.exe

Remote address:

34.149.100.209:443

Response

HTTP/2.0 200

server: nginx
content-length: 2377
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
via: 1.1 google
date: Thu, 11 Apr 2024 08:56:16 GMT
age: 2964
last-modified: Sat, 06 Apr 2024 00:00:06 GMT
content-type: application/json
last-modified: Thu, 11 Apr 2024 06:31:02 GMT
content-type: application/json
DNS

contile.services.mozilla.com

firefox.exe

Remote address:

8.8.8.8:53

Request

contile.services.mozilla.com

IN AAAA

Response
GET

https://push.services.mozilla.com/

firefox.exe

Remote address:

34.107.243.93:443

Request

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kYj8RvvZIuSI/wpoTGpP5g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

Response

HTTP/1.1 101 Switching Protocols

sec-websocket-accept: lT5vADlLYmGALUU3z+ffBrC1rvg=
date: Thu, 11 Apr 2024 09:45:28 GMT
Via: 1.1 google
Upgrade: websocket
Connection: Upgrade
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN A

Response

prod.remote-settings.prod.webservices.mozgcp.net

IN A

34.149.100.209
DNS

autopush.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

autopush.prod.mozaws.net

IN A

Response

autopush.prod.mozaws.net

IN A

34.107.243.93
DNS

prod.remote-settings.prod.webservices.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.remote-settings.prod.webservices.mozgcp.net

IN AAAA

Response
DNS

autopush.prod.mozaws.net

firefox.exe

Remote address:

8.8.8.8:53

Request

autopush.prod.mozaws.net

IN AAAA

Response
DNS

57.78.10.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

57.78.10.52.in-addr.arpa

IN PTR

Response

57.78.10.52.in-addr.arpa

IN PTR

ec2-52-10-78-57 us-west-2compute amazonawscom
GET

https://www.bing.com/qbox?query=&language=en-US&pt=EdgBox&cvid=e9d7cb1644dd4ab787801c7cf1bc2572&oit=0

msedge.exe

Remote address:

23.62.61.194:443

Request

GET /qbox?query=&language=en-US&pt=EdgBox&cvid=e9d7cb1644dd4ab787801c7cf1bc2572&oit=0 HTTP/2.0
host: www.bing.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 262
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
content-encoding: br
vary: Accept-Encoding
x-eventid: 6617b13f06874c34920ecc58d4c53cba
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-wHsZHxzkdKDajHQQa/otuoIFNb8+9KuEv9ERzlIWFJs='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
date: Thu, 11 Apr 2024 09:45:35 GMT
set-cookie: MUID=12AC90B7ED4B6EED05DE84E9EC786F25; domain=.bing.com; expires=Tue, 06-May-2025 09:45:35 GMT; path=/; secure; SameSite=None
set-cookie: MUIDB=12AC90B7ED4B6EED05DE84E9EC786F25; expires=Tue, 06-May-2025 09:45:35 GMT; path=/; HttpOnly
set-cookie: _EDGE_S=F=1&SID=2312C7CAF57664AA276DD394F44565C3; domain=.bing.com; path=/; HttpOnly
set-cookie: _EDGE_V=1; domain=.bing.com; expires=Tue, 06-May-2025 09:45:35 GMT; path=/; HttpOnly
set-cookie: USRLOC=HS=1; domain=.bing.com; expires=Tue, 06-May-2025 09:45:35 GMT; path=/; secure; HttpOnly; SameSite=None
set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Tue, 06-May-2025 09:45:35 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUID=V=2&GUID=CC5373A2898B494490E8D1D920F9F589&dmnchg=1; domain=.bing.com; expires=Tue, 06-May-2025 09:45:35 GMT; path=/; secure; SameSite=None
set-cookie: SRCHUSR=DOB=20240411; domain=.bing.com; expires=Tue, 06-May-2025 09:45:35 GMT; path=/; secure; SameSite=None
set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Tue, 06-May-2025 09:45:35 GMT; path=/; secure; SameSite=None
set-cookie: _SS=SID=2312C7CAF57664AA276DD394F44565C3; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.be3d3e17.1712828735.74d6a21
DNS

194.61.62.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.61.62.23.in-addr.arpa

IN PTR

Response

194.61.62.23.in-addr.arpa

IN PTR

a23-62-61-194deploystaticakamaitechnologiescom
DNS

bdo-services.netlify.app

firefox.exe

Remote address:

8.8.8.8:53

Request

bdo-services.netlify.app

IN A

Response

bdo-services.netlify.app

IN A

3.72.140.173

bdo-services.netlify.app

IN A

35.156.224.161
GET

https://bdo-services.netlify.app/

firefox.exe

Remote address:

3.72.140.173:443

Request

GET / HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
te: trailers

Response

HTTP/2.0 200

accept-ranges: bytes
age: 12754
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: text/html; charset=UTF-8
date: Thu, 11 Apr 2024 09:45:40 GMT
etag: "97e461c2395b06c325aadbf8bbd92437-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HV68RWH6RRSBQVTYA071S1D9
content-length: 637
GET

https://bdo-services.netlify.app/static/js/main.cf1b7897.js

firefox.exe

Remote address:

3.72.140.173:443

Request

GET /static/js/main.cf1b7897.js HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://bdo-services.netlify.app/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

accept-ranges: bytes
age: 68
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: text/css; charset=UTF-8
date: Thu, 11 Apr 2024 09:45:40 GMT
etag: "78a3e086a3127b54dbc4142b885c7c9f-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68RWMC3BXXQFJZE8DDS3YV
content-length: 4050
GET

https://bdo-services.netlify.app/static/css/main.984924b5.css

firefox.exe

Remote address:

3.72.140.173:443

Request

GET /static/css/main.984924b5.css HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://bdo-services.netlify.app/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

accept-ranges: bytes
age: 68
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Thu, 11 Apr 2024 09:45:40 GMT
etag: "81c0741dbacf8e1d15af43b3a01f592a-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68RWMCPAKQY9K455X47VKW
content-length: 65988
GET

https://bdo-services.netlify.app/static/media/on.0a461cdbae859e8ca237.png

firefox.exe

Remote address:

3.72.140.173:443

Request

GET /static/media/on.0a461cdbae859e8ca237.png HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://bdo-services.netlify.app/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

accept-ranges: bytes
age: 66
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/png
date: Thu, 11 Apr 2024 09:45:40 GMT
etag: "c23774df2f858ba0cd275e30135996f3-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HV68RWVCWYKDBM43YFKC9S28
content-length: 10536
GET

https://bdo-services.netlify.app/static/media/loading.3cbf528bdee397140a68e29f4ab40054.svg

firefox.exe

Remote address:

3.72.140.173:443

Request

GET /static/media/loading.3cbf528bdee397140a68e29f4ab40054.svg HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://bdo-services.netlify.app/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

accept-ranges: bytes
age: 66
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: image/svg+xml
date: Thu, 11 Apr 2024 09:45:40 GMT
etag: "109ceec727639ee5e1f92587dff9bb2a-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68RWVDKVYW399HHZ89B71Q
content-length: 795
GET

https://bdo-services.netlify.app/bdo_favicon.svg

firefox.exe

Remote address:

3.72.140.173:443

Request

GET /bdo_favicon.svg HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://bdo-services.netlify.app/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
te: trailers

Response

HTTP/2.0 200

accept-ranges: bytes
age: 66
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: image/svg+xml
date: Thu, 11 Apr 2024 09:45:40 GMT
etag: "a905a8f702d62000b05d3f9c1908a68a-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68RX0Q15XAE1V8ZFGRAKHJ
content-length: 628
DNS

bdo-services.netlify.app

firefox.exe

Remote address:

8.8.8.8:53

Request

bdo-services.netlify.app

IN A

Response

bdo-services.netlify.app

IN A

18.192.231.252

bdo-services.netlify.app

IN A

3.70.101.28
DNS

bdo-services.netlify.app

firefox.exe

Remote address:

