hxxps://mymainstreetgrill[.]com/minecraft/get-app

Analysis

max time kernel
149s
max time network
147s
platform
windows11-21h2_x64
resource
win11-20240412-en
resource tags

arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
submitted
17/04/2024, 16:27 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://mymainstreetgrill.com/minecraft/get-app

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133578449246422662"	chrome.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4776	msedge.exe
4776	msedge.exe
4216	msedge.exe
4216	msedge.exe
2380	msedge.exe
2380	msedge.exe
3220	identity_helper.exe
3220	identity_helper.exe
4944	chrome.exe
4944	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 22 IoCs

pid	Process
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe
Token: SeShutdownPrivilege	4944	chrome.exe
Token: SeCreatePagefilePrivilege	4944	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe

Suspicious use of SendNotifyMessage 36 IoCs

pid	Process
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4216	msedge.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe
4944	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4216 wrote to memory of 3860	4216	msedge.exe	77
PID 4216 wrote to memory of 3860	4216	msedge.exe	77
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 1736	4216	msedge.exe	78
PID 4216 wrote to memory of 4776	4216	msedge.exe	79
PID 4216 wrote to memory of 4776	4216	msedge.exe	79
PID 4216 wrote to memory of 4296	4216	msedge.exe	80
PID 4216 wrote to memory of 4296	4216	msedge.exe	80
PID 4216 wrote to memory of 4296	4216	msedge.exe	80
PID 4216 wrote to memory of 4296	4216	msedge.exe	80
PID 4216 wrote to memory of 4296	4216	msedge.exe	80
PID 4216 wrote to memory of 4296	4216	msedge.exe	80
PID 4216 wrote to memory of 4296	4216	msedge.exe	80
PID 4216 wrote to memory of 4296	4216	msedge.exe	80
PID 4216 wrote to memory of 4296	4216	msedge.exe	80
PID 4216 wrote to memory of 4296	4216	msedge.exe	80
PID 4216 wrote to memory of 4296	4216	msedge.exe	80
PID 4216 wrote to memory of 4296	4216	msedge.exe	80
PID 4216 wrote to memory of 4296	4216	msedge.exe	80
PID 4216 wrote to memory of 4296	4216	msedge.exe	80
PID 4216 wrote to memory of 4296	4216	msedge.exe	80
PID 4216 wrote to memory of 4296	4216	msedge.exe	80
PID 4216 wrote to memory of 4296	4216	msedge.exe	80
PID 4216 wrote to memory of 4296	4216	msedge.exe	80
PID 4216 wrote to memory of 4296	4216	msedge.exe	80
PID 4216 wrote to memory of 4296	4216	msedge.exe	80

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://mymainstreetgrill.com/minecraft/get-app
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4216
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff843213cb8,0x7ff843213cc8,0x7ff843213cd8
  2⤵
  PID:3860
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1932 /prefetch:2
  2⤵
  PID:1736
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4776
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2760 /prefetch:8
  2⤵
  PID:4296
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:4884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:2472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4072 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2380
- C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5468 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3220
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
  2⤵
  PID:1204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1
  2⤵
  PID:3884
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1
  2⤵
  PID:2872
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:1
  2⤵
  PID:4076
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:1
  2⤵
  PID:1516
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2376 /prefetch:1
  2⤵
  PID:1424
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
  2⤵
  PID:1360
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:1
  2⤵
  PID:3928
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1
  2⤵
  PID:1492
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6148 /prefetch:1
  2⤵
  PID:464
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6372 /prefetch:1
  2⤵
  PID:3720
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --extension-process --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6400 /prefetch:1
  2⤵
  PID:2036
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7564 /prefetch:1
  2⤵
  PID:4520
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7520 /prefetch:1
  2⤵
  PID:4472
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6784 /prefetch:1
  2⤵
  PID:5060
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,1462454518834932173,12120315684578586974,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7884 /prefetch:1
  2⤵
  PID:2944

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:5048

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3152

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4944
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff83ff0ab58,0x7ff83ff0ab68,0x7ff83ff0ab78
  2⤵
  PID:2460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1664 --field-trial-handle=1828,i,9145846668892665285,15890161432903869630,131072 /prefetch:2
  2⤵
  PID:3488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2128 --field-trial-handle=1828,i,9145846668892665285,15890161432903869630,131072 /prefetch:8
  2⤵
  PID:4892
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2192 --field-trial-handle=1828,i,9145846668892665285,15890161432903869630,131072 /prefetch:8
  2⤵
  PID:3140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3080 --field-trial-handle=1828,i,9145846668892665285,15890161432903869630,131072 /prefetch:1
  2⤵
  PID:2464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3196 --field-trial-handle=1828,i,9145846668892665285,15890161432903869630,131072 /prefetch:1
  2⤵
  PID:2308
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4224 --field-trial-handle=1828,i,9145846668892665285,15890161432903869630,131072 /prefetch:1
  2⤵
  PID:1856
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4420 --field-trial-handle=1828,i,9145846668892665285,15890161432903869630,131072 /prefetch:8
  2⤵
  PID:1656
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4528 --field-trial-handle=1828,i,9145846668892665285,15890161432903869630,131072 /prefetch:8
  2⤵
  PID:3692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4832 --field-trial-handle=1828,i,9145846668892665285,15890161432903869630,131072 /prefetch:8
  2⤵
  PID:4800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4956 --field-trial-handle=1828,i,9145846668892665285,15890161432903869630,131072 /prefetch:8
  2⤵
  PID:384
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4544 --field-trial-handle=1828,i,9145846668892665285,15890161432903869630,131072 /prefetch:8
  2⤵
  PID:3828
- C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe
  "C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --reenable-autoupdates --system-level
  2⤵
  PID:3492
- - C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe
    "C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x250,0x254,0x258,0x22c,0x25c,0x7ff79227ae48,0x7ff79227ae58,0x7ff79227ae68
    3⤵
    PID:2088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4992 --field-trial-handle=1828,i,9145846668892665285,15890161432903869630,131072 /prefetch:1
  2⤵
  PID:1648

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:3852

Network

DNS

mymainstreetgrill.com

chrome.exe

Remote address:

8.8.8.8:53

Request

mymainstreetgrill.com

IN A

Response

mymainstreetgrill.com

IN A

104.21.75.86

mymainstreetgrill.com

IN A

172.67.217.157
DNS

login.live.com

chrome.exe

Remote address:

8.8.8.8:53

Request

login.live.com

IN A

Response

login.live.com

IN CNAME

login.msa.msidentity.com

login.msa.msidentity.com

IN CNAME

www.tm.lg.prod.aadmsa.trafficmanager.net

www.tm.lg.prod.aadmsa.trafficmanager.net

IN CNAME

prdv4a.aadg.msidentity.com

prdv4a.aadg.msidentity.com

IN CNAME

www.tm.v4.a.prd.aadg.trafficmanager.net

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.64

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.4

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.73

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

40.126.31.69

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

40.126.31.67

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

40.126.31.71

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

20.190.159.71

www.tm.v4.a.prd.aadg.trafficmanager.net

IN A

40.126.31.73
DNS

ctldl.windowsupdate.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ctldl.windowsupdate.com

IN A

Response

ctldl.windowsupdate.com

IN CNAME

wu-bg-shim.trafficmanager.net

wu-bg-shim.trafficmanager.net

IN CNAME

download.windowsupdate.com.edgesuite.net

download.windowsupdate.com.edgesuite.net

IN CNAME

a767.dspw65.akamai.net

a767.dspw65.akamai.net

IN A

2.17.197.241

a767.dspw65.akamai.net

IN A

2.17.197.216
DNS

86.75.21.104.in-addr.arpa

chrome.exe

Remote address:

8.8.8.8:53

Request

86.75.21.104.in-addr.arpa

IN PTR

Response
DNS

c.pubguru.net

chrome.exe

Remote address:

8.8.8.8:53

Request

c.pubguru.net

IN A

Response

c.pubguru.net

IN CNAME

d3f4u3khr0ycep.cloudfront.net

d3f4u3khr0ycep.cloudfront.net

IN A

108.138.51.44

d3f4u3khr0ycep.cloudfront.net

IN A

108.138.51.24

d3f4u3khr0ycep.cloudfront.net

IN A

108.138.51.37

d3f4u3khr0ycep.cloudfront.net

IN A

108.138.51.63
DNS

x.ss2.us

chrome.exe

Remote address:

8.8.8.8:53

Request

x.ss2.us

IN A

Response

x.ss2.us

IN A

18.244.102.128

x.ss2.us

IN A

18.244.102.14

x.ss2.us

IN A

18.244.102.82

x.ss2.us

IN A

18.244.102.90
DNS

128.102.244.18.in-addr.arpa

chrome.exe

Remote address:

8.8.8.8:53

Request

128.102.244.18.in-addr.arpa

IN PTR

Response

128.102.244.18.in-addr.arpa

IN PTR

server-18-244-102-128waw51r cloudfrontnet
DNS

c.bing.com

chrome.exe

Remote address:

8.8.8.8:53

Request

c.bing.com

IN A

Response

c.bing.com

IN CNAME

c-bing-com.dual-a-0034.a-msedge.net

c-bing-com.dual-a-0034.a-msedge.net

IN CNAME

dual-a-0034.a-msedge.net

dual-a-0034.a-msedge.net

IN A

204.79.197.237

dual-a-0034.a-msedge.net

IN A

13.107.21.237
DNS

98.56.20.217.in-addr.arpa

chrome.exe

Remote address:

8.8.8.8:53

Request

98.56.20.217.in-addr.arpa

IN PTR

Response
DNS

www.gstatic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.gstatic.com

IN A

Response

www.gstatic.com

IN A

216.58.212.195
DNS

www.clarity.ms

chrome.exe

Remote address:

8.8.8.8:53

Request

www.clarity.ms

IN A

Response

www.clarity.ms

IN CNAME

clarity.azurefd.net

clarity.azurefd.net

IN CNAME

azurefd-t-prod.trafficmanager.net

azurefd-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net

part-0036.t-0009.t-msedge.net

IN A

13.107.246.64

part-0036.t-0009.t-msedge.net

IN A

13.107.213.64
DNS

c.bing.com

chrome.exe

Remote address:

8.8.8.8:53

Request

c.bing.com

IN A

Response

c.bing.com

IN CNAME

c-bing-com.dual-a-0034.a-msedge.net

c-bing-com.dual-a-0034.a-msedge.net

IN CNAME

dual-a-0034.a-msedge.net

dual-a-0034.a-msedge.net

IN A

204.79.197.237

dual-a-0034.a-msedge.net

IN A

13.107.21.237
GET

https://mymainstreetgrill.com/minecraft/get-app

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /minecraft/get-app HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
dnt: 1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:26 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6ImRJd1EzYXVKcjdXZ0VZYWNLMytnNUE9PSIsInZhbHVlIjoicUROc0VUZG9QRXZEMDVEMzNOZTJleW1GTksxRDZSekVYakdmZGJSRDlvZWpOVHdJaDZ3UmF5MWlPejh0SjJiT2xFdUZkcFN5bVlMNzJDbzRTVXZ2NzFQSG4vb3NKZG0wTnI2Z0QwYkc1Y3M5VVBFQ3Q1N2hPMWtLMmltOFVpZUQiLCJtYWMiOiJkMmRmZDFhZThlODExNDEyYjYyOGRkMzMwZDNhYmNjMzYyODFmNzA5YTlmNTVjODQxODlmZTc2OGE0NzM3ZDViIiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 18:27:26 GMT; Max-Age=7200; path=/; samesite=lax
set-cookie: mymainstreetgrillcom_session=eyJpdiI6Ik1pcTc5djJURFBSTlZzSlhwbkVYdGc9PSIsInZhbHVlIjoiZ1FwVGZiODZCUEtxVE9BVnpMVTl1UXg2TFhwK25Qd0M2SWYxR3BlT3NlM2dWaTJocDd4WHRldHFaZlZtVkVUZWErdHBxQXFBbm1ZaWVTUW1QWWttT1cyRmZmU2RtV200a2kvWUE0L3FqTThIanFMd1laSVR2bGNoTzR2Tmx4c2IiLCJtYWMiOiI2ODBkY2ViY2U3Mjk2MjRmOTI3ZjFhNjNhNzI3YjA1ZjJlODQzZmEyMmU1NDU5ZTlhNDI3OTYyNmUzODQzNGZkIiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 18:27:26 GMT; Max-Age=7200; path=/; httponly; samesite=lax
set-cookie: ad-source=none; expires=Sun, 21-Apr-2024 16:27:26 GMT; Max-Age=345600; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lphDRcm409VHguEY8PVSisN%2BceTgbG41PIrZ%2F4Zv4vEXtNOTj8o53hXPBJVWV1WmslVVSJGOhi91CEPVJLwcvGMpUTg2SPDBSEuWepvV0SZw48jIkTReYGQGWviCnMo7RV0RSfA6b9Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dc84f2bce63b3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/css/app.css?id=0c7955a86921a1afac34

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /css/app.css?id=0c7955a86921a1afac34 HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://mymainstreetgrill.com/minecraft/get-app
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImRJd1EzYXVKcjdXZ0VZYWNLMytnNUE9PSIsInZhbHVlIjoicUROc0VUZG9QRXZEMDVEMzNOZTJleW1GTksxRDZSekVYakdmZGJSRDlvZWpOVHdJaDZ3UmF5MWlPejh0SjJiT2xFdUZkcFN5bVlMNzJDbzRTVXZ2NzFQSG4vb3NKZG0wTnI2Z0QwYkc1Y3M5VVBFQ3Q1N2hPMWtLMmltOFVpZUQiLCJtYWMiOiJkMmRmZDFhZThlODExNDEyYjYyOGRkMzMwZDNhYmNjMzYyODFmNzA5YTlmNTVjODQxODlmZTc2OGE0NzM3ZDViIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6Ik1pcTc5djJURFBSTlZzSlhwbkVYdGc9PSIsInZhbHVlIjoiZ1FwVGZiODZCUEtxVE9BVnpMVTl1UXg2TFhwK25Qd0M2SWYxR3BlT3NlM2dWaTJocDd4WHRldHFaZlZtVkVUZWErdHBxQXFBbm1ZaWVTUW1QWWttT1cyRmZmU2RtV200a2kvWUE0L3FqTThIanFMd1laSVR2bGNoTzR2Tmx4c2IiLCJtYWMiOiI2ODBkY2ViY2U3Mjk2MjRmOTI3ZjFhNjNhNzI3YjA1ZjJlODQzZmEyMmU1NDU5ZTlhNDI3OTYyNmUzODQzNGZkIiwidGFnIjoiIn0%3D
cookie: ad-source=none

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:26 GMT
content-type: text/css
etag: W/"66179185-63b3a"
last-modified: Thu, 11 Apr 2024 07:30:13 GMT
cf-cache-status: HIT
age: 4541
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v6mXkVp%2F%2B8rtSmpqztyNl6C%2FRe4N8L9VFMwJw4who%2Fi09vu63pW9JtFptcyTxDGBympoG4fCJ6EWh2bHh4TT6DZfAyD%2FpgLrcsdT7nKVG%2FKiCgFBQ%2BDuhIC%2B2Fh74IY6eZSnO4ero7k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dc853cb1363b3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/js/app.js?v=1712820641

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /js/app.js?v=1712820641 HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/minecraft/get-app
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImRJd1EzYXVKcjdXZ0VZYWNLMytnNUE9PSIsInZhbHVlIjoicUROc0VUZG9QRXZEMDVEMzNOZTJleW1GTksxRDZSekVYakdmZGJSRDlvZWpOVHdJaDZ3UmF5MWlPejh0SjJiT2xFdUZkcFN5bVlMNzJDbzRTVXZ2NzFQSG4vb3NKZG0wTnI2Z0QwYkc1Y3M5VVBFQ3Q1N2hPMWtLMmltOFVpZUQiLCJtYWMiOiJkMmRmZDFhZThlODExNDEyYjYyOGRkMzMwZDNhYmNjMzYyODFmNzA5YTlmNTVjODQxODlmZTc2OGE0NzM3ZDViIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6Ik1pcTc5djJURFBSTlZzSlhwbkVYdGc9PSIsInZhbHVlIjoiZ1FwVGZiODZCUEtxVE9BVnpMVTl1UXg2TFhwK25Qd0M2SWYxR3BlT3NlM2dWaTJocDd4WHRldHFaZlZtVkVUZWErdHBxQXFBbm1ZaWVTUW1QWWttT1cyRmZmU2RtV200a2kvWUE0L3FqTThIanFMd1laSVR2bGNoTzR2Tmx4c2IiLCJtYWMiOiI2ODBkY2ViY2U3Mjk2MjRmOTI3ZjFhNjNhNzI3YjA1ZjJlODQzZmEyMmU1NDU5ZTlhNDI3OTYyNmUzODQzNGZkIiwidGFnIjoiIn0%3D
cookie: ad-source=none

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:26 GMT
content-type: application/javascript
etag: W/"66179185-233e68"
last-modified: Thu, 11 Apr 2024 07:30:13 GMT
cf-cache-status: HIT
age: 4541
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LLaBENevfig4gwi9jXHLBhpOnPt53izxAApZYcOgqX9jrwRlWU4riOAVtuMXsXhEG4CV%2BMJhg4lkCaaWliDTxdRPVmskqUMC8CAdYxUF%2BXFp9FRy31CXvWl38dZUjCQlz0iDMv%2BBPLM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dc8556da363b3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/img/logo.svg