8.8.8.8:53

Request

bdo-services.netlify.app

IN AAAA

Response

bdo-services.netlify.app

IN AAAA

2a05:d014:275:cb01::c8

bdo-services.netlify.app

IN AAAA

2a05:d014:58f:6200::64
DNS

rsms.me

firefox.exe

Remote address:

8.8.8.8:53

Request

rsms.me

IN A

Response

rsms.me

IN A

104.21.234.234

rsms.me

IN A

104.21.234.235
GET

https://rsms.me/inter/inter.css

firefox.exe

Remote address:

104.21.234.234:443

Request

GET /inter/inter.css HTTP/2.0
host: rsms.me
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://bdo-services.netlify.app/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

date: Thu, 11 Apr 2024 09:45:40 GMT
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
access-control-allow-origin: *
etag: W/"6601abff-1b8d"
expires: Sat, 06 Apr 2024 00:44:13 GMT
cache-control: max-age=14400
x-proxy-cache: HIT
x-github-request-id: D99C:0EA7:1790B49:17F8BFA:6601AC0B
via: 1.1 varnish
age: 160
x-served-by: cache-lcy-eglc8600065-LCY
x-cache: HIT
x-cache-hits: 1
x-timer: S1711385669.215207,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 4412002234a5ae20239b76fa239ec07be7e7be9f
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UPXZigaZgT6za77WvWYVHN7lV27I65yZZK%2BlzZ0fqrxt%2BeDdU9mblDoJF9Q%2FAyxAd36izVuMyEYk68FsyA2MhH2a6ObOIsGpV7uMfnDfH9ENLWRH%2BKRwDhZ7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 872a0b8b6fea63d4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
DNS

rsms.me

firefox.exe

Remote address:

8.8.8.8:53

Request

rsms.me

IN AAAA

Response

rsms.me

IN AAAA

2606:4700:3038::6815:eaea

rsms.me

IN AAAA

2606:4700:3038::6815:eaeb
DNS

rsms.me

firefox.exe

Remote address:

8.8.8.8:53

Request

rsms.me

IN AAAA

Response

rsms.me

IN AAAA

2606:4700:3038::6815:eaeb

rsms.me

IN AAAA

2606:4700:3038::6815:eaea
DNS

bittalorchids.in

firefox.exe

Remote address:

8.8.8.8:53

Request

bittalorchids.in

IN A

Response

bittalorchids.in

IN A

185.187.241.25
DNS

173.140.72.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

173.140.72.3.in-addr.arpa

IN PTR

Response

173.140.72.3.in-addr.arpa

IN PTR

ec2-3-72-140-173eu-central-1compute amazonawscom
DNS

234.234.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.234.21.104.in-addr.arpa

IN PTR

Response
OPTIONS

https://bittalorchids.in/assets/fonts/license/

firefox.exe

Remote address:

185.187.241.25:443

Request

OPTIONS /assets/fonts/license/ HTTP/2.0
host: bittalorchids.in
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
access-control-request-method: POST
access-control-request-headers: content-type
referer: https://bdo-services.netlify.app/
origin: https://bdo-services.netlify.app
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-powered-by: PHP/8.1.26
content-type: application/json
access-control-allow-origin: https://bdo-services.netlify.app
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
content-length: 0
date: Thu, 11 Apr 2024 09:45:41 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
POST

https://bittalorchids.in/assets/fonts/license/

firefox.exe

Remote address:

185.187.241.25:443

Request

POST /assets/fonts/license/ HTTP/2.0
host: bittalorchids.in
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json, text/plain, */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
content-length: 65
origin: https://bdo-services.netlify.app
referer: https://bdo-services.netlify.app/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-powered-by: PHP/8.1.26
content-type: application/json
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
access-control-allow-origin: https://bdo-services.netlify.app
access-control-allow-credentials: true
access-control-max-age: 86400
content-length: 5
content-encoding: br
vary: Accept-Encoding
date: Thu, 11 Apr 2024 09:45:42 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
POST

https://bittalorchids.in/assets/fonts/license/

firefox.exe

Remote address:

185.187.241.25:443

Request

POST /assets/fonts/license/ HTTP/2.0
host: bittalorchids.in
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: application/json, text/plain, */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
content-type: application/json
content-length: 19
origin: https://bdo-services.netlify.app
referer: https://bdo-services.netlify.app/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
te: trailers

Response

HTTP/2.0 200

x-powered-by: PHP/8.1.26
content-type: application/json
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
access-control-allow-origin: https://bdo-services.netlify.app
access-control-allow-credentials: true
access-control-max-age: 86400
content-length: 5
content-encoding: br
vary: Accept-Encoding
date: Thu, 11 Apr 2024 09:45:43 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
DNS

bittalorchids.in

firefox.exe

Remote address:

8.8.8.8:53

Request

bittalorchids.in

IN AAAA

Response

bittalorchids.in

IN AAAA

2a02:4780:3:645:0:2571:d6dc:10
DNS

aus5.mozilla.org

firefox.exe

Remote address:

8.8.8.8:53

Request

aus5.mozilla.org

IN A

Response

aus5.mozilla.org

IN CNAME

balrog-aus5.r53-2.services.mozilla.com

balrog-aus5.r53-2.services.mozilla.com

IN CNAME

prod.balrog.prod.cloudops.mozgcp.net

prod.balrog.prod.cloudops.mozgcp.net

IN A

35.244.181.201
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN A

Response

prod.balrog.prod.cloudops.mozgcp.net

IN A

35.244.181.201
DNS

prod.balrog.prod.cloudops.mozgcp.net

firefox.exe

Remote address:

8.8.8.8:53

Request

prod.balrog.prod.cloudops.mozgcp.net

IN AAAA

Response
DNS

ciscobinary.openh264.org

firefox.exe

Remote address:

8.8.8.8:53

Request

ciscobinary.openh264.org

IN A

Response

ciscobinary.openh264.org

IN CNAME

a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com

a21ed24aedde648804e7-228765c84088fef4ff5e70f2710398e9.r17.cf1.rackcdn.com

IN CNAME

a17.rackcdn.com

a17.rackcdn.com

IN CNAME

a17.rackcdn.com.mdc.edgesuite.net

a17.rackcdn.com.mdc.edgesuite.net

IN CNAME

a19.dscg10.akamai.net

a19.dscg10.akamai.net

IN A

2.18.121.73

a19.dscg10.akamai.net

IN A

2.18.121.79
GET

http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

firefox.exe

Remote address:

2.18.121.73:80

Request

GET /openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

Response

HTTP/1.1 200 OK

Content-Length: 453023
Accept-Ranges: bytes
Last-Modified: Mon, 08 Apr 2024 07:11:55 GMT
ETag: 85430baed3398695717b0263807cf97c
X-Timestamp: 1712560314.42036
Content-Type: application/zip
X-Trans-Id: tx9b0a39c9a7674594a5556-006615a59bdfw1
Cache-Control: public, max-age=125183
Expires: Fri, 12 Apr 2024 20:32:23 GMT
Date: Thu, 11 Apr 2024 09:46:00 GMT
Connection: keep-alive
DNS

a19.dscg10.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a19.dscg10.akamai.net

IN A

Response

a19.dscg10.akamai.net

IN A

2.18.121.73

a19.dscg10.akamai.net

IN A

2.18.121.79
DNS

a19.dscg10.akamai.net

firefox.exe

Remote address:

8.8.8.8:53

Request

a19.dscg10.akamai.net

IN AAAA

Response

a19.dscg10.akamai.net

IN AAAA

2a02:26f0:a1::58dd:86d1

a19.dscg10.akamai.net

IN AAAA

2a02:26f0:a1::58dd:869b
DNS

201.181.244.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

201.181.244.35.in-addr.arpa

IN PTR

Response

201.181.244.35.in-addr.arpa

IN PTR

20118124435bcgoogleusercontentcom
DNS

73.121.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

73.121.18.2.in-addr.arpa

IN PTR

Response

73.121.18.2.in-addr.arpa

IN PTR

a2-18-121-73deploystaticakamaitechnologiescom
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN A

Response

redirector.gvt1.com

IN A

216.58.201.110
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN A

Response

redirector.gvt1.com

IN A

216.58.201.110
DNS

redirector.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

redirector.gvt1.com

IN AAAA

Response

redirector.gvt1.com

IN AAAA

2a00:1450:4009:826::200e
DNS

r5---sn-aigzrn7d.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r5---sn-aigzrn7d.gvt1.com

IN A

Response

r5---sn-aigzrn7d.gvt1.com

IN CNAME

r5.sn-aigzrn7d.gvt1.com

r5.sn-aigzrn7d.gvt1.com

IN A

173.194.138.202
DNS

r5.sn-aigzrn7d.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r5.sn-aigzrn7d.gvt1.com

IN A

Response

r5.sn-aigzrn7d.gvt1.com

IN A

173.194.138.202
DNS

r5.sn-aigzrn7d.gvt1.com

firefox.exe

Remote address:

8.8.8.8:53

Request

r5.sn-aigzrn7d.gvt1.com

IN AAAA

Response

r5.sn-aigzrn7d.gvt1.com

IN AAAA

2a00:1450:4009:34::a
DNS

202.138.194.173.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.138.194.173.in-addr.arpa

IN PTR

Response

202.138.194.173.in-addr.arpa

IN PTR

lhr48s06-in-f101e100net
DNS

43.229.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

43.229.111.52.in-addr.arpa

IN PTR

Response
DNS

bdo-services.netlify.app

firefox.exe

Remote address:

8.8.8.8:53

Request

bdo-services.netlify.app

IN A

Response

bdo-services.netlify.app

IN A

3.70.101.28

bdo-services.netlify.app

IN A

35.156.224.161
GET

https://bdo-services.netlify.app/

firefox.exe

Remote address:

3.72.140.173:443

Request

GET / HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
if-none-match: "97e461c2395b06c325aadbf8bbd92437-ssl"
te: trailers

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:46:19 GMT
etag: "97e461c2395b06c325aadbf8bbd92437-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HV68T33471R7J0XBB7KS85G0
GET

https://bdo-services.netlify.app/static/js/main.cf1b7897.js

firefox.exe

Remote address:

3.72.140.173:443

Request

GET /static/js/main.cf1b7897.js HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://bdo-services.netlify.app/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
if-none-match: "81c0741dbacf8e1d15af43b3a01f592a-ssl-df"
te: trailers

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:46:19 GMT
etag: "81c0741dbacf8e1d15af43b3a01f592a-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68T357X98VX8AKK9695VD7
GET

https://bdo-services.netlify.app/static/css/main.984924b5.css

firefox.exe

Remote address:

3.72.140.173:443

Request

GET /static/css/main.984924b5.css HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://bdo-services.netlify.app/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
if-none-match: "78a3e086a3127b54dbc4142b885c7c9f-ssl-df"
te: trailers

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:46:19 GMT
etag: "78a3e086a3127b54dbc4142b885c7c9f-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68T357X23ZPKWYMD3Y3DV5
GET

https://bdo-services.netlify.app/static/media/on.0a461cdbae859e8ca237.png

firefox.exe

Remote address:

3.72.140.173:443

Request

GET /static/media/on.0a461cdbae859e8ca237.png HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://bdo-services.netlify.app/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
if-none-match: "c23774df2f858ba0cd275e30135996f3-ssl"
te: trailers

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:46:19 GMT
etag: "c23774df2f858ba0cd275e30135996f3-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HV68T37HDYN85B4WQ6KJAJVN
GET

https://bdo-services.netlify.app/static/media/loading.3cbf528bdee397140a68e29f4ab40054.svg

firefox.exe

Remote address:

3.72.140.173:443

Request

GET /static/media/loading.3cbf528bdee397140a68e29f4ab40054.svg HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://bdo-services.netlify.app/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
if-none-match: "109ceec727639ee5e1f92587dff9bb2a-ssl-df"
te: trailers

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:46:19 GMT
etag: "109ceec727639ee5e1f92587dff9bb2a-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68T37RXST03TP2CWKMS1N5
GET

https://bdo-services.netlify.app/

firefox.exe

Remote address:

3.72.140.173:443

Request

GET / HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
if-none-match: "97e461c2395b06c325aadbf8bbd92437-ssl"
te: trailers

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:46:36 GMT
etag: "97e461c2395b06c325aadbf8bbd92437-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HV68TK8AN1PHB91BC04YEM7P
GET

https://bdo-services.netlify.app/static/js/main.cf1b7897.js

firefox.exe

Remote address:

3.72.140.173:443

Request

GET /static/js/main.cf1b7897.js HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://bdo-services.netlify.app/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
if-none-match: "81c0741dbacf8e1d15af43b3a01f592a-ssl-df"
te: trailers

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:46:36 GMT
etag: "81c0741dbacf8e1d15af43b3a01f592a-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68TKAE6D6E8FMBCY5PRVRH
GET

https://bdo-services.netlify.app/static/css/main.984924b5.css

firefox.exe

Remote address:

3.72.140.173:443

Request

GET /static/css/main.984924b5.css HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://bdo-services.netlify.app/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
if-none-match: "78a3e086a3127b54dbc4142b885c7c9f-ssl-df"
te: trailers

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:46:36 GMT
etag: "78a3e086a3127b54dbc4142b885c7c9f-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68TKAF2RWTZY7G0WJS429W
GET

https://bdo-services.netlify.app/static/media/on.0a461cdbae859e8ca237.png

firefox.exe

Remote address:

3.72.140.173:443

Request

GET /static/media/on.0a461cdbae859e8ca237.png HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://bdo-services.netlify.app/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
if-none-match: "c23774df2f858ba0cd275e30135996f3-ssl"
te: trailers

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:46:36 GMT
etag: "c23774df2f858ba0cd275e30135996f3-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HV68TKCQ3ENV44004R0WDVM2
GET

https://bdo-services.netlify.app/static/media/loading.3cbf528bdee397140a68e29f4ab40054.svg

firefox.exe

Remote address:

3.72.140.173:443

Request

GET /static/media/loading.3cbf528bdee397140a68e29f4ab40054.svg HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://bdo-services.netlify.app/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
if-none-match: "109ceec727639ee5e1f92587dff9bb2a-ssl-df"
te: trailers

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:46:36 GMT
etag: "109ceec727639ee5e1f92587dff9bb2a-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68TKCV097Z0K7XXAMR76BF
GET

https://bdo-services.netlify.app/

firefox.exe

Remote address:

3.72.140.173:443

Request

GET / HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
upgrade-insecure-requests: 1
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: none
sec-fetch-user: ?1
if-none-match: "97e461c2395b06c325aadbf8bbd92437-ssl"
te: trailers

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:46:38 GMT
etag: "97e461c2395b06c325aadbf8bbd92437-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HV68TN7F2KVTMHRT2D8MHED4
GET

https://bdo-services.netlify.app/static/js/main.cf1b7897.js

firefox.exe

Remote address:

3.72.140.173:443

Request

GET /static/js/main.cf1b7897.js HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: */*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://bdo-services.netlify.app/
sec-fetch-dest: script
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
if-none-match: "81c0741dbacf8e1d15af43b3a01f592a-ssl-df"
te: trailers

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:46:38 GMT
etag: "81c0741dbacf8e1d15af43b3a01f592a-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68TN9FD6KAG1M093SCXHR8
GET

https://bdo-services.netlify.app/static/css/main.984924b5.css

firefox.exe

Remote address:

3.72.140.173:443

Request

GET /static/css/main.984924b5.css HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: text/css,*/*;q=0.1
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://bdo-services.netlify.app/
sec-fetch-dest: style
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
if-none-match: "78a3e086a3127b54dbc4142b885c7c9f-ssl-df"
te: trailers

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:46:38 GMT
etag: "78a3e086a3127b54dbc4142b885c7c9f-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68TN9M7QT37B42ST9V6MKF
GET

https://bdo-services.netlify.app/static/media/on.0a461cdbae859e8ca237.png

firefox.exe

Remote address:

3.72.140.173:443

Request

GET /static/media/on.0a461cdbae859e8ca237.png HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://bdo-services.netlify.app/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
if-none-match: "c23774df2f858ba0cd275e30135996f3-ssl"
te: trailers

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:46:38 GMT
etag: "c23774df2f858ba0cd275e30135996f3-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01HV68TNBZ81ETQ7Z3SP7BGJP1
GET

https://bdo-services.netlify.app/static/media/loading.3cbf528bdee397140a68e29f4ab40054.svg

firefox.exe

Remote address:

3.72.140.173:443

Request

GET /static/media/loading.3cbf528bdee397140a68e29f4ab40054.svg HTTP/2.0
host: bdo-services.netlify.app
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
accept: image/avif,image/webp,*/*
accept-language: en-US,en;q=0.5
accept-encoding: gzip, deflate, br
referer: https://bdo-services.netlify.app/
sec-fetch-dest: image
sec-fetch-mode: no-cors
sec-fetch-site: same-origin
if-none-match: "109ceec727639ee5e1f92587dff9bb2a-ssl-df"
te: trailers

Response

HTTP/2.0 304

cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
date: Thu, 11 Apr 2024 09:46:38 GMT
etag: "109ceec727639ee5e1f92587dff9bb2a-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01HV68TNC7CYDNP4XTC39Z4X63
DNS

bdo-services.netlify.app

firefox.exe

Remote address:

8.8.8.8:53

Request

bdo-services.netlify.app

IN AAAA

Response

bdo-services.netlify.app

IN AAAA

2a05:d014:58f:6202::64

bdo-services.netlify.app

IN AAAA

2a05:d014:58f:6200::64

35.156.224.161:80

bdo-services.netlify.app

msedge.exe

236 B
172 B
5
4
35.156.224.161:80

http://bdo-services.netlify.app/

http

msedge.exe

824 B
579 B
8
7

HTTP Request

GET http://bdo-services.netlify.app/

HTTP Response

301
35.156.224.161:443

https://bdo-services.netlify.app/bdo_favicon.svg

tls, http2

msedge.exe

5.5kB
92.9kB
71
108

HTTP Request

GET https://bdo-services.netlify.app/

HTTP Response

200

HTTP Request

GET https://bdo-services.netlify.app/static/css/main.984924b5.css

HTTP Request

GET https://bdo-services.netlify.app/static/js/main.cf1b7897.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://bdo-services.netlify.app/static/media/on.0a461cdbae859e8ca237.png

HTTP Request

GET https://bdo-services.netlify.app/static/media/loading.3cbf528bdee397140a68e29f4ab40054.svg

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://bdo-services.netlify.app/bdo_favicon.svg

HTTP Response

200

HTTP Request

GET https://bdo-services.netlify.app/

HTTP Response

304

HTTP Request

GET https://bdo-services.netlify.app/static/js/main.cf1b7897.js

HTTP Request

GET https://bdo-services.netlify.app/static/css/main.984924b5.css

HTTP Response

304

HTTP Response

304

HTTP Request

GET https://bdo-services.netlify.app/static/media/on.0a461cdbae859e8ca237.png

HTTP Request

GET https://bdo-services.netlify.app/static/media/loading.3cbf528bdee397140a68e29f4ab40054.svg

HTTP Request

GET https://bdo-services.netlify.app/bdo_favicon.svg

HTTP Response

304

HTTP Response

304

HTTP Response

200
104.21.234.235:443

https://rsms.me/inter/inter.css

tls, http2

msedge.exe

1.7kB
6.2kB
14
14

HTTP Request

GET https://rsms.me/inter/inter.css

HTTP Response

200
23.63.101.177:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

msedge.exe

416 B
1.6kB
6
5

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
185.187.241.25:443

https://bittalorchids.in/assets/fonts/license/

tls, http2

msedge.exe

2.0kB
5.1kB
15
15

HTTP Request

OPTIONS https://bittalorchids.in/assets/fonts/license/

HTTP Response

200

HTTP Request

POST https://bittalorchids.in/assets/fonts/license/

HTTP Response

200
185.187.241.25:443

bittalorchids.in

tls, http2

msedge.exe

943 B
4.2kB
8
11
127.0.0.1:64995

firefox.exe
34.160.144.191:443

content-signature-2.cdn.mozilla.net

tls

firefox.exe

2.3kB
16.4kB
23
29
52.10.78.57:443

shavar.services.mozilla.com

tls

firefox.exe

2.2kB
3.7kB
10
9
34.117.237.239:443

https://contile.services.mozilla.com/v1/tiles

tls, http2

firefox.exe

1.7kB
6.3kB
13
16

HTTP Request

GET https://contile.services.mozilla.com/v1/tiles
34.149.100.209:443

https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221712817062516%22

tls, http2

firefox.exe

3.0kB
35.6kB
30
47

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?collection=partitioning-exempt-urls&bucket=main&_expected=0

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1702403047185

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221712817062516%22
34.107.243.93:443

https://push.services.mozilla.com/

tls, http

firefox.exe

1.9kB
4.6kB
10
11

HTTP Request

GET https://push.services.mozilla.com/

HTTP Response

101
127.0.0.1:65001

firefox.exe
23.62.61.194:443

https://www.bing.com/qbox?query=&language=en-US&pt=EdgBox&cvid=e9d7cb1644dd4ab787801c7cf1bc2572&oit=0

tls, http2

msedge.exe

1.6kB
7.3kB
14
16

HTTP Request

GET https://www.bing.com/qbox?query=&language=en-US&pt=EdgBox&cvid=e9d7cb1644dd4ab787801c7cf1bc2572&oit=0

HTTP Response

200
3.72.140.173:443

https://bdo-services.netlify.app/bdo_favicon.svg

tls, http2

firefox.exe

3.4kB
91.3kB
37
96

HTTP Request

GET https://bdo-services.netlify.app/

HTTP Response

200

HTTP Request

GET https://bdo-services.netlify.app/static/js/main.cf1b7897.js

HTTP Request

GET https://bdo-services.netlify.app/static/css/main.984924b5.css

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://bdo-services.netlify.app/static/media/on.0a461cdbae859e8ca237.png

HTTP Request

GET https://bdo-services.netlify.app/static/media/loading.3cbf528bdee397140a68e29f4ab40054.svg

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://bdo-services.netlify.app/bdo_favicon.svg

HTTP Response

200
34.149.100.209:443

firefox.settings.services.mozilla.com

tls

firefox.exe

1.0kB
3.9kB
11
9
104.21.234.234:443

https://rsms.me/inter/inter.css

tls, http2

firefox.exe

1.8kB
7.4kB
15
15

HTTP Request

GET https://rsms.me/inter/inter.css

HTTP Response

200
185.187.241.25:443

bittalorchids.in

tls, http2

firefox.exe

1.2kB
5.2kB
9
12
185.187.241.25:443

https://bittalorchids.in/assets/fonts/license/

tls, http2

firefox.exe

2.4kB
5.6kB
19
19

HTTP Request

OPTIONS https://bittalorchids.in/assets/fonts/license/

HTTP Response

200

HTTP Request

POST https://bittalorchids.in/assets/fonts/license/

HTTP Request

POST https://bittalorchids.in/assets/fonts/license/

HTTP Response

200

HTTP Response

200
185.187.241.25:443

bittalorchids.in

tls, http2

firefox.exe

1.2kB
4.6kB
10
12
35.244.181.201:443

aus5.mozilla.org

tls

firefox.exe

1.6kB
5.5kB
14
16
2.18.121.73:80

http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

http

firefox.exe

7.7kB
467.3kB
161
344

HTTP Request

GET http://ciscobinary.openh264.org/openh264-win64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