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /img/logo.svg HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/minecraft/get-app
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImRJd1EzYXVKcjdXZ0VZYWNLMytnNUE9PSIsInZhbHVlIjoicUROc0VUZG9QRXZEMDVEMzNOZTJleW1GTksxRDZSekVYakdmZGJSRDlvZWpOVHdJaDZ3UmF5MWlPejh0SjJiT2xFdUZkcFN5bVlMNzJDbzRTVXZ2NzFQSG4vb3NKZG0wTnI2Z0QwYkc1Y3M5VVBFQ3Q1N2hPMWtLMmltOFVpZUQiLCJtYWMiOiJkMmRmZDFhZThlODExNDEyYjYyOGRkMzMwZDNhYmNjMzYyODFmNzA5YTlmNTVjODQxODlmZTc2OGE0NzM3ZDViIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6Ik1pcTc5djJURFBSTlZzSlhwbkVYdGc9PSIsInZhbHVlIjoiZ1FwVGZiODZCUEtxVE9BVnpMVTl1UXg2TFhwK25Qd0M2SWYxR3BlT3NlM2dWaTJocDd4WHRldHFaZlZtVkVUZWErdHBxQXFBbm1ZaWVTUW1QWWttT1cyRmZmU2RtV200a2kvWUE0L3FqTThIanFMd1laSVR2bGNoTzR2Tmx4c2IiLCJtYWMiOiI2ODBkY2ViY2U3Mjk2MjRmOTI3ZjFhNjNhNzI3YjA1ZjJlODQzZmEyMmU1NDU5ZTlhNDI3OTYyNmUzODQzNGZkIiwidGFnIjoiIn0%3D
cookie: ad-source=none

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:26 GMT
content-type: image/png
etag: W/"5d6bfea1318a5640d198141824faaa2b"
image-cache-status: HIT
last-modified: Fri, 29 Sep 2023 15:24:23 GMT
via: 1.1 44dd03c6d93a5b4e66aa5cea227acbb2.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
cf-cache-status: HIT
age: 4541
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qiQRIIw8BUkDKytiARByReL0x92SQtjiAhH7CpE1WCMEtLKxWLWVWOoF4BHBcO%2FZLH31Ne4VSqBBl0MQ0RIJnin3PUX6tu4Ncl5d3v3qBwKAsxLoEme621xEXIvVoy39vfXtXhi1QcM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dc8558de963b3-LHR
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/images/thumb/178x178xc/uploads/images/logos/18237/minecraft-logo.png

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /images/thumb/178x178xc/uploads/images/logos/18237/minecraft-logo.png HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/minecraft/get-app
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImRJd1EzYXVKcjdXZ0VZYWNLMytnNUE9PSIsInZhbHVlIjoicUROc0VUZG9QRXZEMDVEMzNOZTJleW1GTksxRDZSekVYakdmZGJSRDlvZWpOVHdJaDZ3UmF5MWlPejh0SjJiT2xFdUZkcFN5bVlMNzJDbzRTVXZ2NzFQSG4vb3NKZG0wTnI2Z0QwYkc1Y3M5VVBFQ3Q1N2hPMWtLMmltOFVpZUQiLCJtYWMiOiJkMmRmZDFhZThlODExNDEyYjYyOGRkMzMwZDNhYmNjMzYyODFmNzA5YTlmNTVjODQxODlmZTc2OGE0NzM3ZDViIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6Ik1pcTc5djJURFBSTlZzSlhwbkVYdGc9PSIsInZhbHVlIjoiZ1FwVGZiODZCUEtxVE9BVnpMVTl1UXg2TFhwK25Qd0M2SWYxR3BlT3NlM2dWaTJocDd4WHRldHFaZlZtVkVUZWErdHBxQXFBbm1ZaWVTUW1QWWttT1cyRmZmU2RtV200a2kvWUE0L3FqTThIanFMd1laSVR2bGNoTzR2Tmx4c2IiLCJtYWMiOiI2ODBkY2ViY2U3Mjk2MjRmOTI3ZjFhNjNhNzI3YjA1ZjJlODQzZmEyMmU1NDU5ZTlhNDI3OTYyNmUzODQzNGZkIiwidGFnIjoiIn0%3D
cookie: ad-source=none

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:26 GMT
content-type: image/svg+xml
etag: W/"66179185-16f5"
last-modified: Thu, 11 Apr 2024 07:30:13 GMT
cf-cache-status: HIT
age: 4541
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wXgQT3jYGl4zfKkmj38%2F5BIAghfbtTcU9Xwc%2BWTE%2BXZ14q1aJgyDV9GWbbHjZbgZya8FgADRFcZYZUoBEGlsOwRTM1WI63WBx6XbTWpqEmc9aDTGTmz%2F0%2Bd7J2xTx6hKWMHYyWM1Rxs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dc8558deb63b3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/img/logo-footer.svg

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /img/logo-footer.svg HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/minecraft/get-app
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImRJd1EzYXVKcjdXZ0VZYWNLMytnNUE9PSIsInZhbHVlIjoicUROc0VUZG9QRXZEMDVEMzNOZTJleW1GTksxRDZSekVYakdmZGJSRDlvZWpOVHdJaDZ3UmF5MWlPejh0SjJiT2xFdUZkcFN5bVlMNzJDbzRTVXZ2NzFQSG4vb3NKZG0wTnI2Z0QwYkc1Y3M5VVBFQ3Q1N2hPMWtLMmltOFVpZUQiLCJtYWMiOiJkMmRmZDFhZThlODExNDEyYjYyOGRkMzMwZDNhYmNjMzYyODFmNzA5YTlmNTVjODQxODlmZTc2OGE0NzM3ZDViIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6Ik1pcTc5djJURFBSTlZzSlhwbkVYdGc9PSIsInZhbHVlIjoiZ1FwVGZiODZCUEtxVE9BVnpMVTl1UXg2TFhwK25Qd0M2SWYxR3BlT3NlM2dWaTJocDd4WHRldHFaZlZtVkVUZWErdHBxQXFBbm1ZaWVTUW1QWWttT1cyRmZmU2RtV200a2kvWUE0L3FqTThIanFMd1laSVR2bGNoTzR2Tmx4c2IiLCJtYWMiOiI2ODBkY2ViY2U3Mjk2MjRmOTI3ZjFhNjNhNzI3YjA1ZjJlODQzZmEyMmU1NDU5ZTlhNDI3OTYyNmUzODQzNGZkIiwidGFnIjoiIn0%3D
cookie: ad-source=none

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:26 GMT
content-type: image/svg+xml
cache-control: max-age=31536000
etag: W/"9d85cf9d351c7bcf3a77491ba69e5103"
image-cache-status: HIT
last-modified: Tue, 03 Oct 2023 10:18:21 GMT
vary: Accept-Encoding
via: 1.1 e030eb9e2523dd8af200ce39f28ca642.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
cf-cache-status: HIT
age: 1994982
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pj30N4evdkDNSgg7UiebHOrotyEbMvClZjwzW9AdTVKAoGcw6003KiXRHei2v53l6okM3kU7g3HDPP%2B4Mdi0GQr2mOtugSSodsCiI7pkWikIDfmPXlN9TLIFxYaqo84NXDc3TniHGgA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dc8559def63b3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/images/svgdefs.svg

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /images/svgdefs.svg HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: same-origin
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/minecraft/get-app
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImRJd1EzYXVKcjdXZ0VZYWNLMytnNUE9PSIsInZhbHVlIjoicUROc0VUZG9QRXZEMDVEMzNOZTJleW1GTksxRDZSekVYakdmZGJSRDlvZWpOVHdJaDZ3UmF5MWlPejh0SjJiT2xFdUZkcFN5bVlMNzJDbzRTVXZ2NzFQSG4vb3NKZG0wTnI2Z0QwYkc1Y3M5VVBFQ3Q1N2hPMWtLMmltOFVpZUQiLCJtYWMiOiJkMmRmZDFhZThlODExNDEyYjYyOGRkMzMwZDNhYmNjMzYyODFmNzA5YTlmNTVjODQxODlmZTc2OGE0NzM3ZDViIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6Ik1pcTc5djJURFBSTlZzSlhwbkVYdGc9PSIsInZhbHVlIjoiZ1FwVGZiODZCUEtxVE9BVnpMVTl1UXg2TFhwK25Qd0M2SWYxR3BlT3NlM2dWaTJocDd4WHRldHFaZlZtVkVUZWErdHBxQXFBbm1ZaWVTUW1QWWttT1cyRmZmU2RtV200a2kvWUE0L3FqTThIanFMd1laSVR2bGNoTzR2Tmx4c2IiLCJtYWMiOiI2ODBkY2ViY2U3Mjk2MjRmOTI3ZjFhNjNhNzI3YjA1ZjJlODQzZmEyMmU1NDU5ZTlhNDI3OTYyNmUzODQzNGZkIiwidGFnIjoiIn0%3D
cookie: ad-source=none

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:26 GMT
content-type: image/svg+xml
etag: W/"66179185-19ad3"
last-modified: Thu, 11 Apr 2024 07:30:13 GMT
cf-cache-status: HIT
age: 2110
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9zlXlvCvATtJNYD%2BSPNYTovFASap%2FIORwQVQCnuzbM27xYUJVJMa%2B%2Fy%2FFXeeVY5m6HSoWxk6cSsd%2BpNQm0%2BZz%2BSAuWYIzP4rvchbUWhU4ViayVXvnHYebrtroF5ZQNRGXsohL0l1oig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dc8559df363b3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/img/svgdefs.svg

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /img/svgdefs.svg HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: same-origin
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/minecraft/get-app
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImRJd1EzYXVKcjdXZ0VZYWNLMytnNUE9PSIsInZhbHVlIjoicUROc0VUZG9QRXZEMDVEMzNOZTJleW1GTksxRDZSekVYakdmZGJSRDlvZWpOVHdJaDZ3UmF5MWlPejh0SjJiT2xFdUZkcFN5bVlMNzJDbzRTVXZ2NzFQSG4vb3NKZG0wTnI2Z0QwYkc1Y3M5VVBFQ3Q1N2hPMWtLMmltOFVpZUQiLCJtYWMiOiJkMmRmZDFhZThlODExNDEyYjYyOGRkMzMwZDNhYmNjMzYyODFmNzA5YTlmNTVjODQxODlmZTc2OGE0NzM3ZDViIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6Ik1pcTc5djJURFBSTlZzSlhwbkVYdGc9PSIsInZhbHVlIjoiZ1FwVGZiODZCUEtxVE9BVnpMVTl1UXg2TFhwK25Qd0M2SWYxR3BlT3NlM2dWaTJocDd4WHRldHFaZlZtVkVUZWErdHBxQXFBbm1ZaWVTUW1QWWttT1cyRmZmU2RtV200a2kvWUE0L3FqTThIanFMd1laSVR2bGNoTzR2Tmx4c2IiLCJtYWMiOiI2ODBkY2ViY2U3Mjk2MjRmOTI3ZjFhNjNhNzI3YjA1ZjJlODQzZmEyMmU1NDU5ZTlhNDI3OTYyNmUzODQzNGZkIiwidGFnIjoiIn0%3D
cookie: ad-source=none

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:26 GMT
content-type: image/svg+xml
x-amz-id-2: NcJKuhMkked6Ry75ldumg839Uh9NtaVHSPRv7LIvXtLh+EYRbclJWj6cKmYpPpzu9DyEd1Hy9zY=
x-amz-request-id: 8HF40SW3V9GNK9E5
last-modified: Tue, 03 Oct 2023 10:17:22 GMT
etag: W/"d558411e61d5ca4ecd55268f8432766d"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
ingress-cache-status: HIT
cf-cache-status: HIT
age: 9661811
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gr0JFfc3dRfhx907nx9S6BMFpL8JmF3z1Hsj7xe4GyZDl%2FKwW6fA7XE1BcJzwxOJNW1Xt0En4vbxXndsfNd%2B0NkWPqrGMXrcV623lAgnQ61gJNCYQ9mnPAW%2F7hA8T%2FYqgHsJbsV%2FhyI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dc8559dfd63b3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/images/all_stars.svg

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /images/all_stars.svg HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/css/app.css?id=0c7955a86921a1afac34
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImRJd1EzYXVKcjdXZ0VZYWNLMytnNUE9PSIsInZhbHVlIjoicUROc0VUZG9QRXZEMDVEMzNOZTJleW1GTksxRDZSekVYakdmZGJSRDlvZWpOVHdJaDZ3UmF5MWlPejh0SjJiT2xFdUZkcFN5bVlMNzJDbzRTVXZ2NzFQSG4vb3NKZG0wTnI2Z0QwYkc1Y3M5VVBFQ3Q1N2hPMWtLMmltOFVpZUQiLCJtYWMiOiJkMmRmZDFhZThlODExNDEyYjYyOGRkMzMwZDNhYmNjMzYyODFmNzA5YTlmNTVjODQxODlmZTc2OGE0NzM3ZDViIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6Ik1pcTc5djJURFBSTlZzSlhwbkVYdGc9PSIsInZhbHVlIjoiZ1FwVGZiODZCUEtxVE9BVnpMVTl1UXg2TFhwK25Qd0M2SWYxR3BlT3NlM2dWaTJocDd4WHRldHFaZlZtVkVUZWErdHBxQXFBbm1ZaWVTUW1QWWttT1cyRmZmU2RtV200a2kvWUE0L3FqTThIanFMd1laSVR2bGNoTzR2Tmx4c2IiLCJtYWMiOiI2ODBkY2ViY2U3Mjk2MjRmOTI3ZjFhNjNhNzI3YjA1ZjJlODQzZmEyMmU1NDU5ZTlhNDI3OTYyNmUzODQzNGZkIiwidGFnIjoiIn0%3D
cookie: ad-source=none

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:27 GMT
content-type: image/svg+xml
etag: W/"66179185-17ec"
last-modified: Thu, 11 Apr 2024 07:30:13 GMT
cf-cache-status: HIT
age: 4542
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cXqyI%2FM41sCVX6FGGBvOEG7R8Dte8ZSC17f%2BIhH%2FtWfjEMgoJy6sT9%2FtK62c2YP3XB5pAGZimBRPaDnt2%2FkKzrToBNGoNAjbyA2jmamJ74txIQgCIMTgk8W59jhI5X5DYC4nQL9XBA0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dc8558de563b3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/images/thumb/300x500xc/uploads/product/screens/18237/screen-4e926516e2706cd44b481aaf72536bb7c6e9a0a6.png

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /images/thumb/300x500xc/uploads/product/screens/18237/screen-4e926516e2706cd44b481aaf72536bb7c6e9a0a6.png HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/minecraft/get-app
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImRJd1EzYXVKcjdXZ0VZYWNLMytnNUE9PSIsInZhbHVlIjoicUROc0VUZG9QRXZEMDVEMzNOZTJleW1GTksxRDZSekVYakdmZGJSRDlvZWpOVHdJaDZ3UmF5MWlPejh0SjJiT2xFdUZkcFN5bVlMNzJDbzRTVXZ2NzFQSG4vb3NKZG0wTnI2Z0QwYkc1Y3M5VVBFQ3Q1N2hPMWtLMmltOFVpZUQiLCJtYWMiOiJkMmRmZDFhZThlODExNDEyYjYyOGRkMzMwZDNhYmNjMzYyODFmNzA5YTlmNTVjODQxODlmZTc2OGE0NzM3ZDViIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6Ik1pcTc5djJURFBSTlZzSlhwbkVYdGc9PSIsInZhbHVlIjoiZ1FwVGZiODZCUEtxVE9BVnpMVTl1UXg2TFhwK25Qd0M2SWYxR3BlT3NlM2dWaTJocDd4WHRldHFaZlZtVkVUZWErdHBxQXFBbm1ZaWVTUW1QWWttT1cyRmZmU2RtV200a2kvWUE0L3FqTThIanFMd1laSVR2bGNoTzR2Tmx4c2IiLCJtYWMiOiI2ODBkY2ViY2U3Mjk2MjRmOTI3ZjFhNjNhNzI3YjA1ZjJlODQzZmEyMmU1NDU5ZTlhNDI3OTYyNmUzODQzNGZkIiwidGFnIjoiIn0%3D
cookie: ad-source=none

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:27 GMT
content-type: image/png
etag: W/"44bbc98ce91543a29378cee0594ef4d1"
image-cache-status: HIT
last-modified: Fri, 29 Sep 2023 15:25:18 GMT
vary: Accept-Encoding
via: 1.1 90ac509e6263ee9fa7bb3f1ed1f46118.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
cf-cache-status: HIT
age: 4542
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2FPL5j7zTJoqJXcRE%2F6CZCWBKTSn8twjWaKoyiiXSRWwBxv9wU9%2FX7rtedFRqq7b3Qp%2B5zQaXVGdDjc3zkCzQ5Jwu6NMoF3432L99DoPGQstBNSrBtTSKT59hYevL2D%2FG%2B9%2FuHlsULY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dc858aaf063b3-LHR
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/images/thumb/130x130xc/uploads/images/logos/18213/uberconference-conferencing-logo.png

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /images/thumb/130x130xc/uploads/images/logos/18213/uberconference-conferencing-logo.png HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/minecraft/get-app
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImRJd1EzYXVKcjdXZ0VZYWNLMytnNUE9PSIsInZhbHVlIjoicUROc0VUZG9QRXZEMDVEMzNOZTJleW1GTksxRDZSekVYakdmZGJSRDlvZWpOVHdJaDZ3UmF5MWlPejh0SjJiT2xFdUZkcFN5bVlMNzJDbzRTVXZ2NzFQSG4vb3NKZG0wTnI2Z0QwYkc1Y3M5VVBFQ3Q1N2hPMWtLMmltOFVpZUQiLCJtYWMiOiJkMmRmZDFhZThlODExNDEyYjYyOGRkMzMwZDNhYmNjMzYyODFmNzA5YTlmNTVjODQxODlmZTc2OGE0NzM3ZDViIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6Ik1pcTc5djJURFBSTlZzSlhwbkVYdGc9PSIsInZhbHVlIjoiZ1FwVGZiODZCUEtxVE9BVnpMVTl1UXg2TFhwK25Qd0M2SWYxR3BlT3NlM2dWaTJocDd4WHRldHFaZlZtVkVUZWErdHBxQXFBbm1ZaWVTUW1QWWttT1cyRmZmU2RtV200a2kvWUE0L3FqTThIanFMd1laSVR2bGNoTzR2Tmx4c2IiLCJtYWMiOiI2ODBkY2ViY2U3Mjk2MjRmOTI3ZjFhNjNhNzI3YjA1ZjJlODQzZmEyMmU1NDU5ZTlhNDI3OTYyNmUzODQzNGZkIiwidGFnIjoiIn0%3D
cookie: ad-source=none