HTTP Response

200
216.58.201.110:443

redirector.gvt1.com

tls

firefox.exe

1.6kB
9.0kB
16
20
173.194.138.202:443

r5---sn-aigzrn7d.gvt1.com

tls

firefox.exe

226.6kB
8.7MB
3595
6253
3.72.140.173:443

https://bdo-services.netlify.app/static/media/loading.3cbf528bdee397140a68e29f4ab40054.svg

tls, http2

firefox.exe

4.3kB
3.2kB
37
32

HTTP Request

GET https://bdo-services.netlify.app/

HTTP Response

304

HTTP Request

GET https://bdo-services.netlify.app/static/js/main.cf1b7897.js

HTTP Request

GET https://bdo-services.netlify.app/static/css/main.984924b5.css

HTTP Response

304

HTTP Response

304

HTTP Request

GET https://bdo-services.netlify.app/static/media/on.0a461cdbae859e8ca237.png

HTTP Request

GET https://bdo-services.netlify.app/static/media/loading.3cbf528bdee397140a68e29f4ab40054.svg

HTTP Response

304

HTTP Response

304

HTTP Request

GET https://bdo-services.netlify.app/

HTTP Response

304

HTTP Request

GET https://bdo-services.netlify.app/static/js/main.cf1b7897.js

HTTP Request

GET https://bdo-services.netlify.app/static/css/main.984924b5.css

HTTP Response

304

HTTP Response

304

HTTP Request

GET https://bdo-services.netlify.app/static/media/on.0a461cdbae859e8ca237.png

HTTP Request

GET https://bdo-services.netlify.app/static/media/loading.3cbf528bdee397140a68e29f4ab40054.svg

HTTP Response

304

HTTP Response

304

HTTP Request

GET https://bdo-services.netlify.app/

HTTP Response

304

HTTP Request

GET https://bdo-services.netlify.app/static/js/main.cf1b7897.js

HTTP Request

GET https://bdo-services.netlify.app/static/css/main.984924b5.css

HTTP Response

304

HTTP Response

304

HTTP Request

GET https://bdo-services.netlify.app/static/media/on.0a461cdbae859e8ca237.png

HTTP Request

GET https://bdo-services.netlify.app/static/media/loading.3cbf528bdee397140a68e29f4ab40054.svg

HTTP Response

304

HTTP Response

304

8.8.8.8:53

bdo-services.netlify.app

dns

firefox.exe

70 B
102 B
1
1

DNS Request

bdo-services.netlify.app

DNS Response

35.156.224.161

3.72.140.173
8.8.8.8:53

rsms.me

dns

firefox.exe

53 B
85 B
1
1

DNS Request

rsms.me

DNS Response

104.21.234.235

104.21.234.234
8.8.8.8:53

apps.identrust.com

dns

msedge.exe

64 B
149 B
1
1

DNS Request

apps.identrust.com

DNS Response

23.63.101.177
8.8.8.8:53

bittalorchids.in

dns

firefox.exe

62 B
78 B
1
1

DNS Request

bittalorchids.in

DNS Response

185.187.241.25
8.8.8.8:53

183.142.211.20.in-addr.arpa

dns

73 B
159 B
1
1

DNS Request

183.142.211.20.in-addr.arpa
8.8.8.8:53

161.224.156.35.in-addr.arpa

dns

73 B
140 B
1
1

DNS Request

161.224.156.35.in-addr.arpa
8.8.8.8:53

68.159.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

68.159.190.20.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

235.234.21.104.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

235.234.21.104.in-addr.arpa
8.8.8.8:53

177.101.63.23.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

177.101.63.23.in-addr.arpa
185.187.241.25:443

bittalorchids.in

https

msedge.exe

21.9kB
25.5kB
230
232
8.8.8.8:53

25.241.187.185.in-addr.arpa

dns

73 B
133 B
1
1

DNS Request

25.241.187.185.in-addr.arpa
224.0.0.251:5353

586 B
9
8.8.8.8:53

133.211.185.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

133.211.185.52.in-addr.arpa
8.8.8.8:53

183.59.114.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

183.59.114.20.in-addr.arpa
8.8.8.8:53

198.187.3.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

198.187.3.20.in-addr.arpa
8.8.8.8:53

17.143.109.104.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

17.143.109.104.in-addr.arpa
8.8.8.8:53

contile.services.mozilla.com

dns

firefox.exe

74 B
90 B
1
1

DNS Request

contile.services.mozilla.com

DNS Response

34.117.237.239
8.8.8.8:53

content-signature-2.cdn.mozilla.net

dns

firefox.exe

81 B
235 B
1
1

DNS Request

content-signature-2.cdn.mozilla.net

DNS Response

34.160.144.191
8.8.8.8:53

shavar.services.mozilla.com

dns

firefox.exe

73 B
157 B
1
1

DNS Request

shavar.services.mozilla.com

DNS Response

52.10.78.57

54.245.32.185

44.239.14.124
8.8.8.8:53

push.services.mozilla.com

dns

firefox.exe

71 B
125 B
1
1

DNS Request

push.services.mozilla.com

DNS Response

34.107.243.93
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

103 B
119 B
1
1

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

34.160.144.191
8.8.8.8:53

shavar.prod.mozaws.net

dns

firefox.exe

68 B
116 B
1
1

DNS Request

shavar.prod.mozaws.net

DNS Response

44.239.14.124

52.10.78.57

54.245.32.185
8.8.8.8:53

firefox.settings.services.mozilla.com

dns

firefox.exe

83 B
161 B
1
1

DNS Request

firefox.settings.services.mozilla.com

DNS Response

34.149.100.209
8.8.8.8:53

contile.services.mozilla.com

dns

firefox.exe

74 B
90 B
1
1

DNS Request

contile.services.mozilla.com

DNS Response

34.117.237.239
8.8.8.8:53

prod.content-signature-chains.prod.webservices.mozgcp.net

dns

firefox.exe

103 B
131 B
1
1

DNS Request

prod.content-signature-chains.prod.webservices.mozgcp.net

DNS Response

2600:1901:0:92a9::
8.8.8.8:53

shavar.prod.mozaws.net

dns

firefox.exe

68 B
153 B
1
1

DNS Request

shavar.prod.mozaws.net
8.8.8.8:53

contile.services.mozilla.com

dns

firefox.exe

74 B
155 B
1
1

DNS Request

contile.services.mozilla.com
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

94 B
110 B
1
1

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net

DNS Response

34.149.100.209
8.8.8.8:53

autopush.prod.mozaws.net

dns

firefox.exe

70 B
86 B
1
1

DNS Request

autopush.prod.mozaws.net

DNS Response

34.107.243.93
8.8.8.8:53

prod.remote-settings.prod.webservices.mozgcp.net

dns

firefox.exe

94 B
187 B
1
1

DNS Request

prod.remote-settings.prod.webservices.mozgcp.net
8.8.8.8:53

autopush.prod.mozaws.net

dns

firefox.exe

70 B
155 B
1
1

DNS Request

autopush.prod.mozaws.net
8.8.8.8:53

57.78.10.52.in-addr.arpa

dns

70 B
131 B
1
1

DNS Request

57.78.10.52.in-addr.arpa
8.8.8.8:53

194.61.62.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

194.61.62.23.in-addr.arpa
8.8.8.8:53

bdo-services.netlify.app

dns

firefox.exe

70 B
102 B
1
1

DNS Request

bdo-services.netlify.app

DNS Response

3.72.140.173

35.156.224.161
8.8.8.8:53

bdo-services.netlify.app

dns

firefox.exe

70 B
102 B
1
1

DNS Request

bdo-services.netlify.app

DNS Response

18.192.231.252

3.70.101.28
8.8.8.8:53

bdo-services.netlify.app

dns

firefox.exe

70 B
126 B
1
1

DNS Request

bdo-services.netlify.app

DNS Response

2a05:d014:275:cb01::c8

2a05:d014:58f:6200::64
8.8.8.8:53

rsms.me

dns

firefox.exe

53 B
85 B
1
1

DNS Request

rsms.me

DNS Response

104.21.234.234

104.21.234.235
8.8.8.8:53

rsms.me

dns

firefox.exe

106 B
218 B
2
2

DNS Request

rsms.me

DNS Response

2606:4700:3038::6815:eaea

2606:4700:3038::6815:eaeb

DNS Request

rsms.me

DNS Response

2606:4700:3038::6815:eaeb

2606:4700:3038::6815:eaea
104.21.234.234:443

rsms.me

https

firefox.exe

3.4kB
8.3kB
9
12
8.8.8.8:53

bittalorchids.in

dns

firefox.exe

62 B
78 B
1
1

DNS Request

bittalorchids.in

DNS Response

185.187.241.25
8.8.8.8:53

173.140.72.3.in-addr.arpa

dns

71 B
136 B
1
1

DNS Request

173.140.72.3.in-addr.arpa
8.8.8.8:53

234.234.21.104.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

234.234.21.104.in-addr.arpa
8.8.8.8:53

bittalorchids.in

dns

firefox.exe

62 B
90 B
1
1

DNS Request

bittalorchids.in

DNS Response

2a02:4780:3:645:0:2571:d6dc:10
185.187.241.25:443

bittalorchids.in

https

firefox.exe

7.1kB
17.4kB
44
56
185.187.241.25:443

bittalorchids.in

https

firefox.exe

27.1kB
26.1kB
208
166
8.8.8.8:53

aus5.mozilla.org

dns

firefox.exe

62 B
180 B
1
1

DNS Request

aus5.mozilla.org

DNS Response

35.244.181.201
8.8.8.8:53

prod.balrog.prod.cloudops.mozgcp.net

dns

firefox.exe

82 B
98 B
1
1

DNS Request

prod.balrog.prod.cloudops.mozgcp.net

DNS Response

35.244.181.201
8.8.8.8:53

prod.balrog.prod.cloudops.mozgcp.net

dns

firefox.exe

82 B
175 B
1
1

DNS Request

prod.balrog.prod.cloudops.mozgcp.net
8.8.8.8:53

ciscobinary.openh264.org

dns

firefox.exe

70 B
286 B
1
1

DNS Request

ciscobinary.openh264.org

DNS Response

2.18.121.73

2.18.121.79
8.8.8.8:53

a19.dscg10.akamai.net

dns

firefox.exe

67 B
99 B
1
1

DNS Request

a19.dscg10.akamai.net

DNS Response

2.18.121.73

2.18.121.79
8.8.8.8:53

a19.dscg10.akamai.net

dns

firefox.exe

67 B
123 B
1
1

DNS Request

a19.dscg10.akamai.net

DNS Response

2a02:26f0:a1::58dd:86d1

2a02:26f0:a1::58dd:869b
8.8.8.8:53

201.181.244.35.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

201.181.244.35.in-addr.arpa
8.8.8.8:53

73.121.18.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

73.121.18.2.in-addr.arpa
8.8.8.8:53

redirector.gvt1.com

dns

firefox.exe

65 B
81 B
1
1

DNS Request

redirector.gvt1.com

DNS Response

216.58.201.110
8.8.8.8:53

redirector.gvt1.com

dns

firefox.exe

65 B
81 B
1
1

DNS Request

redirector.gvt1.com

DNS Response

216.58.201.110
8.8.8.8:53

redirector.gvt1.com

dns

firefox.exe

65 B
93 B
1
1

DNS Request

redirector.gvt1.com

DNS Response

2a00:1450:4009:826::200e
216.58.201.110:443

redirector.gvt1.com

https

firefox.exe

3.3kB
9.5kB
8
10
8.8.8.8:53

r5---sn-aigzrn7d.gvt1.com

dns

firefox.exe

71 B
116 B
1
1

DNS Request

r5---sn-aigzrn7d.gvt1.com

DNS Response

173.194.138.202
8.8.8.8:53

r5.sn-aigzrn7d.gvt1.com

dns

firefox.exe

69 B
85 B
1
1

DNS Request

r5.sn-aigzrn7d.gvt1.com

DNS Response

173.194.138.202
8.8.8.8:53

r5.sn-aigzrn7d.gvt1.com

dns

firefox.exe

69 B
97 B
1
1

DNS Request

r5.sn-aigzrn7d.gvt1.com

DNS Response

2a00:1450:4009:34::a
173.194.138.202:443

r5.sn-aigzrn7d.gvt1.com

https

firefox.exe

1.8kB
6.5kB
5
8
8.8.8.8:53

202.138.194.173.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

202.138.194.173.in-addr.arpa
8.8.8.8:53

43.229.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

43.229.111.52.in-addr.arpa
8.8.8.8:53

bdo-services.netlify.app

dns

firefox.exe

70 B
102 B
1
1

DNS Request

bdo-services.netlify.app

DNS Response

3.70.101.28

35.156.224.161
8.8.8.8:53

bdo-services.netlify.app

dns

firefox.exe

70 B
126 B
1
1

DNS Request

bdo-services.netlify.app

DNS Response

2a05:d014:58f:6202::64

2a05:d014:58f:6200::64

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4d6e17218d9a99976d1a14c6f6944c96

SHA1
9e54a19d6c61d99ac8759c5f07b2f0d5faab447f

SHA256
32e343d2794af8bc6f2f7c905b5df11d53db4ad8922b92ad5e7cc9c856509d93

SHA512
3fa166b3e2d1236298d8dda7071a6fcf2bde283f181b8b0a07c0bb8ba756d6f55fa8a847ca5286d4dbabc6dace67e842a118866320ac01bd5f93cccd3a032e47

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
a626b8ddce8eb168d7b06875340adb61

SHA1
e00e37ccb0e1ec4b2dbf483ee016e4d11c12c10d

SHA256
c45b2353ebaddd9d8b313949503e4d33af3b5f1872cbb89c56adb5967a61ae41

SHA512
94fd80339f4a55abf7380ded63dbc0d3062ba7d8d1d40d568eb4a526735fb93cee414e4aa774052b14578651e4e2ae22a8f3b155f08f8fc1f67f8dd63bcfc339

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
72B

MD5
409534125193a3069b385ba8a20c5c26

SHA1
27ab5fbedf28f430ac6305d954a37a2a0d6414f2

SHA256
db8118605bdb9cc4dcb53389827fdbd8118413a7ff5a755308cef4265838a733

SHA512
fd5154292a7a68f3d3182cb34fc496fa420903813a111067e37c70c24b0631d62cfb33cebf30f3504f537ae8946b3a9cda856d562f3f63b01d40e938d2c3818d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
111B

MD5
807419ca9a4734feaf8d8563a003b048

SHA1
a723c7d60a65886ffa068711f1e900ccc85922a6

SHA256
aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631

SHA512
f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
680B

MD5
01bb9aa58537ae3c879049c81e343190

SHA1
db05b0338db338ae961abf385156d76e5747428e

SHA256
4a74159e1514cb47a33d661dc38a73845b9ddc175824af146c6e08fa3c4ffde0

SHA512
d6dcccd9fa8ce10f3ec03b246fc1480f5170b37e538856cab5b4cb4c64a94ad0101a2f6951ac7a5baed4b722958bce88401b7a47ef54bb209c1706a2131d61ba

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
5412354dca660f89276baae5d729a060

SHA1
833067649b7d40e6967abfc89e260634de0a314e

SHA256
f3e85e8ab377c71a2a1fa8de83871272ea13093216abae97f8158e50e6167003

SHA512
a1461f41f874bb592455c74b377eb01b92fd0ec9bcca514e2edd3ba1e9c8498370cc11a5271110f1cc65f8a3aa1cad4b3456c5ed52ace31a7f586cc93fc71418

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
22bcc48e974c076a6107d32770909cc8

SHA1
9b06637e4e5e306d0ff6b3ed6ae04412ccf9b534

SHA256
2866426223927e47cc95e6e70dd540e717a0c662b65fb7f2e6c92aa33edd96ec

SHA512
4c67c5ce824e9241943fdf7e8cd4ae674504cba46afe926f56bb60cc9745831444d6c56ab06a46728313903345743c9f7bc131d10be005c810ce52995de1ee78

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
1505690132303f5d20e5c5ed1ad1e902