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:27 GMT
content-type: image/png
etag: W/"4a317e28a9d5f0df5f0c5c12c1d9fe54"
image-cache-status: HIT
last-modified: Fri, 29 Sep 2023 15:24:23 GMT
vary: Accept-Encoding
via: 1.1 b885d7691d1de254a7c8e89572398f9a.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
cf-cache-status: HIT
age: 4067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZFJdGTds7OBQsUHDfS5nZ%2Bsuyf%2FnPjiz8WzDlRy1HcISSyivmDBUkaR89yX2pviAa3GklGzTA23rZyXDjPYR3iyLmhpkFPpV9xpt%2FzCpDOurPtsWRUUfkjW66Qv0hp3hr8Zc2eWGTqc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dc8591b7663b3-LHR
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/images/thumb/130x130xc/uploads/images/logos/18234/hello-neighbor-logo.png

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /images/thumb/130x130xc/uploads/images/logos/18234/hello-neighbor-logo.png HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/minecraft/get-app
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImRJd1EzYXVKcjdXZ0VZYWNLMytnNUE9PSIsInZhbHVlIjoicUROc0VUZG9QRXZEMDVEMzNOZTJleW1GTksxRDZSekVYakdmZGJSRDlvZWpOVHdJaDZ3UmF5MWlPejh0SjJiT2xFdUZkcFN5bVlMNzJDbzRTVXZ2NzFQSG4vb3NKZG0wTnI2Z0QwYkc1Y3M5VVBFQ3Q1N2hPMWtLMmltOFVpZUQiLCJtYWMiOiJkMmRmZDFhZThlODExNDEyYjYyOGRkMzMwZDNhYmNjMzYyODFmNzA5YTlmNTVjODQxODlmZTc2OGE0NzM3ZDViIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6Ik1pcTc5djJURFBSTlZzSlhwbkVYdGc9PSIsInZhbHVlIjoiZ1FwVGZiODZCUEtxVE9BVnpMVTl1UXg2TFhwK25Qd0M2SWYxR3BlT3NlM2dWaTJocDd4WHRldHFaZlZtVkVUZWErdHBxQXFBbm1ZaWVTUW1QWWttT1cyRmZmU2RtV200a2kvWUE0L3FqTThIanFMd1laSVR2bGNoTzR2Tmx4c2IiLCJtYWMiOiI2ODBkY2ViY2U3Mjk2MjRmOTI3ZjFhNjNhNzI3YjA1ZjJlODQzZmEyMmU1NDU5ZTlhNDI3OTYyNmUzODQzNGZkIiwidGFnIjoiIn0%3D
cookie: ad-source=none

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:27 GMT
content-type: image/png
etag: W/"73a6279dac9fd583266b53e1e002284d"
image-cache-status: HIT
last-modified: Fri, 29 Sep 2023 15:24:23 GMT
vary: Accept-Encoding
via: 1.1 7bac70c3c5deda2f56c0a3aff53deab0.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
cf-cache-status: HIT
age: 4067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IMEpiCqDKzRDalFHOYIKKvQsMGJXYcxMfOOTuH2ZhCaOIRlEOcSKm57MUUb9UUlWufYSj3vo6GpsCJzRIbh%2BDsELwSH14ahRLJ2vF1VG87rjz9P%2BD%2BEKTCtQG%2BafV9rQG0ArJLqLtAM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dc8591b7763b3-LHR
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/images/thumb/130x130xc/uploads/images/logos/18247/vlogger-go-viral-tuber-game-logo.png

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /images/thumb/130x130xc/uploads/images/logos/18247/vlogger-go-viral-tuber-game-logo.png HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/minecraft/get-app
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImRJd1EzYXVKcjdXZ0VZYWNLMytnNUE9PSIsInZhbHVlIjoicUROc0VUZG9QRXZEMDVEMzNOZTJleW1GTksxRDZSekVYakdmZGJSRDlvZWpOVHdJaDZ3UmF5MWlPejh0SjJiT2xFdUZkcFN5bVlMNzJDbzRTVXZ2NzFQSG4vb3NKZG0wTnI2Z0QwYkc1Y3M5VVBFQ3Q1N2hPMWtLMmltOFVpZUQiLCJtYWMiOiJkMmRmZDFhZThlODExNDEyYjYyOGRkMzMwZDNhYmNjMzYyODFmNzA5YTlmNTVjODQxODlmZTc2OGE0NzM3ZDViIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6Ik1pcTc5djJURFBSTlZzSlhwbkVYdGc9PSIsInZhbHVlIjoiZ1FwVGZiODZCUEtxVE9BVnpMVTl1UXg2TFhwK25Qd0M2SWYxR3BlT3NlM2dWaTJocDd4WHRldHFaZlZtVkVUZWErdHBxQXFBbm1ZaWVTUW1QWWttT1cyRmZmU2RtV200a2kvWUE0L3FqTThIanFMd1laSVR2bGNoTzR2Tmx4c2IiLCJtYWMiOiI2ODBkY2ViY2U3Mjk2MjRmOTI3ZjFhNjNhNzI3YjA1ZjJlODQzZmEyMmU1NDU5ZTlhNDI3OTYyNmUzODQzNGZkIiwidGFnIjoiIn0%3D
cookie: ad-source=none

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:27 GMT
content-type: image/png
etag: W/"4ec1fd29f45769de12458605dfe548c2"
image-cache-status: HIT
last-modified: Fri, 29 Sep 2023 15:24:24 GMT
vary: Accept-Encoding
via: 1.1 0e0d2c849ef60f83e28215a963048fd2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
cf-cache-status: HIT
age: 4067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Br7sJ8%2FZ9eg35P6skfebwcnTJMi3Z119vH7ZXM7c0y3dbVlDwUZV6fi524mjfzbqWPYBeNW7uihO50JQAJolBpvcHEyPhXHINAu389g5dgtE9Vi39XaYJLm8oXecbBTk2vIlJE6j2pM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dc8591b7963b3-LHR
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/img/all_stars1.svg

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /img/all_stars1.svg HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/minecraft/get-app
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImRJd1EzYXVKcjdXZ0VZYWNLMytnNUE9PSIsInZhbHVlIjoicUROc0VUZG9QRXZEMDVEMzNOZTJleW1GTksxRDZSekVYakdmZGJSRDlvZWpOVHdJaDZ3UmF5MWlPejh0SjJiT2xFdUZkcFN5bVlMNzJDbzRTVXZ2NzFQSG4vb3NKZG0wTnI2Z0QwYkc1Y3M5VVBFQ3Q1N2hPMWtLMmltOFVpZUQiLCJtYWMiOiJkMmRmZDFhZThlODExNDEyYjYyOGRkMzMwZDNhYmNjMzYyODFmNzA5YTlmNTVjODQxODlmZTc2OGE0NzM3ZDViIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6Ik1pcTc5djJURFBSTlZzSlhwbkVYdGc9PSIsInZhbHVlIjoiZ1FwVGZiODZCUEtxVE9BVnpMVTl1UXg2TFhwK25Qd0M2SWYxR3BlT3NlM2dWaTJocDd4WHRldHFaZlZtVkVUZWErdHBxQXFBbm1ZaWVTUW1QWWttT1cyRmZmU2RtV200a2kvWUE0L3FqTThIanFMd1laSVR2bGNoTzR2Tmx4c2IiLCJtYWMiOiI2ODBkY2ViY2U3Mjk2MjRmOTI3ZjFhNjNhNzI3YjA1ZjJlODQzZmEyMmU1NDU5ZTlhNDI3OTYyNmUzODQzNGZkIiwidGFnIjoiIn0%3D
cookie: ad-source=none

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:27 GMT
content-type: image/svg+xml
etag: W/"66179185-3b68"
last-modified: Thu, 11 Apr 2024 07:30:13 GMT
cf-cache-status: HIT
age: 4541
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O1ak%2FFVD%2BUkt1lcm7HSiFRPVwtrZUUKMpZSZ2HZXdRCNl4WBc3tTHLvYEHHHd%2FFlJoOQSmek42aNJfc9G4dSOB%2Ft15zmsrWDpNmq%2BQH%2F5uC5CENghokykcR9fr0pGEgQeBiiJgUlivk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dc8598c0363b3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/img/favicon.svg

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /img/favicon.svg HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/minecraft/get-app
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImRJd1EzYXVKcjdXZ0VZYWNLMytnNUE9PSIsInZhbHVlIjoicUROc0VUZG9QRXZEMDVEMzNOZTJleW1GTksxRDZSekVYakdmZGJSRDlvZWpOVHdJaDZ3UmF5MWlPejh0SjJiT2xFdUZkcFN5bVlMNzJDbzRTVXZ2NzFQSG4vb3NKZG0wTnI2Z0QwYkc1Y3M5VVBFQ3Q1N2hPMWtLMmltOFVpZUQiLCJtYWMiOiJkMmRmZDFhZThlODExNDEyYjYyOGRkMzMwZDNhYmNjMzYyODFmNzA5YTlmNTVjODQxODlmZTc2OGE0NzM3ZDViIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6Ik1pcTc5djJURFBSTlZzSlhwbkVYdGc9PSIsInZhbHVlIjoiZ1FwVGZiODZCUEtxVE9BVnpMVTl1UXg2TFhwK25Qd0M2SWYxR3BlT3NlM2dWaTJocDd4WHRldHFaZlZtVkVUZWErdHBxQXFBbm1ZaWVTUW1QWWttT1cyRmZmU2RtV200a2kvWUE0L3FqTThIanFMd1laSVR2bGNoTzR2Tmx4c2IiLCJtYWMiOiI2ODBkY2ViY2U3Mjk2MjRmOTI3ZjFhNjNhNzI3YjA1ZjJlODQzZmEyMmU1NDU5ZTlhNDI3OTYyNmUzODQzNGZkIiwidGFnIjoiIn0%3D
cookie: ad-source=none
cookie: _clck=1p06hf2%7C2%7Cfl0%7C0%7C1568
cookie: pg_last_pageview_data={"cohortId":"1","cohortUpdatedAt":"2404101342","configId":12865}
cookie: pg_buildfile=240320-66c-nc-2b6ef329eb0c855b312f3d07e2708b01
cookie: pg_unq_cohort_key=1:2404101342
cookie: pg_ai_chaser=chaser_e
cookie: pg_ai_vw=noViewabilityFeature_d
cookie: pg_ai_vgnt=vignette_e
cookie: pg_lazy=0
cookie: pg_analytics=0
cookie: pg_session_depth=1
cookie: _clsk=1s5p5ye%7C1713371247832%7C1%7C1%7Ch.clarity.ms%2Fcollect
cookie: pg_geo={"country":"GB","region":"ENG","ip":"191.101.209.39"}
cookie: pg_custom_timeout=
cookie: pg_ip=191.101.209.39

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:29 GMT
content-type: image/svg+xml
etag: W/"66179185-380"
last-modified: Thu, 11 Apr 2024 07:30:13 GMT
cf-cache-status: HIT
age: 3803
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FAr5Rdb6xa4QZ%2BsoH%2B1Loulpb24Z0OQvPsMuLgxEqsyEGFVB18t7RF4zEvE4KvVRyTsh5NKEqYTEjVNswNUyJtMWLVT3ZewFbnaOS1CXX2iJdSVqS0HciL0VQpqaBKORRqjZ21f9XSw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dc8645cfd63b3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/article/exclusive-content

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /article/exclusive-content HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://mymainstreetgrill.com/minecraft/get-app
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImRJd1EzYXVKcjdXZ0VZYWNLMytnNUE9PSIsInZhbHVlIjoicUROc0VUZG9QRXZEMDVEMzNOZTJleW1GTksxRDZSekVYakdmZGJSRDlvZWpOVHdJaDZ3UmF5MWlPejh0SjJiT2xFdUZkcFN5bVlMNzJDbzRTVXZ2NzFQSG4vb3NKZG0wTnI2Z0QwYkc1Y3M5VVBFQ3Q1N2hPMWtLMmltOFVpZUQiLCJtYWMiOiJkMmRmZDFhZThlODExNDEyYjYyOGRkMzMwZDNhYmNjMzYyODFmNzA5YTlmNTVjODQxODlmZTc2OGE0NzM3ZDViIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6Ik1pcTc5djJURFBSTlZzSlhwbkVYdGc9PSIsInZhbHVlIjoiZ1FwVGZiODZCUEtxVE9BVnpMVTl1UXg2TFhwK25Qd0M2SWYxR3BlT3NlM2dWaTJocDd4WHRldHFaZlZtVkVUZWErdHBxQXFBbm1ZaWVTUW1QWWttT1cyRmZmU2RtV200a2kvWUE0L3FqTThIanFMd1laSVR2bGNoTzR2Tmx4c2IiLCJtYWMiOiI2ODBkY2ViY2U3Mjk2MjRmOTI3ZjFhNjNhNzI3YjA1ZjJlODQzZmEyMmU1NDU5ZTlhNDI3OTYyNmUzODQzNGZkIiwidGFnIjoiIn0%3D
cookie: ad-source=none
cookie: _clck=1p06hf2%7C2%7Cfl0%7C0%7C1568
cookie: pg_last_pageview_data={"cohortId":"1","cohortUpdatedAt":"2404101342","configId":12865}
cookie: pg_buildfile=240320-66c-nc-2b6ef329eb0c855b312f3d07e2708b01
cookie: pg_unq_cohort_key=1:2404101342
cookie: pg_ai_chaser=chaser_e
cookie: pg_ai_vw=noViewabilityFeature_d
cookie: pg_ai_vgnt=vignette_e
cookie: pg_lazy=0
cookie: pg_analytics=0
cookie: pg_session_depth=1
cookie: _clsk=1s5p5ye%7C1713371247832%7C1%7C1%7Ch.clarity.ms%2Fcollect
cookie: pg_geo={"country":"GB","region":"ENG","ip":"191.101.209.39"}
cookie: pg_custom_timeout=
cookie: pg_ip=191.101.209.39
cookie: FCNEC=%5B%5B%22AKsRol9I-sydwUFygmDycNUwUVSc3ARUkY-7aC910QR6WOcSN7lP9abamzqdVISUJ3GtGuBc665rs_RRxpgWGP6PdokiZU7OqbOFKUMYDOJcmQ8LwnnSuPBwv4Lh0tc_yCR5ihZqyG8JmchZ7Kdnbz1Yuv2QD78opw%3D%3D%22%5D%5D

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:40 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InpSQVRJa2xYbFZLMjl0S1MyOUd1UEE9PSIsInZhbHVlIjoiczEvQSs2V0NJZG5tQ0tROGlpdnUxNzZNRzZ5cmNybHNMQzhxV01seEtZbmg0ZUZBWnNnTE9LRmM4MVJsQTFDZnNjSXhzYnBOdWtuaHNFR3pRVUVLa2toeldidWZMUnBIZlNEU0tEM0hJVit5a2ZEWCtnbU5mT1NwK1RiekVLK08iLCJtYWMiOiIzZWY2OTgzYzVmNTZhYWQzZTY2MTBiMTFlZDU3NTUwYWI1N2Q0Y2RjOTBlMDc2ZGI3MWIwMmM3YjQ0OGM0N2RkIiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 18:27:40 GMT; Max-Age=7200; path=/; samesite=lax
set-cookie: mymainstreetgrillcom_session=eyJpdiI6IkxGTkF4dVhGcTA3NWxZaWdGbDJWNUE9PSIsInZhbHVlIjoicGZRM2EyVlVQbmpQQ3FiSXZYeXQxQWZuMThtT01sOEVQMTlKSU91eDlrWGt1em9vUjJWdmtvbmZGVGE2THFYL3dtNnhRYi9OR3B4R25vcnBvTWF2enl6U2ttK0pBZnhpWVlWajdwQnVaUXlwMHdiUGF6QUZnWlpKM0pEemY1SC8iLCJtYWMiOiJkMWM3NDFiYmUwMDZjYjQzNzg4YWQ1YTgxMWI3YjI5NjFmOGVjODY5MWQ3NjA2M2MzN2E4MzlmZDgwOTNkYjI3IiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 18:27:40 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XYK1rWAnybhZK6qGpthpAlY9wzoHF%2B7Gh3E1c6Ppv4LDdmNW%2BjCAnk53QnKuiQPRw0wyP8bnJW7GzL6vo1SaB08TfJnvmyai3%2FCe4RtVZ1ER1tCTrxLljH6BEgZyyR70eQtGSbNaxSk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dc8a56ae863b3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/images/thumb/250x250xc/uploads/blog/190/planet-of-lana-an-introduction-to-its-enthralling-world-and-how-to-get-started.png

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /images/thumb/250x250xc/uploads/blog/190/planet-of-lana-an-introduction-to-its-enthralling-world-and-how-to-get-started.png HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/article/exclusive-content
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: ad-source=none
cookie: _clck=1p06hf2%7C2%7Cfl0%7C0%7C1568
cookie: pg_last_pageview_data={"cohortId":"1","cohortUpdatedAt":"2404101342","configId":12865}
cookie: pg_buildfile=240320-66c-nc-2b6ef329eb0c855b312f3d07e2708b01
cookie: pg_unq_cohort_key=1:2404101342
cookie: pg_ai_chaser=chaser_e
cookie: pg_ai_vw=noViewabilityFeature_d
cookie: pg_ai_vgnt=vignette_e
cookie: pg_lazy=0
cookie: pg_analytics=0
cookie: pg_session_depth=1
cookie: _clsk=1s5p5ye%7C1713371247832%7C1%7C1%7Ch.clarity.ms%2Fcollect
cookie: pg_geo={"country":"GB","region":"ENG","ip":"191.101.209.39"}
cookie: pg_custom_timeout=
cookie: pg_ip=191.101.209.39
cookie: FCNEC=%5B%5B%22AKsRol9I-sydwUFygmDycNUwUVSc3ARUkY-7aC910QR6WOcSN7lP9abamzqdVISUJ3GtGuBc665rs_RRxpgWGP6PdokiZU7OqbOFKUMYDOJcmQ8LwnnSuPBwv4Lh0tc_yCR5ihZqyG8JmchZ7Kdnbz1Yuv2QD78opw%3D%3D%22%5D%5D
cookie: XSRF-TOKEN=eyJpdiI6InpSQVRJa2xYbFZLMjl0S1MyOUd1UEE9PSIsInZhbHVlIjoiczEvQSs2V0NJZG5tQ0tROGlpdnUxNzZNRzZ5cmNybHNMQzhxV01seEtZbmg0ZUZBWnNnTE9LRmM4MVJsQTFDZnNjSXhzYnBOdWtuaHNFR3pRVUVLa2toeldidWZMUnBIZlNEU0tEM0hJVit5a2ZEWCtnbU5mT1NwK1RiekVLK08iLCJtYWMiOiIzZWY2OTgzYzVmNTZhYWQzZTY2MTBiMTFlZDU3NTUwYWI1N2Q0Y2RjOTBlMDc2ZGI3MWIwMmM3YjQ0OGM0N2RkIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6IkxGTkF4dVhGcTA3NWxZaWdGbDJWNUE9PSIsInZhbHVlIjoicGZRM2EyVlVQbmpQQ3FiSXZYeXQxQWZuMThtT01sOEVQMTlKSU91eDlrWGt1em9vUjJWdmtvbmZGVGE2THFYL3dtNnhRYi9OR3B4R25vcnBvTWF2enl6U2ttK0pBZnhpWVlWajdwQnVaUXlwMHdiUGF6QUZnWlpKM0pEemY1SC8iLCJtYWMiOiJkMWM3NDFiYmUwMDZjYjQzNzg4YWQ1YTgxMWI3YjI5NjFmOGVjODY5MWQ3NjA2M2MzN2E4MzlmZDgwOTNkYjI3IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:40 GMT
content-type: image/png
cache-control: max-age=31536000
etag: W/"47e82c3e988b9a06fc600b8c90a23800"
image-cache-status: MISS
last-modified: Sat, 09 Mar 2024 21:21:02 GMT
via: 1.1 42da47d5828a8cbe9a05fbe7917a66c2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
cf-cache-status: HIT
age: 1319
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tC%2Fz7oCobgebSPuyWo%2FEUmq7kGzjNRgM6YOSA3eazqhyCBySWZ64Uk1NUEwd46QqEnXgo9urntEvp2f1i2iRz3E3xZWtG%2ByNepZCwOVkNCBk1Ts3YOaio%2FDxKZtkTsmujf2I1I0Wg0w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dc8a8e84963b3-LHR
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/images/thumb/250x250xc/uploads/blog/192/mastering-the-art-of-magic-and-strategy-in-baldurs-gate-3-a-comprehensive-guide.png

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /images/thumb/250x250xc/uploads/blog/192/mastering-the-art-of-magic-and-strategy-in-baldurs-gate-3-a-comprehensive-guide.png HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/article/exclusive-content
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: ad-source=none
cookie: _clck=1p06hf2%7C2%7Cfl0%7C0%7C1568
cookie: pg_last_pageview_data={"cohortId":"1","cohortUpdatedAt":"2404101342","configId":12865}
cookie: pg_buildfile=240320-66c-nc-2b6ef329eb0c855b312f3d07e2708b01
cookie: pg_unq_cohort_key=1:2404101342
cookie: pg_ai_chaser=chaser_e
cookie: pg_ai_vw=noViewabilityFeature_d
cookie: pg_ai_vgnt=vignette_e
cookie: pg_lazy=0
cookie: pg_analytics=0
cookie: pg_session_depth=1
cookie: _clsk=1s5p5ye%7C1713371247832%7C1%7C1%7Ch.clarity.ms%2Fcollect
cookie: pg_geo={"country":"GB","region":"ENG","ip":"191.101.209.39"}
cookie: pg_custom_timeout=
cookie: pg_ip=191.101.209.39
cookie: FCNEC=%5B%5B%22AKsRol9I-sydwUFygmDycNUwUVSc3ARUkY-7aC910QR6WOcSN7lP9abamzqdVISUJ3GtGuBc665rs_RRxpgWGP6PdokiZU7OqbOFKUMYDOJcmQ8LwnnSuPBwv4Lh0tc_yCR5ihZqyG8JmchZ7Kdnbz1Yuv2QD78opw%3D%3D%22%5D%5D
cookie: XSRF-TOKEN=eyJpdiI6InpSQVRJa2xYbFZLMjl0S1MyOUd1UEE9PSIsInZhbHVlIjoiczEvQSs2V0NJZG5tQ0tROGlpdnUxNzZNRzZ5cmNybHNMQzhxV01seEtZbmg0ZUZBWnNnTE9LRmM4MVJsQTFDZnNjSXhzYnBOdWtuaHNFR3pRVUVLa2toeldidWZMUnBIZlNEU0tEM0hJVit5a2ZEWCtnbU5mT1NwK1RiekVLK08iLCJtYWMiOiIzZWY2OTgzYzVmNTZhYWQzZTY2MTBiMTFlZDU3NTUwYWI1N2Q0Y2RjOTBlMDc2ZGI3MWIwMmM3YjQ0OGM0N2RkIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6IkxGTkF4dVhGcTA3NWxZaWdGbDJWNUE9PSIsInZhbHVlIjoicGZRM2EyVlVQbmpQQ3FiSXZYeXQxQWZuMThtT01sOEVQMTlKSU91eDlrWGt1em9vUjJWdmtvbmZGVGE2THFYL3dtNnhRYi9OR3B4R25vcnBvTWF2enl6U2ttK0pBZnhpWVlWajdwQnVaUXlwMHdiUGF6QUZnWlpKM0pEemY1SC8iLCJtYWMiOiJkMWM3NDFiYmUwMDZjYjQzNzg4YWQ1YTgxMWI3YjI5NjFmOGVjODY5MWQ3NjA2M2MzN2E4MzlmZDgwOTNkYjI3IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:40 GMT
content-type: image/png
cache-control: max-age=31536000
etag: W/"28222616ab8bb28ab1085c092741e00a"
image-cache-status: MISS
last-modified: Sat, 09 Mar 2024 21:24:23 GMT
via: 1.1 397dd692cad53f0026fab5b236c0a518.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
cf-cache-status: HIT
age: 1319
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yJJUjlnMlstMvkHUa2DWFpTH6Ey4dsDj1%2BFWw5PqlBRwmsb4XCwlAn4qga0sQeZ1SPLD7RL42kQ2GAioDeqawU3emDjh4aTDGu3xVwQJ7lGkhyoFcIChnYhlRp3wdHExD7vJCSeIydc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dc8a8f86663b3-LHR
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/images/thumb/129x118xc/uploads/posts/1/ed6f13df8beecc4f769009a4f7580708f5651c59.jpg

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /images/thumb/129x118xc/uploads/posts/1/ed6f13df8beecc4f769009a4f7580708f5651c59.jpg HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/article/exclusive-content
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: ad-source=none
cookie: _clck=1p06hf2%7C2%7Cfl0%7C0%7C1568
cookie: pg_last_pageview_data={"cohortId":"1","cohortUpdatedAt":"2404101342","configId":12865}
cookie: pg_buildfile=240320-66c-nc-2b6ef329eb0c855b312f3d07e2708b01
cookie: pg_unq_cohort_key=1:2404101342
cookie: pg_ai_chaser=chaser_e
cookie: pg_ai_vw=noViewabilityFeature_d
cookie: pg_ai_vgnt=vignette_e
cookie: pg_lazy=0
cookie: pg_analytics=0
cookie: pg_session_depth=1
cookie: _clsk=1s5p5ye%7C1713371247832%7C1%7C1%7Ch.clarity.ms%2Fcollect
cookie: pg_geo={"country":"GB","region":"ENG","ip":"191.101.209.39"}
cookie: pg_custom_timeout=
cookie: pg_ip=191.101.209.39
cookie: FCNEC=%5B%5B%22AKsRol9I-sydwUFygmDycNUwUVSc3ARUkY-7aC910QR6WOcSN7lP9abamzqdVISUJ3GtGuBc665rs_RRxpgWGP6PdokiZU7OqbOFKUMYDOJcmQ8LwnnSuPBwv4Lh0tc_yCR5ihZqyG8JmchZ7Kdnbz1Yuv2QD78opw%3D%3D%22%5D%5D
cookie: XSRF-TOKEN=eyJpdiI6InpSQVRJa2xYbFZLMjl0S1MyOUd1UEE9PSIsInZhbHVlIjoiczEvQSs2V0NJZG5tQ0tROGlpdnUxNzZNRzZ5cmNybHNMQzhxV01seEtZbmg0ZUZBWnNnTE9LRmM4MVJsQTFDZnNjSXhzYnBOdWtuaHNFR3pRVUVLa2toeldidWZMUnBIZlNEU0tEM0hJVit5a2ZEWCtnbU5mT1NwK1RiekVLK08iLCJtYWMiOiIzZWY2OTgzYzVmNTZhYWQzZTY2MTBiMTFlZDU3NTUwYWI1N2Q0Y2RjOTBlMDc2ZGI3MWIwMmM3YjQ0OGM0N2RkIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6IkxGTkF4dVhGcTA3NWxZaWdGbDJWNUE9PSIsInZhbHVlIjoicGZRM2EyVlVQbmpQQ3FiSXZYeXQxQWZuMThtT01sOEVQMTlKSU91eDlrWGt1em9vUjJWdmtvbmZGVGE2THFYL3dtNnhRYi9OR3B4R25vcnBvTWF2enl6U2ttK0pBZnhpWVlWajdwQnVaUXlwMHdiUGF6QUZnWlpKM0pEemY1SC8iLCJtYWMiOiJkMWM3NDFiYmUwMDZjYjQzNzg4YWQ1YTgxMWI3YjI5NjFmOGVjODY5MWQ3NjA2M2MzN2E4MzlmZDgwOTNkYjI3IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:40 GMT
content-type: image/jpeg
etag: W/"57d256457bb7d5f57c3fa1ab57331e10"
image-cache-status: MISS
last-modified: Fri, 29 Sep 2023 15:24:37 GMT
via: 1.1 44dd03c6d93a5b4e66aa5cea227acbb2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZqiErDvXgzxk%2Bx%2FKtkKWrMbxOjrx5%2BVIasj7i0eBUU3GEI%2FGwWPCgMWr3roKVlOZu8fhmJ9uxVkVc08%2Fe1zQ1yqmgKG5QO8e%2BPzWHdxa1BevV8T%2BZniGIxtIEh9L3bFYT3M3LjHCoYs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dc8a9086c63b3-LHR
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/images/thumb/129x118xc/uploads/posts/2/cfeeaa018e0dd4761299056560dfa250fd966921.jpg

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /images/thumb/129x118xc/uploads/posts/2/cfeeaa018e0dd4761299056560dfa250fd966921.jpg HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/article/exclusive-content
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: ad-source=none
cookie: _clck=1p06hf2%7C2%7Cfl0%7C0%7C1568
cookie: pg_last_pageview_data={"cohortId":"1","cohortUpdatedAt":"2404101342","configId":12865}
cookie: pg_buildfile=240320-66c-nc-2b6ef329eb0c855b312f3d07e2708b01
cookie: pg_unq_cohort_key=1:2404101342
cookie: pg_ai_chaser=chaser_e
cookie: pg_ai_vw=noViewabilityFeature_d
cookie: pg_ai_vgnt=vignette_e
cookie: pg_lazy=0
cookie: pg_analytics=0
cookie: pg_session_depth=1
cookie: _clsk=1s5p5ye%7C1713371247832%7C1%7C1%7Ch.clarity.ms%2Fcollect
cookie: pg_geo={"country":"GB","region":"ENG","ip":"191.101.209.39"}
cookie: pg_custom_timeout=
cookie: pg_ip=191.101.209.39
cookie: FCNEC=%5B%5B%22AKsRol9I-sydwUFygmDycNUwUVSc3ARUkY-7aC910QR6WOcSN7lP9abamzqdVISUJ3GtGuBc665rs_RRxpgWGP6PdokiZU7OqbOFKUMYDOJcmQ8LwnnSuPBwv4Lh0tc_yCR5ihZqyG8JmchZ7Kdnbz1Yuv2QD78opw%3D%3D%22%5D%5D
cookie: XSRF-TOKEN=eyJpdiI6InpSQVRJa2xYbFZLMjl0S1MyOUd1UEE9PSIsInZhbHVlIjoiczEvQSs2V0NJZG5tQ0tROGlpdnUxNzZNRzZ5cmNybHNMQzhxV01seEtZbmg0ZUZBWnNnTE9LRmM4MVJsQTFDZnNjSXhzYnBOdWtuaHNFR3pRVUVLa2toeldidWZMUnBIZlNEU0tEM0hJVit5a2ZEWCtnbU5mT1NwK1RiekVLK08iLCJtYWMiOiIzZWY2OTgzYzVmNTZhYWQzZTY2MTBiMTFlZDU3NTUwYWI1N2Q0Y2RjOTBlMDc2ZGI3MWIwMmM3YjQ0OGM0N2RkIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6IkxGTkF4dVhGcTA3NWxZaWdGbDJWNUE9PSIsInZhbHVlIjoicGZRM2EyVlVQbmpQQ3FiSXZYeXQxQWZuMThtT01sOEVQMTlKSU91eDlrWGt1em9vUjJWdmtvbmZGVGE2THFYL3dtNnhRYi9OR3B4R25vcnBvTWF2enl6U2ttK0pBZnhpWVlWajdwQnVaUXlwMHdiUGF6QUZnWlpKM0pEemY1SC8iLCJtYWMiOiJkMWM3NDFiYmUwMDZjYjQzNzg4YWQ1YTgxMWI3YjI5NjFmOGVjODY5MWQ3NjA2M2MzN2E4MzlmZDgwOTNkYjI3IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:40 GMT
content-type: image/jpeg
etag: W/"bbb874b9cfca92ef623169b3c017197b"
image-cache-status: HIT
last-modified: Fri, 29 Sep 2023 15:24:36 GMT
vary: Accept-Encoding
via: 1.1 a97f872e6a14f227f3c3ea78467c0330.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NZIRmcM%2BmUTY%2BoTYwZzZrCS3ajSjibIr7IHIUM3Zq2qxlRWE6exWC2VDhCv5uJq6tSy%2BkJkBVCurH0UYZtgS3Fas49tJ%2FjwJ16wrHNLAXQ%2FYPE5hpk0ImMB0DqqEOu7U2BOmMMnZzqc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dc8a8f86963b3-LHR
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/images/thumb/129x118xc/uploads/posts/3/add2a787def1e6638c68abe59a1ae1eb00b05274.jpg

msedge.exe

Remote address:

104.21.75.86:443

Request

GET /images/thumb/129x118xc/uploads/posts/3/add2a787def1e6638c68abe59a1ae1eb00b05274.jpg HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/article/exclusive-content
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: ad-source=none
cookie: _clck=1p06hf2%7C2%7Cfl0%7C0%7C1568
cookie: pg_last_pageview_data={"cohortId":"1","cohortUpdatedAt":"2404101342","configId":12865}
cookie: pg_buildfile=240320-66c-nc-2b6ef329eb0c855b312f3d07e2708b01
cookie: pg_unq_cohort_key=1:2404101342
cookie: pg_ai_chaser=chaser_e
cookie: pg_ai_vw=noViewabilityFeature_d
cookie: pg_ai_vgnt=vignette_e
cookie: pg_lazy=0
cookie: pg_analytics=0
cookie: pg_session_depth=1
cookie: _clsk=1s5p5ye%7C1713371247832%7C1%7C1%7Ch.clarity.ms%2Fcollect
cookie: pg_geo={"country":"GB","region":"ENG","ip":"191.101.209.39"}
cookie: pg_custom_timeout=
cookie: pg_ip=191.101.209.39
cookie: FCNEC=%5B%5B%22AKsRol9I-sydwUFygmDycNUwUVSc3ARUkY-7aC910QR6WOcSN7lP9abamzqdVISUJ3GtGuBc665rs_RRxpgWGP6PdokiZU7OqbOFKUMYDOJcmQ8LwnnSuPBwv4Lh0tc_yCR5ihZqyG8JmchZ7Kdnbz1Yuv2QD78opw%3D%3D%22%5D%5D
cookie: XSRF-TOKEN=eyJpdiI6InpSQVRJa2xYbFZLMjl0S1MyOUd1UEE9PSIsInZhbHVlIjoiczEvQSs2V0NJZG5tQ0tROGlpdnUxNzZNRzZ5cmNybHNMQzhxV01seEtZbmg0ZUZBWnNnTE9LRmM4MVJsQTFDZnNjSXhzYnBOdWtuaHNFR3pRVUVLa2toeldidWZMUnBIZlNEU0tEM0hJVit5a2ZEWCtnbU5mT1NwK1RiekVLK08iLCJtYWMiOiIzZWY2OTgzYzVmNTZhYWQzZTY2MTBiMTFlZDU3NTUwYWI1N2Q0Y2RjOTBlMDc2ZGI3MWIwMmM3YjQ0OGM0N2RkIiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6IkxGTkF4dVhGcTA3NWxZaWdGbDJWNUE9PSIsInZhbHVlIjoicGZRM2EyVlVQbmpQQ3FiSXZYeXQxQWZuMThtT01sOEVQMTlKSU91eDlrWGt1em9vUjJWdmtvbmZGVGE2THFYL3dtNnhRYi9OR3B4R25vcnBvTWF2enl6U2ttK0pBZnhpWVlWajdwQnVaUXlwMHdiUGF6QUZnWlpKM0pEemY1SC8iLCJtYWMiOiJkMWM3NDFiYmUwMDZjYjQzNzg4YWQ1YTgxMWI3YjI5NjFmOGVjODY5MWQ3NjA2M2MzN2E4MzlmZDgwOTNkYjI3IiwidGFnIjoiIn0%3D