SHA1
021e886335804395560e61398eb0ee7a97ca42eb

SHA256
657358738f539aafe0a359d9d8963ffdedff8409a3940e4342b6e2028e3a73ad

SHA512
25a4f5f6cdfccfe211626e52f27778937d38cdef9c09c7053149e582a48698cd3544a9ac9addb7615f05ec23c6cbdcf3a815ba37d94f5290e4a8a29e09236780

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
4b7aac1689670dac29c8ff18aed730bc

SHA1
cdb707ff30fe6786875cb600839ab4cfff704a25

SHA256
40cdaeed3c36cda40c5a033f2852e60b5395cfaae2e6bf44469e545405d4cd68

SHA512
89462243f23eaff2100956e50e12cf04e9c7effb580073dfe02f0ab12b177457f7a795475c605a784f90fb753c208235de01a0307e18bc01e9f7d82f5a7dde5d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
dbdae00cb7d4dc14a64088e4c92ae26a

SHA1
fa40f8bac861eb930c9429d2819396dc3256b452

SHA256
3a5d56ae76a4f178faf253034a047e0c84fb739094283c3ef5ea01a68a54ed3f

SHA512
79f8f2a52f9904794338e0c56ae213b168502c3b7a5410c8ebdb76aae6f242fed2580b3403b7de4cd3b7441d02b86d3d6a59e37a3e3b0237bfff0a9beb1bcfdc

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
24KB

MD5
c2ef1d773c3f6f230cedf469f7e34059

SHA1
e410764405adcfead3338c8d0b29371fd1a3f292

SHA256
185450d538a894e4dcf55b428f506f3d7baa86664fbbc67afd6c255b65178521

SHA512
2ef93803da4d630916bed75d678382fd1c72bff1700a1a72e2612431c6d5e11410ced4eaf522b388028aeadb08e8a77513e16594e6ab081f6d6203e4caa7d549

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
201B

MD5
6d398c77d852ee260c23cef27f341d8c

SHA1
11cd62d98f949f3985da140a8dd40c82211d16b3

SHA256
273c9879ca1c42890b632e933eb0c5616c3f65fe9058a8174de288df044a3578

SHA512
1b3afbd04589a396489b6cd74f657e2990b758510652c0931cddd59650727e08b773d03028a489d1cb0e4d6ea325f1e273259760a05d1095a86fe3d65e9f0afd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57de3a.TMP

Filesize
201B

MD5
12362e0f21f335088faa7d64408e7867

SHA1
f36fec545e5b4d7b8a53071445d3e998032b016f

SHA256
da1ad0331a6d20fc297d79371a117496e277b1f67c0fbf42f30a20e3c713600a

SHA512
81f10ab2f70449e4af6fb68bf11d4741c45964d6e1bbd0ab14cd78c87ea2868530f183858a015f932d1ca33a6aa9fe7d6c7514b089738af397b07429ae6f27e2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
e66c401d4f9430b51fff5a5408bc2457

SHA1
ef4705d6c6fb4d8025fea61e8c5f44bb82a80239

SHA256
3e961d3c4ec15b9d7d960cac46b680ac4edb8076a40d9317bd0f03b364a992b4

SHA512
23822a7b3108b1f592d57d16bd1f49215d7217f1815f760d0f04c1fbb4ca5b034eb0aadc77001b761be8c3376097efe6c17f82391fa8558a67c14d80dcda6a20

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
0cd56a4310ad5a06aa5d74d270e26130

SHA1
e18dba9ed2a76cbd2382b2066962d0785e38acc4

SHA256
fb1862c9dd91a5800f65b2b221b4a29de85d8a4eab2e39c3af0c12e324312e44

SHA512
70049e49b7576c1653935de082cbc3e6f21422d3a98bb816ca044c0f843825d4a12c0b3dfb0bf7a6ef160162451da4285ac7b2a757711ad749260b833f1d1f61

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
10KB

MD5
187efd60022e3725aca864dfd6856453

SHA1
79be23f4f2cb3c2b23599d137ed98e1d8c925343

SHA256
894f5145a15088b64bd4beeaf54746a993142880cccf3744aab64b28238d9868

SHA512
6aebe60d99bc6ecd2e50ecff5840bc753c65467dc2f6e8eb4b51f3d02a0520b9782f9aa5d7c483f5369e474dee48a390ea000a92fb45136b28b83d5979d2aca3

Download Submit
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\92qyi9k9.default-release\cache2\entries\BBA25366D88F7512915762A105053559524DFA19

Filesize
850KB

MD5
88984b167a5bffd8ff0b87e7becc034e

SHA1
c39bd73ec71b498d874f33763f2b53f26186c18d

SHA256
f3565e3fb81261cc78dcec251c7b6c1e59a91889d5825dba94936f065c265ca1

SHA512
bf233ec1fdf78cb4ff6d0250ad50b5a23292c27e45045102a04b536edb622bb94bcec852743a935e49116532220fe32457640c9f2fd785affae06f7aa7db8d0c

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon

Filesize
442KB

MD5
85430baed3398695717b0263807cf97c

SHA1
fffbee923cea216f50fce5d54219a188a5100f41

SHA256
a9f4281f82b3579581c389e8583dc9f477c7fd0e20c9dfc91a2e611e21e3407e

SHA512
06511f1f6c6d44d076b3c593528c26a602348d9c41689dbf5ff716b671c3ca5756b12cb2e5869f836dedce27b1a5cfe79b93c707fd01f8e84b620923bb61b5f1

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1

Filesize
8.0MB

MD5
a01c5ecd6108350ae23d2cddf0e77c17

SHA1
c6ac28a2cd979f1f9a75d56271821d5ff665e2b6

SHA256
345d44e3aa3e1967d186a43d732c8051235c43458169a5d7d371780a6475ee42

SHA512
b046dd1b26ec0b810ee441b7ad4dc135e3f1521a817b9f3db60a32976352e8f7e53920e1a77fc5b4130aac260d79deef7e823267b4414e9cc774d8bffca56a72

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\datareporting\glean\db\data.safe.bin

Filesize
2KB

MD5
9763fb0c4330607fc2b1641d50404a27

SHA1
888de7237b78cd77ab2bf26bc6f69750314df7c7

SHA256
9fd886b3f18bfa0e6b1e24f22e0c02ea3f30f3bf1c3b93260ace81bb1f409c15

SHA512
1578e488be345c8e802e05fd0a39e05c834a8016923dcabadecde194f0086178edb85ac98b4cb703a58f795773dd0091633d61cdc4d0a7f41fa83d96223aa7e9

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\datareporting\glean\pending_pings\27a77056-72db-4681-b909-f782f28a478a

Filesize
11KB

MD5
f8ff4d671422d5fc199fcc66f3194c9f

SHA1
5ced5773e2a14a7b5a57f8cac080aa1b60d5c6bc

SHA256
f7fda102bd37efa6ab023ce31aa827f7945c9686180764ed4145eade4ee53eff

SHA512
2073bca32821da8cfe5064b4eaab73e441143b9111061cd4ccc22ca3bf984d9524d1713aca336a170bdd78dabc71fba7f2e0f2f3c057f97f9769f9c4ce90aa09

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\datareporting\glean\pending_pings\cdaa9b8a-f5d6-4523-89fa-766803195277

Filesize
746B

MD5
70ca78ac1a6f1f06dbbefc58681afd07

SHA1
6bccd126e81a577954d48a6acf35cf6ed9ab3621

SHA256
404a32ff43d1717ad073c10f4b5ced396be431d8cc6a569755d7fc257c176b7b

SHA512
9e3f72d303dc332d78fbb85fcc69955116d08cef2a0408f05608d783486c33e1351a556dde4ef1603c7e67b4e548c93f8337da3c4dad3267e86eee37c5f6cd40

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.dll

Filesize
997KB

MD5
fe3355639648c417e8307c6d051e3e37

SHA1
f54602d4b4778da21bc97c7238fc66aa68c8ee34

SHA256
1ed7877024be63a049da98733fd282c16bd620530a4fb580dacec3a78ace914e

SHA512
8f4030bb2464b98eccbea6f06eb186d7216932702d94f6b84c56419e9cf65a18309711ab342d1513bf85aed402bc3535a70db4395874828f0d35c278dd2eac9c