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:40 GMT
content-type: image/jpeg
etag: W/"6d93ec82973b918b7e6912a0169deec2"
image-cache-status: HIT
last-modified: Fri, 29 Sep 2023 15:24:38 GMT
vary: Accept-Encoding
via: 1.1 fc5ebd2517d85e358aa686aaadd64c2a.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FnPtKqK%2FVgYSJfYfGVgUbNO9PwwEyYKlrKH%2BDG3NVoSE57B%2FzRZfmdpzTzLHEh1FS2CSTxUpu6J9VFjL5U2QukL7OedChfPQCySwVTDKaJXEGVBUBRaJHRYdTBkvw1LXfeDNNJquAxs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dc8a9086d63b3-LHR
alt-svc: h3=":443"; ma=86400
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

msedge.exe

Remote address:

104.117.77.184:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Referrer-Policy: same-origin
Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
ETag: "37d-6079b8c0929c0"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Wed, 17 Apr 2024 17:27:25 GMT
Date: Wed, 17 Apr 2024 16:27:25 GMT
Connection: keep-alive
DNS

64.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

64.159.190.20.in-addr.arpa

IN PTR

Response
DNS

use.fontawesome.com

Remote address:

8.8.8.8:53

Request

use.fontawesome.com

IN A

Response

use.fontawesome.com

IN CNAME

use.fontawesome.com.cdn.cloudflare.net

use.fontawesome.com.cdn.cloudflare.net

IN A

104.21.27.152

use.fontawesome.com.cdn.cloudflare.net

IN A

172.67.142.245
DNS

14.25.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.25.17.104.in-addr.arpa

IN PTR

Response
DNS

64.246.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

64.246.107.13.in-addr.arpa

IN PTR

Response
DNS

fundingchoicesmessages.google.com

Remote address:

8.8.8.8:53

Request

fundingchoicesmessages.google.com

IN A

Response

fundingchoicesmessages.google.com

IN CNAME

www3.l.google.com

www3.l.google.com

IN A

142.250.187.238
DNS

permanently-removed.invalid

Remote address:

8.8.8.8:53

Request

permanently-removed.invalid

IN A

Response
DNS

permanently-removed.invalid

Remote address:

8.8.8.8:53

Request

permanently-removed.invalid

IN A
DNS

184.77.117.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

184.77.117.104.in-addr.arpa

IN PTR

Response

184.77.117.104.in-addr.arpa

IN PTR

a104-117-77-184deploystaticakamaitechnologiescom
DNS

fonts.googleapis.com

Remote address:

8.8.8.8:53

Request

fonts.googleapis.com

IN A

Response

fonts.googleapis.com

IN A

142.250.187.234
DNS

10.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.200.250.142.in-addr.arpa

IN PTR

Response

10.200.250.142.in-addr.arpa

IN PTR

lhr48s29-in-f101e100net
DNS

securepubads.g.doubleclick.net

Remote address:

8.8.8.8:53

Request

securepubads.g.doubleclick.net

IN A

Response

securepubads.g.doubleclick.net

IN CNAME

securepubads46.g.doubleclick.net

securepubads46.g.doubleclick.net

IN A

142.250.187.226
DNS

34.31.224.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

34.31.224.52.in-addr.arpa

IN PTR

Response
DNS

2.213.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.213.58.216.in-addr.arpa

IN PTR

Response

2.213.58.216.in-addr.arpa

IN PTR

ber01s14-in-f21e100net

2.213.58.216.in-addr.arpa

IN PTR

lhr25s25-in-f2�F
DNS

www.google.com

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.187.196
DNS

nexusrules.officeapps.live.com

Remote address:

8.8.8.8:53

Request

nexusrules.officeapps.live.com

IN A

Response

nexusrules.officeapps.live.com

IN CNAME

prod.nexusrules.live.com.akadns.net

prod.nexusrules.live.com.akadns.net

IN A

52.111.229.43
DNS

12.75.123.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

12.75.123.3.in-addr.arpa

IN PTR

Response

12.75.123.3.in-addr.arpa

IN PTR

ec2-3-123-75-12eu-central-1compute amazonawscom
DNS

241.197.17.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

241.197.17.2.in-addr.arpa

IN PTR

Response

241.197.17.2.in-addr.arpa

IN PTR

a2-17-197-241deploystaticakamaitechnologiescom
DNS

cdnjs.cloudflare.com

Remote address:

8.8.8.8:53

Request

cdnjs.cloudflare.com

IN A

Response

cdnjs.cloudflare.com

IN A

104.17.25.14

cdnjs.cloudflare.com

IN A

104.17.24.14
DNS

www.clarity.ms

Remote address:

8.8.8.8:53

Request

www.clarity.ms

IN A

Response

www.clarity.ms

IN CNAME

clarity.azurefd.net

clarity.azurefd.net

IN CNAME

azurefd-t-prod.trafficmanager.net

azurefd-t-prod.trafficmanager.net

IN CNAME

shed.dual-low.part-0036.t-0009.t-msedge.net

shed.dual-low.part-0036.t-0009.t-msedge.net

IN CNAME

part-0036.t-0009.t-msedge.net

part-0036.t-0009.t-msedge.net

IN A

13.107.246.64

part-0036.t-0009.t-msedge.net

IN A

13.107.213.64
DNS

h.clarity.ms

Remote address:

8.8.8.8:53

Request

h.clarity.ms

IN A

Response

h.clarity.ms

IN CNAME

vmss-clarity-ingest-eus-c.eastus.cloudapp.azure.com

vmss-clarity-ingest-eus-c.eastus.cloudapp.azure.com

IN A

52.224.31.34
DNS

44.51.138.108.in-addr.arpa

Remote address:

8.8.8.8:53

Request

44.51.138.108.in-addr.arpa

IN PTR

Response

44.51.138.108.in-addr.arpa

IN PTR

server-108-138-51-44waw51r cloudfrontnet
DNS

237.197.79.204.in-addr.arpa

Remote address:

8.8.8.8:53

Request

237.197.79.204.in-addr.arpa

IN PTR

Response
DNS

www.googleapis.com

Remote address:

8.8.8.8:53

Request

www.googleapis.com

IN A

Response

www.googleapis.com

IN A

216.58.212.234

www.googleapis.com

IN A

172.217.169.42

www.googleapis.com

IN A

142.250.179.234

www.googleapis.com

IN A

142.250.180.10

www.googleapis.com

IN A

142.250.187.202

www.googleapis.com

IN A

142.250.187.234

www.googleapis.com

IN A

142.250.178.10

www.googleapis.com

IN A

172.217.16.234

www.googleapis.com

IN A

142.250.200.10

www.googleapis.com

IN A

142.250.200.42

www.googleapis.com

IN A

216.58.201.106

www.googleapis.com

IN A

216.58.204.74

www.googleapis.com

IN A

216.58.213.10

www.googleapis.com

IN A

216.58.212.202
DNS

195.212.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

195.212.58.216.in-addr.arpa

IN PTR

Response

195.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f1951e100net

195.212.58.216.in-addr.arpa

IN PTR

lhr25s27-in-f3�J

195.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f3�J
DNS

a3.pubguru.net

Remote address:

8.8.8.8:53

Request

a3.pubguru.net

IN A

Response

a3.pubguru.net

IN A

3.123.75.12

a3.pubguru.net

IN A

18.158.221.133
DNS

pagead2.googlesyndication.com

Remote address:

8.8.8.8:53

Request

pagead2.googlesyndication.com

IN A

Response

pagead2.googlesyndication.com

IN A

216.58.204.66
GET

https://cdnjs.cloudflare.com/ajax/libs/svgxuse/1.2.6/svgxuse.min.js

msedge.exe

Remote address:

104.17.25.14:443

Request

GET /ajax/libs/svgxuse/1.2.6/svgxuse.min.js HTTP/2.0
host: cdnjs.cloudflare.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 1039
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ff3-b6f"
last-modified: Mon, 04 May 2020 16:16:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2293421
expires: Mon, 07 Apr 2025 16:27:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XuwSPI%2FZzLoxM6lzzaq2omrU4rUkZJYiOLFBdg%2BC2HpbYfYV0pyA8k7pwIdwYpG1qM6ww2AzMEbtJYhknU5HHEilkTOINFiDK4VxRB1cN5Znz8uklNjBlC64bYUCEBJcIj%2FCahR6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875dc854ba8963d2-LHR
alt-svc: h3=":443"; ma=86400
GET

https://use.fontawesome.com/releases/v5.0.8/js/all.js

msedge.exe

Remote address:

104.21.27.152:443

Request

GET /releases/v5.0.8/js/all.js HTTP/2.0
host: use.fontawesome.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:26 GMT
content-type: application/javascript
cache-control: max-age=31556926
etag: W/"668aad8c7d9f38f93221a1dcf9f93805"
last-modified: Fri, 22 Sep 2023 01:44:11 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2282562
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iyAG2wg7BKFhaROqNr%2Fn2fCJ%2BzMkLChkCoLFSDPUU%2BMkzVhvY91%2FaQMe8I58LTwFcY%2BrvgVmWjHjL3YvooR78RRfE80WgjzvfmnjkGV7s9QKfo%2F%2FP1lsrzJFIxNnTilTgKh3zzzh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dc854bf3463d9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
DNS

234.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.187.250.142.in-addr.arpa

IN PTR

Response

234.187.250.142.in-addr.arpa

IN PTR

lhr25s34-in-f101e100net
DNS

fonts.gstatic.com

Remote address:

8.8.8.8:53

Request

fonts.gstatic.com

IN A

Response

fonts.gstatic.com

IN A

216.58.201.99
DNS

99.201.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

99.201.58.216.in-addr.arpa

IN PTR

Response

99.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f31e100net

99.201.58.216.in-addr.arpa

IN PTR

lhr48s48-in-f3�G

99.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f99�G
DNS

c.clarity.ms

Remote address:

8.8.8.8:53

Request

c.clarity.ms

IN A

Response

c.clarity.ms

IN CNAME

c.msn.com

c.msn.com

IN CNAME

c-msn-com-nsatc.trafficmanager.net

c-msn-com-nsatc.trafficmanager.net

IN A

68.219.88.97
DNS

ctldl.windowsupdate.com

Remote address:

8.8.8.8:53

Request

ctldl.windowsupdate.com

IN A

Response

ctldl.windowsupdate.com

IN CNAME

wu-bg-shim.trafficmanager.net

wu-bg-shim.trafficmanager.net

IN CNAME

edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com

edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

217.20.56.98

edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

217.20.56.45

edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

217.20.58.99

edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

217.20.58.100

edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

217.20.56.44

edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

217.20.58.101

edge.ds-c7110-microsoft.global.dns.qwilted-cds.cqloud.com

IN A

217.20.58.98
DNS

3.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.200.250.142.in-addr.arpa

IN PTR

Response

3.200.250.142.in-addr.arpa

IN PTR

lhr48s29-in-f31e100net
DNS

c.pubguru.net

Remote address:

8.8.8.8:53

Request

c.pubguru.net

IN A

Response

c.pubguru.net

IN CNAME

d3f4u3khr0ycep.cloudfront.net

d3f4u3khr0ycep.cloudfront.net

IN A

108.138.51.24

d3f4u3khr0ycep.cloudfront.net

IN A

108.138.51.44

d3f4u3khr0ycep.cloudfront.net

IN A

108.138.51.63

d3f4u3khr0ycep.cloudfront.net

IN A

108.138.51.37
DNS

c.clarity.ms

Remote address:

8.8.8.8:53

Request

c.clarity.ms

IN A

Response

c.clarity.ms

IN CNAME

c.msn.com

c.msn.com

IN CNAME

c-msn-com-nsatc.trafficmanager.net

c-msn-com-nsatc.trafficmanager.net

IN A

68.219.88.97
GET

https://c.pubguru.net/pg.mymainstreetgrill.com.js

msedge.exe

Remote address:

108.138.51.44:443

Request

GET /pg.mymainstreetgrill.com.js HTTP/2.0
host: c.pubguru.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Mon, 15 Apr 2024 22:00:50 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: x5u9w82l7cG14GvlW.xUhg98QgZVfXte
server: AmazonS3
content-encoding: gzip
date: Wed, 17 Apr 2024 16:22:51 GMT
cache-control: max-age=14400
etag: W/"065588b86c350cc8ace0b16de0dbb98b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 af33571d3ee7c23c41d6a38cd7ec2348.cloudfront.net (CloudFront)
x-amz-cf-pop: WAW51-P2
x-amz-cf-id: vJBvtXq86wzc3SGCZbRdRzvIyaNVqGP7hHvgMqP1upqYDMy1TlWHMw==
age: 277
GET

https://c.pubguru.net/v/pg-240320-66c-nc-2b6ef329eb0c855b312f3d07e2708b01.js

msedge.exe

Remote address:

108.138.51.44:443

Request

GET /v/pg-240320-66c-nc-2b6ef329eb0c855b312f3d07e2708b01.js HTTP/2.0
host: c.pubguru.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Wed, 20 Mar 2024 12:27:38 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: pDkbT20r0Zv0e3Gg39qtTHLvCmb4IDFh
server: AmazonS3
content-encoding: br
date: Wed, 17 Apr 2024 13:09:19 GMT
cache-control: max-age=14400
etag: W/"6483b125fd9b9a0dc49df4f84ee094cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 af33571d3ee7c23c41d6a38cd7ec2348.cloudfront.net (CloudFront)
x-amz-cf-pop: WAW51-P2
x-amz-cf-id: rny2GhUqCmQQc1BMpF4fYA1Ion0TsXQQHlp0hMRc2G8ZybPgxNsTKA==
age: 11889
timing-allow-origin: *
vary: Origin
GET

https://www.clarity.ms/tag/jcyd0tvgqr

msedge.exe

Remote address:

13.107.246.64:443

Request

GET /tag/jcyd0tvgqr HTTP/2.0
host: www.clarity.ms
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:27 GMT
content-type: application/x-javascript
content-length: 667
cache-control: no-cache, no-store
expires: -1
set-cookie: CLID=cd66e0b9be1244c0afe462cbd43d5cdc.20240417.20250417; expires=Thu, 17 Apr 2025 16:27:27 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
x-azure-ref: 20240417T162727Z-16dd97d5d9bcczdcfv1n6k6pnc000000017g00000000ntru
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
GET

https://www.clarity.ms/s/0.7.31/clarity.js

msedge.exe

Remote address:

13.107.246.64:443

Request

GET /s/0.7.31/clarity.js HTTP/2.0
host: www.clarity.ms
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: CLID=cd66e0b9be1244c0afe462cbd43d5cdc.20240417.20250417

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:27 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 16 Apr 2024 12:25:01 GMT
etag: W/"0x8DC5E103CD38F71"
x-ms-request-id: b7648fa3-101e-0065-6701-90809f000000
x-ms-version: 2018-03-28
access-control-allow-origin: *
x-azure-ref: 20240417T162727Z-16dd97d5d9bcczdcfv1n6k6pnc000000017g00000000ntsh
cache-control: public, max-age=86400
x-fd-int-roxy-purgeid: 51562430
x-cache: TCP_HIT
content-encoding: br
GET

https://www.clarity.ms/tag/jcyd0tvgqr

msedge.exe

Remote address:

13.107.246.64:443

Request

GET /tag/jcyd0tvgqr HTTP/2.0
host: www.clarity.ms
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: CLID=cd66e0b9be1244c0afe462cbd43d5cdc.20240417.20250417
cookie: MUID=17730424587C615234B8104059C7600E

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:27:40 GMT
content-type: application/x-javascript
content-length: 530
cache-control: no-cache, no-store
expires: -1
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
x-azure-ref: 20240417T162740Z-16dd97d5d9bcczdcfv1n6k6pnc000000017g00000000nvsz
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
GET

https://securepubads.g.doubleclick.net/tag/js/gpt.js

msedge.exe

Remote address:

142.250.187.226:443

Request

GET /tag/js/gpt.js HTTP/2.0
host: securepubads.g.doubleclick.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js

msedge.exe

Remote address:

142.250.187.226:443

Request

GET /pagead/managed/js/gpt/m202404110101/pubads_impl.js HTTP/2.0
host: securepubads.g.doubleclick.net
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

133.221.158.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.221.158.18.in-addr.arpa

IN PTR

Response

133.221.158.18.in-addr.arpa

IN PTR

ec2-18-158-221-133eu-central-1compute amazonawscom
DNS

97.88.219.68.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.88.219.68.in-addr.arpa

IN PTR

Response
DNS

234.212.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.212.58.216.in-addr.arpa

IN PTR

Response

234.212.58.216.in-addr.arpa

IN PTR

lhr25s28-in-f101e100net

234.212.58.216.in-addr.arpa

IN PTR

ams16s22-in-f234�I

234.212.58.216.in-addr.arpa

IN PTR

ams16s22-in-f10�I
DNS

43.229.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

43.229.111.52.in-addr.arpa

IN PTR

Response
DNS

h.clarity.ms

Remote address:

8.8.8.8:53

Request

h.clarity.ms

IN A

Response

h.clarity.ms

IN CNAME

vmss-clarity-ingest-eus-c.eastus.cloudapp.azure.com

vmss-clarity-ingest-eus-c.eastus.cloudapp.azure.com

IN A

52.224.31.34
GET

https://fundingchoicesmessages.google.com/i/22358798757?ers=3

msedge.exe

Remote address:

142.250.187.238:443

Request

GET /i/22358798757?ers=3 HTTP/2.0
host: fundingchoicesmessages.google.com
sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="90", "Microsoft Edge";v="90"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36 Edg/90.0.818.66
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://mymainstreetgrill.com/minecraft/get-app

chrome.exe

Remote address:

104.21.75.86:443

Request

GET /minecraft/get-app HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:29:40 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6ImxtUmNjQzdaK3c1T3JKL0FHaTZyZ3c9PSIsInZhbHVlIjoiZXlBZ2ZKOVRaZlM4WmZYcGNyUEE3dmZnKzR0RDkyME5QS3NnWDNKQ2dKL3Y3YmhlekZDeDYwRmhZL1BJRFJRa0lDNFF0OXZ1dGEwaXJnZjNraWJCM2VmWk1JTGhYOFhhRjRaQndadmtrRkhBM3FHWmlUeEVOUmFkdEM5OVQvMWciLCJtYWMiOiIxNzk3NDQ0MDBjNTRkNjZmYmMzZGM0YTMxYThlOWRhZTJmYmIyN2FmYjhlNjc5MzI2ZmQwMjJiZTQ0MTJkMzc0IiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 18:29:40 GMT; Max-Age=7200; path=/; samesite=lax
set-cookie: mymainstreetgrillcom_session=eyJpdiI6ImtnSDZwdERTUjFyY3kvR1Bsd0ZUanc9PSIsInZhbHVlIjoibFlSQzVQd1VCelVWNWt5a01KRk5VVzRtMkUwSXNZR2ZZQ0dnMGZQNjZYRW51eE1CT1lBWWh4QnEyT3RNY0tXekgvNFRWY2x6S2JEd0h5VHpHdnNwK3oxcU1QQ2ZkZVZwRUdkNmJZYjhoWVhrYUNFTFc0OUp6UFRjQlRxMTF3QWsiLCJtYWMiOiJjZjM1YWFkY2Q2NDljNGVjNDAyOTU3M2Y2Y2U1OGFlYWZlZmMwYzE3ZWUwMTIxN2FmNzE3ZWMyY2JmMjNlYmExIiwidGFnIjoiIn0%3D; expires=Wed, 17-Apr-2024 18:29:40 GMT; Max-Age=7200; path=/; httponly; samesite=lax
set-cookie: ad-source=none; expires=Sun, 21-Apr-2024 16:29:40 GMT; Max-Age=345600; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8r3z6aDtg1J2aJEQVuPEouoXcwx3nYsJJH3pJv6cqXXZZC3p6ymgRTfzyAX42RCiPlELtTI9kF2dgvc6vRPoNHSQ2njHbLsM9JEypDahq%2Fckr%2BQeJRMsFKkTfTeI7xoH4ABdzj5Hs5M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dcb95ef1a63f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://mymainstreetgrill.com/css/app.css?id=0c7955a86921a1afac34

chrome.exe

Remote address:

104.21.75.86:443

Request

GET /css/app.css?id=0c7955a86921a1afac34 HTTP/2.0
host: mymainstreetgrill.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://mymainstreetgrill.com/minecraft/get-app
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImxtUmNjQzdaK3c1T3JKL0FHaTZyZ3c9PSIsInZhbHVlIjoiZXlBZ2ZKOVRaZlM4WmZYcGNyUEE3dmZnKzR0RDkyME5QS3NnWDNKQ2dKL3Y3YmhlekZDeDYwRmhZL1BJRFJRa0lDNFF0OXZ1dGEwaXJnZjNraWJCM2VmWk1JTGhYOFhhRjRaQndadmtrRkhBM3FHWmlUeEVOUmFkdEM5OVQvMWciLCJtYWMiOiIxNzk3NDQ0MDBjNTRkNjZmYmMzZGM0YTMxYThlOWRhZTJmYmIyN2FmYjhlNjc5MzI2ZmQwMjJiZTQ0MTJkMzc0IiwidGFnIjoiIn0%3D
cookie: mymainstreetgrillcom_session=eyJpdiI6ImtnSDZwdERTUjFyY3kvR1Bsd0ZUanc9PSIsInZhbHVlIjoibFlSQzVQd1VCelVWNWt5a01KRk5VVzRtMkUwSXNZR2ZZQ0dnMGZQNjZYRW51eE1CT1lBWWh4QnEyT3RNY0tXekgvNFRWY2x6S2JEd0h5VHpHdnNwK3oxcU1QQ2ZkZVZwRUdkNmJZYjhoWVhrYUNFTFc0OUp6UFRjQlRxMTF3QWsiLCJtYWMiOiJjZjM1YWFkY2Q2NDljNGVjNDAyOTU3M2Y2Y2U1OGFlYWZlZmMwYzE3ZWUwMTIxN2FmNzE3ZWMyY2JmMjNlYmExIiwidGFnIjoiIn0%3D
cookie: ad-source=none

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:29:40 GMT
content-type: text/css
etag: W/"66179185-63b3a"
last-modified: Thu, 11 Apr 2024 07:30:13 GMT
cf-cache-status: HIT
age: 4675
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OMZXo44Iy%2Fl7E%2BYSkaMtwsp%2BUy6wFf0cht92GquFvfJsHL77KfqJliN5OPAme8BpLfZh7pPoHJ6%2F8jVOD4wIagbGN943pRJ9GKD5Vd0FNkjqVLwo7%2F4Y1rmDXfW1%2BS%2BmLV6WcCA2RNs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dcb9a1cd563f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://use.fontawesome.com/releases/v5.0.8/js/all.js

chrome.exe

Remote address:

104.21.27.152:443

Request

GET /releases/v5.0.8/js/all.js HTTP/2.0
host: use.fontawesome.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:29:40 GMT
content-type: application/javascript
cache-control: max-age=31556926
etag: W/"668aad8c7d9f38f93221a1dcf9f93805"
last-modified: Fri, 22 Sep 2023 01:44:11 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2232566
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j7nMnU8mnSdPSbJQqqvtCwtRTUh%2F1gepd55zOvs3BF2CSKN5R2%2F%2FPjXrbtlNHFtPiLGuX%2BJB181eg%2BqIrT7IH%2F8nzML2T1cjrC0aYTgjUkmE3bx5efz1LueQSHOU16Y48L2Kzq0w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dcb9a9ab37193-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://cdnjs.cloudflare.com/ajax/libs/svgxuse/1.2.6/svgxuse.min.js

chrome.exe

Remote address:

104.17.25.14:443

Request

GET /ajax/libs/svgxuse/1.2.6/svgxuse.min.js HTTP/2.0
host: cdnjs.cloudflare.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:29:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 1039
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ff3-b6f"
last-modified: Mon, 04 May 2020 16:16:51 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2293555
expires: Mon, 07 Apr 2025 16:29:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aWFNFzLqmv9MR0yCEoHcl%2FpB%2B8TT6geEcvL0orcreS1J04b6BhnN6SutXLZbaLZgR6JHpw25xYX3mIUfSvUvCyUwemGnj8k1YsHz9QwpI7ACzmDiCMwaK0BTJxpil96nwHSqbBft"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875dcb9a9bf594ff-LHR
alt-svc: h3=":443"; ma=86400
GET

https://c.pubguru.net/pg.mymainstreetgrill.com.js

chrome.exe

Remote address:

108.138.51.24:443

Request

GET /pg.mymainstreetgrill.com.js HTTP/2.0
host: c.pubguru.net
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Mon, 15 Apr 2024 22:00:50 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: x5u9w82l7cG14GvlW.xUhg98QgZVfXte
server: AmazonS3
content-encoding: gzip
date: Wed, 17 Apr 2024 16:22:51 GMT
cache-control: max-age=14400
etag: W/"065588b86c350cc8ace0b16de0dbb98b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 67b26e58a581719aff39a51e79faf096.cloudfront.net (CloudFront)
x-amz-cf-pop: WAW51-P2
x-amz-cf-id: fqySoAnFBwRUO3XsPhpA3DMrSFVklLcq9C7Ut0Fp3fVcamrC6PBMEQ==
age: 411
GET

https://c.pubguru.net/v/pg-240320-66c-nc-2b6ef329eb0c855b312f3d07e2708b01.js

chrome.exe

Remote address:

108.138.51.24:443

Request

GET /v/pg-240320-66c-nc-2b6ef329eb0c855b312f3d07e2708b01.js HTTP/2.0
host: c.pubguru.net
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Wed, 20 Mar 2024 12:27:38 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: pDkbT20r0Zv0e3Gg39qtTHLvCmb4IDFh
server: AmazonS3
content-encoding: br
date: Wed, 17 Apr 2024 13:09:19 GMT
cache-control: max-age=14400
etag: W/"6483b125fd9b9a0dc49df4f84ee094cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 67b26e58a581719aff39a51e79faf096.cloudfront.net (CloudFront)
x-amz-cf-pop: WAW51-P2
x-amz-cf-id: xdNHc5d9OyHejywuE-QkSiu1iVLnTbO6vqQkMI01BdbzPA7mBHLgJQ==
age: 12023
timing-allow-origin: *
vary: Origin
GET

https://www.clarity.ms/tag/jcyd0tvgqr

chrome.exe

Remote address:

13.107.246.64:443

Request

GET /tag/jcyd0tvgqr HTTP/2.0
host: www.clarity.ms
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:29:41 GMT
content-type: application/x-javascript
content-length: 667
cache-control: no-cache, no-store
expires: -1
set-cookie: CLID=5eac7dc878a94983800e5c4ca56a8493.20240417.20250417; expires=Thu, 17 Apr 2025 16:29:41 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
x-azure-ref: 20240417T162941Z-16dd97d5d9bktk9lfbw76rp9hn00000000bg00000001w4q6
x-cache: CONFIG_NOCACHE
accept-ranges: bytes
GET

https://www.clarity.ms/s/0.7.31/clarity.js

chrome.exe

Remote address:

13.107.246.64:443

Request

GET /s/0.7.31/clarity.js HTTP/2.0
host: www.clarity.ms
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: CLID=5eac7dc878a94983800e5c4ca56a8493.20240417.20250417

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:29:41 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 16 Apr 2024 12:25:01 GMT
etag: W/"0x8DC5E103CD38F71"
x-ms-request-id: b7648fa3-101e-0065-6701-90809f000000
x-ms-version: 2018-03-28
access-control-allow-origin: *
x-azure-ref: 20240417T162941Z-16dd97d5d9bktk9lfbw76rp9hn00000000bg00000001w4ra
cache-control: public, max-age=86400
x-fd-int-roxy-purgeid: 51562430
x-cache: TCP_HIT
content-encoding: br
GET

https://securepubads.g.doubleclick.net/tag/js/gpt.js

chrome.exe

Remote address:

142.250.187.226:443

Request

GET /tag/js/gpt.js HTTP/2.0
host: securepubads.g.doubleclick.net
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CM2EywE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js

chrome.exe

Remote address:

142.250.187.226:443

Request

GET /pagead/managed/js/gpt/m202404110101/pubads_impl.js HTTP/2.0
host: securepubads.g.doubleclick.net
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CM2EywE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://a3.pubguru.net/?device=desktop&domain=mymainstreetgrill.com

chrome.exe

Remote address:

3.123.75.12:443

Request

GET /?device=desktop&domain=mymainstreetgrill.com HTTP/2.0
host: a3.pubguru.net
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://mymainstreetgrill.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:29:41 GMT
content-type: application/json
content-length: 141
server: nginx
x-frame-options: DENY
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://mymainstreetgrill.com
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
x-duration: 0
set-cookie: pg_c=4b83894d-6d4e-4dc6-98e2-112410dde5af; Domain=.pubguru.net; expires=Thu, 17 Apr 2025 16:29:41 GMT; Max-Age=31536000; Path=/; SameSite=None; Secure
access-control-expose-headers: X-M2, X-Duration
x-m2: 1
POST

https://a3.pubguru.net/stream?beacon=immediate

chrome.exe

Remote address:

3.123.75.12:443

Request

POST /stream?beacon=immediate HTTP/2.0
host: a3.pubguru.net
content-length: 2897
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://mymainstreetgrill.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: pg_c=4b83894d-6d4e-4dc6-98e2-112410dde5af

Response

HTTP/2.0 200

date: Wed, 17 Apr 2024 16:29:41 GMT
content-type: text/plain
content-length: 2
server: nginx
x-frame-options: DENY
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://mymainstreetgrill.com
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
x-duration: 4
access-control-expose-headers: X-M2, X-Duration
x-m2: 1
GET

https://fundingchoicesmessages.google.com/i/22358798757?ers=3

chrome.exe

Remote address:

142.250.187.238:443

Request

GET /i/22358798757?ers=3 HTTP/2.0
host: fundingchoicesmessages.google.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CM2EywE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://fundingchoicesmessages.google.com/f/AGSKWxUwbTAD6uLRoeBq6elYdmduh53c_wl2s-SfvxYgQBOfL3oHmLHzoKIVjE0aGnC_rQzdwpOgpDFZrWfYxPSRUVONimIGj9KMQ0yNAONaLXT4-J4y6EWYDH6iYEt8vTrteEZhR5I=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzMzcxMzgyLDUxMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL215bWFpbnN0cmVldGdyaWxsLmNvbS9taW5lY3JhZnQvZ2V0LWFwcCIsbnVsbCxbWzgsImVjSkhveEpfWDh3Il0sWzksImVuLVVTIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ

chrome.exe

Remote address:

142.250.187.238:443

Request

GET /f/AGSKWxUwbTAD6uLRoeBq6elYdmduh53c_wl2s-SfvxYgQBOfL3oHmLHzoKIVjE0aGnC_rQzdwpOgpDFZrWfYxPSRUVONimIGj9KMQ0yNAONaLXT4-J4y6EWYDH6iYEt8vTrteEZhR5I=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzMzcxMzgyLDUxMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL215bWFpbnN0cmVldGdyaWxsLmNvbS9taW5lY3JhZnQvZ2V0LWFwcCIsbnVsbCxbWzgsImVjSkhveEpfWDh3Il0sWzksImVuLVVTIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ HTTP/2.0
host: fundingchoicesmessages.google.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CM2EywE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://fundingchoicesmessages.google.com/f/AGSKWxWvGFtUaqGiB0IA4LI24NA2WQxwKeFzoZu2h84FnwpwVbIN32hZ24nWfv_63BBZh2V2icaQt3Bsj-fH9tBjcbfi3rYjQUfpKGXHl_tsoTiz5ZMQlA7UCd_lAGHRQLc0IFjpwvI=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzMzcxMzgyLDEyMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly9teW1haW5zdHJlZXRncmlsbC5jb20vbWluZWNyYWZ0L2dldC1hcHAiLG51bGwsW1s4LCJlY0pIb3hKX1g4dyJdLFs5LCJlbi1VUyJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0

chrome.exe

Remote address:

142.250.187.238:443

Request

GET /f/AGSKWxWvGFtUaqGiB0IA4LI24NA2WQxwKeFzoZu2h84FnwpwVbIN32hZ24nWfv_63BBZh2V2icaQt3Bsj-fH9tBjcbfi3rYjQUfpKGXHl_tsoTiz5ZMQlA7UCd_lAGHRQLc0IFjpwvI=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzMzcxMzgyLDEyMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly9teW1haW5zdHJlZXRncmlsbC5jb20vbWluZWNyYWZ0L2dldC1hcHAiLG51bGwsW1s4LCJlY0pIb3hKX1g4dyJdLFs5LCJlbi1VUyJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0 HTTP/2.0
host: fundingchoicesmessages.google.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CM2EywE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://h.clarity.ms/collect

chrome.exe

Remote address:

52.224.31.34:443

Request

POST /collect HTTP/1.1
Host: h.clarity.ms
Connection: keep-alive
Content-Length: 14305
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
Accept: application/x-clarity-gzip
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Origin: https://mymainstreetgrill.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://mymainstreetgrill.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 204 No Content

Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 17 Apr 2024 16:29:43 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://mymainstreetgrill.com
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
POST

https://h.clarity.ms/collect

chrome.exe

Remote address:

52.224.31.34:443

Request

POST /collect HTTP/1.1
Host: h.clarity.ms
Connection: keep-alive
Content-Length: 755
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
Accept: application/x-clarity-gzip
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Origin: https://mymainstreetgrill.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://mymainstreetgrill.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2B8A161B31B060542345027F305061F8

Response

HTTP/1.1 204 No Content

Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 17 Apr 2024 16:29:43 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://mymainstreetgrill.com
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
POST

https://h.clarity.ms/collect

chrome.exe

Remote address:

52.224.31.34:443

Request

POST /collect HTTP/1.1
Host: h.clarity.ms
Connection: keep-alive
Content-Length: 339
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
Accept: application/x-clarity-gzip
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Origin: https://mymainstreetgrill.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://mymainstreetgrill.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: MUID=2B8A161B31B060542345027F305061F8

Response

HTTP/1.1 204 No Content

Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 17 Apr 2024 16:29:46 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://mymainstreetgrill.com
Vary: Origin
Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
GET

https://c.clarity.ms/c.gif

chrome.exe

Remote address:

68.219.88.97:443

Request

GET /c.gif HTTP/2.0
host: c.clarity.ms
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=563DC0888F3D454990A16A2BB3B05FF5&RedC=c.clarity.ms&MXFR=0698836DF4FD61E623ED9709F0FD6F0C
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
set-cookie: MUID=0698836DF4FD61E623ED9709F0FD6F0C; domain=.clarity.ms; expires=Mon, 12-May-2025 16:29:43 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Wed, 17 Apr 2024 16:29:42 GMT
content-length: 0
GET

https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=563DC0888F3D454990A16A2BB3B05FF5&MUID=2B8A161B31B060542345027F305061F8

chrome.exe

Remote address:

68.219.88.97:443

Request

GET /c.gif?ctsa=mr&CtsSyncId=563DC0888F3D454990A16A2BB3B05FF5&MUID=2B8A161B31B060542345027F305061F8 HTTP/2.0
host: c.clarity.ms
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: SM=T
cookie: MUID=0698836DF4FD61E623ED9709F0FD6F0C