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-gmpopenh264\1.8.1.2\gmpopenh264.info

Filesize
116B

MD5
3d33cdc0b3d281e67dd52e14435dd04f

SHA1
4db88689282fd4f9e9e6ab95fcbb23df6e6485db

SHA256
f526e9f98841d987606efeaff7f3e017ba9fd516c4be83890c7f9a093ea4c47b

SHA512
a4a96743332cc8ef0f86bc2e6122618bfc75ed46781dadbac9e580cd73df89e74738638a2cccb4caa4cbbf393d771d7f2c73f825737cdb247362450a0d4a4bc1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\LICENSE.txt

Filesize
479B

MD5
49ddb419d96dceb9069018535fb2e2fc

SHA1
62aa6fea895a8b68d468a015f6e6ab400d7a7ca6

SHA256
2af127b4e00f7303de8271996c0c681063e4dc7abdc7b2a8c3fe5932b9352539

SHA512
48386217dabf7556e381ab3f5924b123a0a525969ff98f91efb03b65477c94e48a15d9abcec116b54616d36ad52b6f1d7b8b84c49c204e1b9b43f26f2af92da2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\manifest.json

Filesize
372B

MD5
8be33af717bb1b67fbd61c3f4b807e9e

SHA1
7cf17656d174d951957ff36810e874a134dd49e0

SHA256
e92d3394635edfb987a7528e0ccd24360e07a299078df2a6967ca3aae22fa2dd

SHA512
6125f60418e25fee896bf59f5672945cd8f36f03665c721837bb50adf5b4dfef2dddbfcfc817555027dcfa90e1ef2a1e80af1219e8063629ea70263d2fc936a7

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll

Filesize
11.8MB

MD5
33bf7b0439480effb9fb212efce87b13

SHA1
cee50f2745edc6dc291887b6075ca64d716f495a

SHA256
8ee42d9258e20bbc5bfdfae61605429beb5421ffeaaa0d02b86d4978f4b4ac4e

SHA512
d329a1a1d98e302142f2776de8cc2cd45a465d77cb21c461bdf5ee58c68073a715519f449cb673977288fe18401a0abcce636c85abaec61a4a7a08a16c924275

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.lib

Filesize
1KB

MD5
688bed3676d2104e7f17ae1cd2c59404

SHA1
952b2cdf783ac72fcb98338723e9afd38d47ad8e

SHA256
33899a3ebc22cb8ed8de7bd48c1c29486c0279b06d7ef98241c92aef4e3b9237

SHA512
7a0e3791f75c229af79dd302f7d0594279f664886fea228cfe78e24ef185ae63aba809aa1036feb3130066deadc8e78909c277f0a7ed1e3485df3cf2cd329776

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\gmp-widevinecdm\4.10.2557.0\widevinecdm.dll.sig

Filesize
1KB

MD5
937326fead5fd401f6cca9118bd9ade9

SHA1
4526a57d4ae14ed29b37632c72aef3c408189d91

SHA256
68a03f075db104f84afdd8fca45a7e4bff7b55dc1a2a24272b3abe16d8759c81

SHA512
b232f6cf3f88adb346281167ac714c4c4c7aac15175087c336911946d12d63d3a3a458e06b298b41a7ec582ef09fe238da3a3166ff89c450117228f7485c22d2

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs-1.js

Filesize
6KB

MD5
148ffbe7d619eb820e12f05b2c4f2917

SHA1
ba515e0a0a69509f15aa4eb729309736f6ec808c

SHA256
258dbff0521cf5831e823b2a941b1f094cf42eb29cd5f0bead9d583fe71409db

SHA512
ccb015a5aefa16aeb581405eabab7ca98141ec6b6279a09a140829701ee37f1a69e568ce33294efd6c374b51c1aed8b4c123244d971aa6fc27d6c8b98cfb8be5

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs-1.js

Filesize
6KB

MD5
ec306ba808d85596165e01be27a7c68b

SHA1
7a81e2da46aab659d94bd6f6fb36cff26ea0b490

SHA256
1f1875223d0d15d09d6ad14c72578915192dd20f461090814ab07939f91d8336

SHA512
b458f6054603792ce4d805f428d36bde3dab598c8e6f26d1435080e68672040f78ddc0426f8ad658a35cc07cc6ea159d6cce0ef138cc2c08507791be1a5b0433

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs-1.js

Filesize
7KB

MD5
407c7bb3193eb0401c800b785763cd59

SHA1
7fca65f84af8a05da911b5b2ef236f68692a6e3e

SHA256
cea5107dbe0cd98a642b2366222fe042fefa63e960694426151daba338b24c39

SHA512
a859835dbeef2527271e1eb5f3bba6e6d76dab08c1e2bfe6ca24dca564b42ea26e920462f2fc26d4e84edb5d2f34f3a92391b6ddcb8015995c4b617dfaaccba1

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\prefs.js

Filesize
6KB

MD5
c579fea97c98c0f8adcd91b0a663364d

SHA1
632b6fd496ed8421b9958ba3c24d549dd00bfe1d

SHA256
291f45f9d7f7c9b15f5b9265960d813a55c9ba5b9d5b1fb388264480b8753e38

SHA512
316c9b9e1aa4a7ccf6d406af1a9b86d8d6eb375d86957fa8e4de2a3580a4c6176f87a0557a50e17c15a1ace20edfbca652f944395ce77f4736dac5a5282532bc

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
2eb7209c75d556578e45bda99e01988c

SHA1
53413f57eb040e12e01bf094b6a1e5bc5485ef05

SHA256
a3632d9189571863b6fdada79450e727c58c730ed1cabe55185db93384ead60e

SHA512
c201d91d5a23f86e3970e1ae5ffb117509249b6cba98ce4d684ebf21e291c2e72ba3d797928a1c378c43fcac6413a906c3b06c6419843fc68badc4c37ab70b12

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
f78b0a9b2dce0ba404d2c5c5424c4673

SHA1
dd7fd0c154a5fb48e932b328b4471ecd659c75ae

SHA256
56b56ed729c22f34492d86c34596f438ded45476753d13be4b14ed24f388e04b

SHA512
83cabaf24f4903f77cedac9de905c6b0b07f8652e58784041f8baea7f5889863b45d172a79cd5a3f9af3df8af95cc425a81d25a3b31ae06b3ac8a103f01072d8

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
9ab7a9c7375e356a4456303378e26c57

SHA1
f3da541d2d2b7024eff60449733a940cd110c1f6

SHA256
5193a4a49f4865888232f301268f17bed4355ae13c3f23d0a9d78899d615ea5b

SHA512
8b09ced07bd80b96dc8f24a89c7670090774173c5b25496e9da277529c46c4367cfe187e6a922fc2957ee5a298ee5184d5379c035b2b3c9e90969f3054ee4f0f

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\sessionstore-backups\recovery.jsonlz4

Filesize
2KB

MD5
5a1dd33c666ecebac58e2dc086ee3501

SHA1
55e2c92d63570c49c7d136b2674c74dfdd0ffa93

SHA256
1cc13456dcbde1ea6a9b6843c8f06263ffa132111f2cb822172cdf9b3d692ba8

SHA512
049893914bcf0b0e1dee918c094a8b7dff9c8b4baf7fcf1c6b30709971b71832b9e36471de36b46d01b030c8512e09071b61f522e98980c458c97e0895b272d6

Download Submit
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\92qyi9k9.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

Filesize
184KB

MD5
feacfeaa6370d0dd460a0609e1e1435e

SHA1
1463da69f34d0efa56e61d9dd55ac1f435237b5b

SHA256
d57b87db93a487d521c52be8e0d599fcfb17e8012f6066c303f4e48e92c3f439

SHA512
61097d4419f67e7b364a5f0f3a248d801e0bbff2283ffce8cb89a5d43309145288c20ce1a6620217c81256db7da81de7d184a0c7eb769ea237902a5abbe5782b

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response