Response

HTTP/2.0 200

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
accept-ranges: bytes
etag: "3e26b762b6cda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=C; domain=c.clarity.ms; path=/; SameSite=None; Secure;
set-cookie: MUID=2B8A161B31B060542345027F305061F8; domain=.clarity.ms; expires=Mon, 12-May-2025 16:29:43 GMT; path=/; SameSite=None; Secure; Priority=High;
set-cookie: MR=0; domain=c.clarity.ms; expires=Wed, 24-Apr-2024 16:29:43 GMT; path=/; SameSite=None; Secure;
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 17-Apr-2024 16:39:43 GMT; path=/; SameSite=None; Secure;
date: Wed, 17 Apr 2024 16:29:43 GMT
content-length: 42
GET

https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=563DC0888F3D454990A16A2BB3B05FF5&RedC=c.clarity.ms&MXFR=0698836DF4FD61E623ED9709F0FD6F0C

chrome.exe

Remote address:

204.79.197.237:443

Request

GET /c.gif?ctsa=mr&CtsSyncId=563DC0888F3D454990A16A2BB3B05FF5&RedC=c.clarity.ms&MXFR=0698836DF4FD61E623ED9709F0FD6F0C HTTP/2.0
host: c.bing.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://mymainstreetgrill.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=563DC0888F3D454990A16A2BB3B05FF5&MUID=2B8A161B31B060542345027F305061F8
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: MUID=2B8A161B31B060542345027F305061F8; domain=.bing.com; expires=Mon, 12-May-2025 16:29:43 GMT; path=/; SameSite=None; Secure; Priority=High;
set-cookie: MR=0; domain=c.bing.com; expires=Wed, 24-Apr-2024 16:29:43 GMT; path=/; SameSite=None; Secure;
set-cookie: SRM_B=2B8A161B31B060542345027F305061F8; domain=c.bing.com; expires=Mon, 12-May-2025 16:29:43 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0990ED3AC17C4F18AE6A2733F8065C03 Ref B: LON04EDGE1122 Ref C: 2024-04-17T16:29:43Z
date: Wed, 17 Apr 2024 16:29:43 GMT
content-length: 0

104.21.75.86:443

https://mymainstreetgrill.com/images/thumb/129x118xc/uploads/posts/3/add2a787def1e6638c68abe59a1ae1eb00b05274.jpg

tls, http2

msedge.exe

37.4kB
1.2MB
694
927

HTTP Request

GET https://mymainstreetgrill.com/minecraft/get-app

HTTP Response

200

HTTP Request

GET https://mymainstreetgrill.com/css/app.css?id=0c7955a86921a1afac34

HTTP Response

200

HTTP Request

GET https://mymainstreetgrill.com/js/app.js?v=1712820641

HTTP Request

GET https://mymainstreetgrill.com/img/logo.svg

HTTP Request

GET https://mymainstreetgrill.com/images/thumb/178x178xc/uploads/images/logos/18237/minecraft-logo.png

HTTP Request

GET https://mymainstreetgrill.com/img/logo-footer.svg

HTTP Request

GET https://mymainstreetgrill.com/images/svgdefs.svg

HTTP Request

GET https://mymainstreetgrill.com/img/svgdefs.svg

HTTP Request

GET https://mymainstreetgrill.com/images/all_stars.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://mymainstreetgrill.com/images/thumb/300x500xc/uploads/product/screens/18237/screen-4e926516e2706cd44b481aaf72536bb7c6e9a0a6.png

HTTP Request

GET https://mymainstreetgrill.com/images/thumb/130x130xc/uploads/images/logos/18213/uberconference-conferencing-logo.png

HTTP Request

GET https://mymainstreetgrill.com/images/thumb/130x130xc/uploads/images/logos/18234/hello-neighbor-logo.png

HTTP Request

GET https://mymainstreetgrill.com/images/thumb/130x130xc/uploads/images/logos/18247/vlogger-go-viral-tuber-game-logo.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://mymainstreetgrill.com/img/all_stars1.svg

HTTP Response

200

HTTP Request

GET https://mymainstreetgrill.com/img/favicon.svg

HTTP Response

200

HTTP Request

GET https://mymainstreetgrill.com/article/exclusive-content

HTTP Response

200

HTTP Request

GET https://mymainstreetgrill.com/images/thumb/250x250xc/uploads/blog/190/planet-of-lana-an-introduction-to-its-enthralling-world-and-how-to-get-started.png

HTTP Request

GET https://mymainstreetgrill.com/images/thumb/250x250xc/uploads/blog/192/mastering-the-art-of-magic-and-strategy-in-baldurs-gate-3-a-comprehensive-guide.png

HTTP Request

GET https://mymainstreetgrill.com/images/thumb/129x118xc/uploads/posts/1/ed6f13df8beecc4f769009a4f7580708f5651c59.jpg

HTTP Request

GET https://mymainstreetgrill.com/images/thumb/129x118xc/uploads/posts/2/cfeeaa018e0dd4761299056560dfa250fd966921.jpg

HTTP Request

GET https://mymainstreetgrill.com/images/thumb/129x118xc/uploads/posts/3/add2a787def1e6638c68abe59a1ae1eb00b05274.jpg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
104.117.77.184:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

msedge.exe

370 B
1.6kB
5
4

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
104.17.25.14:443

https://cdnjs.cloudflare.com/ajax/libs/svgxuse/1.2.6/svgxuse.min.js

tls, http2

msedge.exe

1.7kB
4.9kB
13
11

HTTP Request

GET https://cdnjs.cloudflare.com/ajax/libs/svgxuse/1.2.6/svgxuse.min.js

HTTP Response

200
104.21.27.152:443

https://use.fontawesome.com/releases/v5.0.8/js/all.js

tls, http2

msedge.exe

8.6kB
257.5kB
164
197

HTTP Request

GET https://use.fontawesome.com/releases/v5.0.8/js/all.js

HTTP Response

200
108.138.51.44:443

https://c.pubguru.net/v/pg-240320-66c-nc-2b6ef329eb0c855b312f3d07e2708b01.js

tls, http2

msedge.exe

3.6kB
107.3kB
54
89

HTTP Request

GET https://c.pubguru.net/pg.mymainstreetgrill.com.js

HTTP Response

200

HTTP Request

GET https://c.pubguru.net/v/pg-240320-66c-nc-2b6ef329eb0c855b312f3d07e2708b01.js

HTTP Response

200
13.107.246.64:443

https://www.clarity.ms/tag/jcyd0tvgqr

tls, http2

msedge.exe

3.1kB
35.1kB
29
39

HTTP Request

GET https://www.clarity.ms/tag/jcyd0tvgqr

HTTP Response

200

HTTP Request

GET https://www.clarity.ms/s/0.7.31/clarity.js

HTTP Response

200

HTTP Request

GET https://www.clarity.ms/tag/jcyd0tvgqr

HTTP Response

200
18.158.221.133:443

a3.pubguru.net

tls

msedge.exe

1.2kB
6.3kB
12
13
142.250.187.226:443

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js

tls, http2

msedge.exe

4.9kB
187.4kB
81
146

HTTP Request

GET https://securepubads.g.doubleclick.net/tag/js/gpt.js

HTTP Request

GET https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
52.224.31.34:443

h.clarity.ms

tls

msedge.exe

45.8kB
9.9kB
58
35
18.158.221.133:443

a3.pubguru.net

tls

msedge.exe

8.7kB
8.2kB
26
25
18.158.221.133:443

a3.pubguru.net

tls

msedge.exe

1.1kB
6.0kB
9
9
142.250.187.238:443

https://fundingchoicesmessages.google.com/i/22358798757?ers=3

tls, http2

msedge.exe

3.2kB
73.5kB
45
60

HTTP Request

GET https://fundingchoicesmessages.google.com/i/22358798757?ers=3
68.219.88.97:443

c.clarity.ms

tls

msedge.exe

2.0kB
7.9kB
15
13
204.79.197.237:443

c.bing.com

tls

msedge.exe

1.9kB
9.0kB
14
17
52.224.31.34:443

h.clarity.ms

tls

msedge.exe

2.0kB
6.3kB
11
12
18.158.221.133:443

a3.pubguru.net

tls

msedge.exe

4.3kB
1.6kB
17
14
52.224.31.34:443

h.clarity.ms

msedge.exe

98 B
52 B
2
1
142.250.187.196:443

www.google.com

tls

chrome.exe

953 B
4.8kB
8
9
142.250.187.238:443

clients2.google.com

tls, http2

chrome.exe

1.1kB
8.4kB
11
11
104.21.75.86:443

mymainstreetgrill.com

tls, http2

chrome.exe

851 B
4.7kB
6
7
104.21.75.86:443

https://mymainstreetgrill.com/css/app.css?id=0c7955a86921a1afac34

tls, http2

chrome.exe

3.7kB
75.4kB
39
66

HTTP Request

GET https://mymainstreetgrill.com/minecraft/get-app

HTTP Response

200

HTTP Request

GET https://mymainstreetgrill.com/css/app.css?id=0c7955a86921a1afac34

HTTP Response

200
104.21.27.152:443

https://use.fontawesome.com/releases/v5.0.8/js/all.js

tls, http2

chrome.exe

7.6kB
257.4kB
142
195

HTTP Request

GET https://use.fontawesome.com/releases/v5.0.8/js/all.js

HTTP Response

200
104.17.25.14:443

https://cdnjs.cloudflare.com/ajax/libs/svgxuse/1.2.6/svgxuse.min.js

tls, http2

chrome.exe

1.5kB
4.8kB
10
10

HTTP Request

GET https://cdnjs.cloudflare.com/ajax/libs/svgxuse/1.2.6/svgxuse.min.js

HTTP Response

200
108.138.51.24:443

https://c.pubguru.net/v/pg-240320-66c-nc-2b6ef329eb0c855b312f3d07e2708b01.js

tls, http2

chrome.exe

3.5kB
107.3kB
51
88

HTTP Request

GET https://c.pubguru.net/pg.mymainstreetgrill.com.js

HTTP Response

200

HTTP Request

GET https://c.pubguru.net/v/pg-240320-66c-nc-2b6ef329eb0c855b312f3d07e2708b01.js

HTTP Response

200
13.107.246.64:443

www.clarity.ms

tls, http2

chrome.exe

1.6kB
5.9kB
12
14
13.107.246.64:443

https://www.clarity.ms/s/0.7.31/clarity.js

tls, http2

chrome.exe

3.0kB
34.2kB
25
35

HTTP Request

GET https://www.clarity.ms/tag/jcyd0tvgqr

HTTP Response

200

HTTP Request

GET https://www.clarity.ms/s/0.7.31/clarity.js

HTTP Response

200
142.250.187.226:443

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js

tls, http2

chrome.exe

4.9kB
187.9kB
79
145

HTTP Request

GET https://securepubads.g.doubleclick.net/tag/js/gpt.js

HTTP Request

GET https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404110101/pubads_impl.js
3.123.75.12:443

a3.pubguru.net

tls, http2

chrome.exe

1.1kB
6.0kB
9
8
3.123.75.12:443

https://a3.pubguru.net/stream?beacon=immediate

tls, http2

chrome.exe

5.0kB
7.3kB
16
15

HTTP Request

GET https://a3.pubguru.net/?device=desktop&domain=mymainstreetgrill.com

HTTP Response

200

HTTP Request

POST https://a3.pubguru.net/stream?beacon=immediate

HTTP Response

200
142.250.187.238:443

https://fundingchoicesmessages.google.com/f/AGSKWxWvGFtUaqGiB0IA4LI24NA2WQxwKeFzoZu2h84FnwpwVbIN32hZ24nWfv_63BBZh2V2icaQt3Bsj-fH9tBjcbfi3rYjQUfpKGXHl_tsoTiz5ZMQlA7UCd_lAGHRQLc0IFjpwvI=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzMzcxMzgyLDEyMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly9teW1haW5zdHJlZXRncmlsbC5jb20vbWluZWNyYWZ0L2dldC1hcHAiLG51bGwsW1s4LCJlY0pIb3hKX1g4dyJdLFs5LCJlbi1VUyJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0

tls, http2

chrome.exe

4.4kB
84.9kB
53
74

HTTP Request

GET https://fundingchoicesmessages.google.com/i/22358798757?ers=3

HTTP Request

GET https://fundingchoicesmessages.google.com/f/AGSKWxUwbTAD6uLRoeBq6elYdmduh53c_wl2s-SfvxYgQBOfL3oHmLHzoKIVjE0aGnC_rQzdwpOgpDFZrWfYxPSRUVONimIGj9KMQ0yNAONaLXT4-J4y6EWYDH6iYEt8vTrteEZhR5I=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzMzcxMzgyLDUxMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL215bWFpbnN0cmVldGdyaWxsLmNvbS9taW5lY3JhZnQvZ2V0LWFwcCIsbnVsbCxbWzgsImVjSkhveEpfWDh3Il0sWzksImVuLVVTIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ

HTTP Request

GET https://fundingchoicesmessages.google.com/f/AGSKWxWvGFtUaqGiB0IA4LI24NA2WQxwKeFzoZu2h84FnwpwVbIN32hZ24nWfv_63BBZh2V2icaQt3Bsj-fH9tBjcbfi3rYjQUfpKGXHl_tsoTiz5ZMQlA7UCd_lAGHRQLc0IFjpwvI=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzMzcxMzgyLDEyMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly9teW1haW5zdHJlZXRncmlsbC5jb20vbWluZWNyYWZ0L2dldC1hcHAiLG51bGwsW1s4LCJlY0pIb3hKX1g4dyJdLFs5LCJlbi1VUyJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0
52.224.31.34:443

https://h.clarity.ms/collect

tls, http

chrome.exe

19.3kB
7.3kB
29
20

HTTP Request

POST https://h.clarity.ms/collect

HTTP Response

204

HTTP Request

POST https://h.clarity.ms/collect

HTTP Response

204

HTTP Request

POST https://h.clarity.ms/collect

HTTP Response

204
68.219.88.97:443

https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=563DC0888F3D454990A16A2BB3B05FF5&MUID=2B8A161B31B060542345027F305061F8

tls, http2

chrome.exe

1.9kB
7.9kB
13
12

HTTP Request

GET https://c.clarity.ms/c.gif

HTTP Response

302

HTTP Request

GET https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=563DC0888F3D454990A16A2BB3B05FF5&MUID=2B8A161B31B060542345027F305061F8

HTTP Response

200
204.79.197.237:443

https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=563DC0888F3D454990A16A2BB3B05FF5&RedC=c.clarity.ms&MXFR=0698836DF4FD61E623ED9709F0FD6F0C

tls, http2

chrome.exe

1.8kB
8.9kB
12
15

HTTP Request

GET https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=563DC0888F3D454990A16A2BB3B05FF5&RedC=c.clarity.ms&MXFR=0698836DF4FD61E623ED9709F0FD6F0C

HTTP Response

302

8.8.8.8:53

mymainstreetgrill.com

dns

chrome.exe

757 B
2.0kB
12
12

DNS Request

mymainstreetgrill.com

DNS Response

104.21.75.86

172.67.217.157

DNS Request

login.live.com

DNS Response

20.190.159.64

20.190.159.4

20.190.159.73

40.126.31.69

40.126.31.67

40.126.31.71

20.190.159.71

40.126.31.73

DNS Request

ctldl.windowsupdate.com

DNS Response

2.17.197.241

2.17.197.216

DNS Request

86.75.21.104.in-addr.arpa

DNS Request

c.pubguru.net

DNS Response

108.138.51.44

108.138.51.24

108.138.51.37

108.138.51.63

DNS Request

x.ss2.us

DNS Response

18.244.102.128

18.244.102.14

18.244.102.82

18.244.102.90

DNS Request

128.102.244.18.in-addr.arpa

DNS Request

c.bing.com

DNS Response

204.79.197.237

13.107.21.237

DNS Request

98.56.20.217.in-addr.arpa

DNS Request

www.gstatic.com

DNS Response

216.58.212.195

DNS Request

www.clarity.ms

DNS Response

13.107.246.64

13.107.213.64

DNS Request

c.bing.com

DNS Response

204.79.197.237

13.107.21.237
8.8.8.8:53

64.159.190.20.in-addr.arpa

dns

505 B
862 B
7
6

DNS Request

64.159.190.20.in-addr.arpa

DNS Request

use.fontawesome.com

DNS Response

104.21.27.152

172.67.142.245

DNS Request

14.25.17.104.in-addr.arpa

DNS Request

64.246.107.13.in-addr.arpa

DNS Request

fundingchoicesmessages.google.com

DNS Response

142.250.187.238

DNS Request

permanently-removed.invalid

DNS Request

permanently-removed.invalid
8.8.8.8:53

184.77.117.104.in-addr.arpa

dns

636 B
1.1kB
9
9

DNS Request

184.77.117.104.in-addr.arpa

DNS Request

fonts.googleapis.com

DNS Response

142.250.187.234

DNS Request

10.200.250.142.in-addr.arpa

DNS Request

securepubads.g.doubleclick.net

DNS Response

142.250.187.226

DNS Request

34.31.224.52.in-addr.arpa

DNS Request

2.213.58.216.in-addr.arpa

DNS Request

www.google.com

DNS Response

142.250.187.196

DNS Request

nexusrules.officeapps.live.com

DNS Response

52.111.229.43

DNS Request

12.75.123.3.in-addr.arpa
8.8.8.8:53

241.197.17.2.in-addr.arpa

dns

672 B
1.5kB
10
10

DNS Request

241.197.17.2.in-addr.arpa

DNS Request

cdnjs.cloudflare.com

DNS Response

104.17.25.14

104.17.24.14

DNS Request

www.clarity.ms

DNS Response

13.107.246.64

13.107.213.64

DNS Request

h.clarity.ms

DNS Response

52.224.31.34

DNS Request

44.51.138.108.in-addr.arpa

DNS Request

237.197.79.204.in-addr.arpa

DNS Request

www.googleapis.com

DNS Response

216.58.212.234

172.217.169.42

142.250.179.234

142.250.180.10

142.250.187.202

142.250.187.234

142.250.178.10

172.217.16.234

142.250.200.10

142.250.200.42

216.58.201.106

216.58.204.74

216.58.213.10

216.58.212.202

DNS Request

195.212.58.216.in-addr.arpa

DNS Request

a3.pubguru.net

DNS Response

3.123.75.12

18.158.221.133

DNS Request

pagead2.googlesyndication.com

DNS Response

216.58.204.66
8.8.8.8:53

234.187.250.142.in-addr.arpa

dns

525 B
1.2kB
8
8

DNS Request

234.187.250.142.in-addr.arpa

DNS Request

fonts.gstatic.com

DNS Response

216.58.201.99

DNS Request

99.201.58.216.in-addr.arpa

DNS Request

c.clarity.ms

DNS Response

68.219.88.97

DNS Request

ctldl.windowsupdate.com

DNS Response

217.20.56.98

217.20.56.45

217.20.58.99

217.20.58.100

217.20.56.44

217.20.58.101

217.20.58.98

DNS Request

3.200.250.142.in-addr.arpa

DNS Request

c.pubguru.net

DNS Response

108.138.51.24

108.138.51.44

108.138.51.63

108.138.51.37

DNS Request

c.clarity.ms

DNS Response

68.219.88.97
8.8.8.8:53

133.221.158.18.in-addr.arpa

dns

347 B
767 B
5
5

DNS Request

133.221.158.18.in-addr.arpa

DNS Request

97.88.219.68.in-addr.arpa

DNS Request

234.212.58.216.in-addr.arpa

DNS Request

43.229.111.52.in-addr.arpa

DNS Request

h.clarity.ms

DNS Response

52.224.31.34
142.250.187.226:443

securepubads.g.doubleclick.net

https

msedge.exe

3.2kB
6.0kB
7
7
142.250.187.238:443

fundingchoicesmessages.google.com

https

msedge.exe

13.5kB
100.6kB
86
134
224.0.0.251:5353

chrome.exe

786 B
12
142.250.187.196:443

www.google.com

https

chrome.exe

4.7kB
46.6kB
30
45
142.250.187.238:443

fundingchoicesmessages.google.com

https

chrome.exe

3.7kB
8.2kB
10
12
104.21.75.86:443

mymainstreetgrill.com

https

chrome.exe

29.7kB
934.7kB
161
789
142.250.187.226:443

securepubads.g.doubleclick.net

https

chrome.exe

2.9kB
6.5kB
5
8
142.250.187.238:443

fundingchoicesmessages.google.com

https

chrome.exe

4.2kB
11.3kB
11
18
142.250.187.238:443

fundingchoicesmessages.google.com

https

chrome.exe

5.0kB
10.3kB
19
25

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
56KB

MD5
c913fb782ce16ec5722bdbe2ea4693b5

SHA1
b0a98bde638d178894749abdfcef3141762d09a4

SHA256
0806f9679af2a67f4cf27b11050c68b230642934d3c5c5700adaaeea25e1df96

SHA512
9f00a396f5721c6c885ffe2cbe0189bc879ac1360555d2e13006ce2ee6c6ca691d85af9b26cf7fac89e554a0f1ca621dad6959339d58dbeff66980c7ab6cc8be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
87KB

MD5
5450cf9e83ef213f0b09760c995f58d2

SHA1
eaf9a85f8bc87079572ade161e67027dd7316436

SHA256
5d1b675db8e976319a2a6bab9cb952db0027a8018a4faa403f154216f4a9d807

SHA512
ae9d9638c104d35d7029ded032ea4f0c30a93908dec53d0b1752f6dd9e69917bd568d989c15428eadeea34faf219f5c708f0a92a4a2b166095dca98e5c9e5de5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
28KB

MD5
873a2e504ce3fca43f62af1bb62b2113

SHA1
6ca4d2488a29caa38061fea894e5ee4212474517

SHA256
a09638c67c72c2e94e582676fef67f6a12c854d7c7a80fdad8b1ce9e7b0ae8c2

SHA512
722bd2232e24519208c27fb23b72cb6cd1f171b0ca21fd7c7c7e08afb760a375e898ccdc779df7d7aa637662da8eb21007e7f8218ed1e461eb0846f26099044b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
25KB

MD5
7960ebf276f696e381b1a223d139a266

SHA1
24e31a5a35eb65fedd0bfb3c67f7ef7d5dc33093

SHA256
8e50fc3d4937d297c3cfab95b1be57a1f57e491c0493600fb18c60607e31838a

SHA512
ea061a44a9d84972a0131b0b28e229ea879df14046150fb7100c5f7a2955f476ca87bb5c24b1221ebbee3f6008131094ace693f556c9a7b09240422244ed3016

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
139KB

MD5
b8704d6b1bed964a0516752826f4a183

SHA1
a34884954c588bc78cc57564ea74db164c74ddd5

SHA256
75987fc3f1c1712a3e19e57fa7772b853e4021d71c650a3ffd7e11405ce48d45

SHA512
73bc3c572c8a630da56b3496e4d6808b7cc9723ac8207a8cb1efb95de3e989c12f69ef64e29732ee2435b3d2463d7e5549457e10a19f3f04e719d3467d04aaf3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
3KB

MD5
3721081620419c9302460be7a6da5c26

SHA1
235d72d090102bac939fd2b73c8a15dee13a9a08

SHA256
0bdf04740197b9547d0ff346b0d106903b4ab5ecd4a86df8eb5f057811e35602

SHA512
9cb575da709b42b7ca0de74b19ef525c356be22dcf71896c44ebbc605fb9b9e3bc665fddfaf6d7d1f9b2879386328b5f7e51e204d4a13d5f7f10a7be1dbfd699

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
692B

MD5
f1d3e5ac341d47b4e062a58a31da510f

SHA1
4cc1fc9208be11f5d59f6ee38490effa1195952d

SHA256
60d63921a25c4c5de48520abd5febf9dd32a51b7f9308838fbf19b4dffe96311

SHA512
e8fca5be4f2868b54cfcd9affc93e2c34c7d0d6159d590fda28be31a05254dad0a2615a70f7b690103b3f9aac0c8563f3e711bc49d6806bea9c4433fbb8b82fe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
76e6e36d96d34a9f600ef66902e4af5d

SHA1
7d34386d246be52bebc9d3c27c49867c4be1a53d

SHA256
6823e3316788f4c2ae047d11d8db01fcf1e6ecac59f0bb1a74a2172f04d705de

SHA512
35d07a609460fc2889c97334a197365eff1ecd8ebbc29d9f929176ac55294af461c84030b48285bab2720efbc42d0d2a7c99b522c36245dea5ae5777aac9dc2e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
e1c978587205baae8fc3526bfa647fdd

SHA1
bda8258709ed01a4bcd3c00297d93389b42937e2

SHA256
7c3fed753bcb9e86555bd85f3e42ab1f704561e3b4dedd7a37bda0d44acfcaaa

SHA512
b9710a4e6085799fe878eb1242262948502a0435c980097222f557d93c8b91f9f0de81270dec8b50f390368dc15c1426c5978c7e385d5a3277e3ec3cb0d010bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
1dd6ed85cd0db1ea2d21ece6dff03d30

SHA1
a2e25162e6d3a0af64b5a44ee6f50c553919f78d

SHA256
9f9066fd35fe993a566e9eee13aeb332fb4b87088e15d5c86fca07604986b4ca

SHA512
d91416c3989ce25f772dddabcc663fe005617742bbabb665a74bd0cc1758182a554b5b83dca160fda780b07bb84e49e7aca880636799484d76cfa0ef467181ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
16KB

MD5
8f167d448aec62bd7c710943cc3e8376

SHA1
305cc7019b273a6d650f0c86aa039ebc4b0775bd

SHA256
1bf99935d9862ba86482a120994a44bf0a8308cb82a5cc03cc10ea97b36ddb23

SHA512
a669fb4927319514bd6b389374126193d5f2c43be10a53a5fa1fdfe10729826377d25f3e565a48b48f7b6fd5a5a3e7e3f1b809023484dc8d02fdc64c4b174379

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\e93172fe-1931-4eb3-949a-1d821c5f7dfa.tmp

Filesize
251KB

MD5
7803278f97a1440afbf91a3ebdd3dca7

SHA1
1a90d71ef1bb9436ba8a4b8ef3f983ce219dc4fa

SHA256
68a047e5fa22e78b6c6e438f61775a9cdbc8116b839840616286c2f415a01f86

SHA512
a9c0f341123170bb91b5afb73544c52155eb441e5b481af1d560e34adb4d4bacaaa916e2ea7ba20f868aaf132758203eeefb19922c4b32a0913f1daeadb302ee

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f1a9c7fa806c60a3c2ed8a7829b1461f

SHA1
376cafc1b1b6b2a70cd56455124554c21b25c683

SHA256
1eb39b1409ce78188c133089bf3660393ac043b5baade7ff322df5a0ca95380b

SHA512
e1cb2f84b5cbd86b107c0a9ec0356ab65a54c91208f9f8e83fec64bf17ae89356a09b0cd39d2726424f4041d7b25b962c23672b8645c2e10f11ff4d2075f4afd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f3f6e86c8b7bdc605f5559df800bfd34

SHA1
862d05bfba760ae8adcbb509216dc18ead59a6b2

SHA256
5dfe9be21d4916615025055f1a70151362bdb404b40f074685e39b33ad545a78

SHA512
de576ebf0cbe1c5e7639c42517253796cf4b5770298271ac2e6958404998f2d6b8e3378a535f2f316f4020fd8e60b5cc9c1b6b5171d307ca3215afe8ac47a7c3

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
648B

MD5
66c48552be23ed05305f0f4d5488dfd4

SHA1
b43569477153a2760c1380e4b8487949de732bb1

SHA256
12009eec0a1555d19638f570a6bc5f93873a2e904e9c84cb1f843cb42629f458

SHA512
85bb0bfbda07ce49bb35169c6cc3493e45ada43824767df216bc05a34d3179ddc69b7e50acbb6eb22a3447570081b1f32c8dd63327044d4bda620745e241236f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
2KB

MD5
8690d9efdaf56988e76a65388e96da88

SHA1
3f6968a48483fe367b1016c5c401eba66565cbdd

SHA256
2f79498e43083eb7d967dc63d051c35c23c260a82e13371ec840fdf6b094f1b7

SHA512
83181646e3450a8ab8d06f2fe3ac4efa73026ba0ec0c200ef9a89f43c1adbb06d813d6db76955a215eb57d1d51f6705ae7a853434bc964b4a29da801d960d996

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
547e283748525e3abff59a531f7b2122

SHA1
262f3641fe3b787aa91229d43b4a4139a26fb864

SHA256
6aad7d31bf9469299834c6f13ffaba2439ca5f48e5e4d2e9f850f54a67435604

SHA512
d4fea6df842ece00d9ff1124c7bfdc969bacf23b63a0de7a13a99acea9ad1690dbf8a1281a4ef83606b678c5b6d194a023c8d5096f30e1ef6d916a18ba65040c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
65b44dc6d954a92c94726cc13b760b1b

SHA1
e66f0648d5fb97369228cc8ddd936f880bfeabe1

SHA256
24520834a9b748c411678767e9ed78ff2b6f10fa22de6195451127f1e25357bb

SHA512
7fb558f1d7e01fe914d6c10d9e1c763e9bcf048eec9199a9da54a132dfeceb2b03a3f545098ffc99ea9078c3079bbf9d97346ca66669dda1b14e6021c54ea8d2

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
ed5d6780d982bb66818757180bb59049

SHA1
702d6b761cfe7196ba12f2a7d59f3357b0f2bd67

SHA256
afe2899512aab35c7dbf56faa90c0a3ca59e55e0e159133dabe2de016fab3c47

SHA512
6e2b48db31ab10e0c91a5be764c1503e53c2c339738081fd9cec0fc045453dc865dad735c5b388874e14f70fedf32787eb219f68a4910d02f4407225e7d1f452

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
10d9013651a5a39e2639ff778c960dd1

SHA1
ce26ccea4c8687e68527f857b27a8d11eccc309b

SHA256
3364b03a520807147769d59e04389eec7de358b65076128590c1d7f8924efc54

SHA512
d93cc78b9f6978774d56f5711db8a37c1d53eeacfce2a02520d6b390386568ebb9ba625189577ea6754938ceaed36ff07334239b32d63d88f01d5b4a496b9424

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

Filesize
25KB

MD5
1ba57e6008efae9381321a3f96566e65

SHA1
9e0aaa668801f54812ef04035ec6c1332c3346eb

SHA256
32bddefd677a969403bf5fb82bc5c6bb86db22db737a323b5c5a841ba6f07b4e

SHA512
09f636b51b8ccd9fa588e1cfa5ea370b2ffdaf438299eb2df9cec2e97bc01b28ec1ac629b86caaa7531a4410868da85b5e756cedd734f5040c6882dd311ff504

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\cf3ec64a-3f9b-4857-bcd4-85a46778fd22.tmp

Filesize
75KB

MD5
86c90ad48e91721510bd420a3251e4e0

SHA1
fae9c3eaab11c7d8d1502aac558aacb5aa3b7768

SHA256
2a5b4b597a2274443d96be556f57d56d64a70d9f21de753a0d7c510424b6f1cf

SHA512
9b0876463ec561ece2d223c5cf310983cc0af1f818080e7c6ddd7dfd0d46731d0914ea7835df98d8bc36b47deaf26e914af25121bb7fe2f12db7966f38455e12

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
c535929603b20e1b49a3d75e8820cf54

SHA1
5fc4569f86975d210aa235dda71bfc1aee9d976d

SHA256
f26366fe95dae0cef820ebe48c24ee1b4be44faa9315ce3e5faec82f36649d18

SHA512
63b4f72313463106471f3dd8c52dd6aceceeb86a9475d2c2f3cd3f576eda75079d93edc356ebc74aa75ebb58d80f0bcbc4eb78bd51aaae527efa24f118673853

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
12KB

MD5
50f33e11ece41d97f63fcd14ed51132e

SHA1
a3d36a5a906600b2fc7fe44dd967248151e9efb3

SHA256
6865749649184cca813d414fee1db772b6053ec99c2405c59b09436f5f1b09bd

SHA512
3139657309a820928df493f297c6ff26e4fd28d9c28cb2d55173ae639f098a2e571058cb406d62a9fec3b2f3833d3042f3916738e2fd9c8db958fb5bea2bbffa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
d806b26e986a72acd57cac3061cfc407

SHA1
c5d91746d0772920186a66c9b8f0586fc61d9b39

SHA256
b0b96572e8528dcfc70848c6c11500ca00eb857c6184ec430700c2619a24afbc

SHA512
3c951f3a57d3ec8b45a6c709b12875e5569f3b6350f3efeb2ca39f9aec92f83e9aa596d90bfcce202da799fc8d75450dcdcaa1da18d07f81fc7786da95d580c0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Profile 1\8333ce77-2878-40cd-9311-a898b37f5953.tmp

Filesize
25KB

MD5
d7fef0d396568b098107bd20840303c8

SHA1
ec33d085a894a9b3dac818948b1adab37a250ab1

SHA256
e15c2aeb7ea7057bfc002673da799cfbfc1a071ea65a469666d59ab860fab30d

SHA512
ed6c67a99fc00054368dd6084bae523d4a420b2cba04b45936f81a52a897bbe79123d28381ba528d7305df842332e22f979c5735497326beb59ad3c5cdede57e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Profile 1\8c8e0837-d6ed-4400-ae2d-76080a0e5b8d.tmp

Filesize
4KB

MD5
5483d03b83e24c15e23a713086514097

SHA1
ed3c8775f01b2d746b7cd1d32bd58bba8435144f

SHA256
f1068a22fddcfb93305505ca8c706bff781adfa9b94ad2f7d6add99d5e6e6c77

SHA512
07b45c01dc5bc453430a1119727d10988173e74423d93506ae8590e6997f8fa0f2139bd1f38d9e7c1cbc2b8da35187f02eb432390d1f214477770fa7fc2521ef

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extension Rules\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extension Rules\MANIFEST-000001

Filesize
41B

MD5
5af87dfd673ba2115e2fcf5cfdb727ab

SHA1
d5b5bbf396dc291274584ef71f444f420b6056f1

SHA256
f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

SHA512
de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Profile 1\GPUCache\data_0

Filesize
8KB

MD5
cf89d16bb9107c631daabf0c0ee58efb

SHA1
3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

SHA256
d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

SHA512
8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Profile 1\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Profile 1\Preferences

Filesize
4KB

MD5
b0407e127c10faee99eb512024c34dbe

SHA1
83ed8a4efc7956673ab3fcb4f184bf4879d66853

SHA256
2d9793c84f2ee00e594baec438b5c2de6f5bb3b8012058f873f3e47e0aaa5a77

SHA512
9f74b33f5c77e7a42ec440e2747c447dd2d791f1ede8501e8bab84cf19299daa91c1b4ff14c7c0c64dfde4b54cc1a072ee77b4794290d891ed19acbb6e84094d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Profile 1\Preferences

Filesize
4KB

MD5
e975d6730ba61086ee2d94e70b82c990

SHA1
4591a7841e595fe79f980a506a7eb94ee1dfaa9d

SHA256
f4ece5ec97d56cfafd38d811d40319f836942262fb1843a693615eca2053cb6d

SHA512
e3514c4080aac942a1ca111a8d1bc7649a121cbe99fe37b007f8b1531bb9183f0ae7bbe7fc6e0e58482896af3bb9a1aa1979c031c1eeb449428e33fd4352fd2b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Profile 1\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_2

Filesize
8KB

MD5
0962291d6d367570bee5454721c17e11

SHA1
59d10a893ef321a706a9255176761366115bedcb

SHA256
ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

SHA512
f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Profile 1\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_3

Filesize
8KB

MD5
41876349cb12d6db992f1309f22df3f0

SHA1
5cf26b3420fc0302cd0a71e8d029739b8765be27

SHA256
e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

SHA512
e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Profile 1\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network Persistent State

Filesize
111B

MD5
285252a2f6327d41eab203dc2f402c67

SHA1
acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

SHA256
5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

SHA512
11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Profile 1\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network Persistent State

Filesize
59B

MD5
2800881c775077e1c4b6e06bf4676de4

SHA1
2873631068c8b3b9495638c865915be822442c8b

SHA256
226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

SHA512
e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Profile 1\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response