Windows Analysis Report
https://www.tsdrms.net/?Go=SIG&Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3D

Overview

General Information

Sample URL:	https://www.tsdrms.net/?Go=SIG&Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3D
Analysis ID:	1658479
Infos:

Detection

Score:	1
Range:	0 - 100
Confidence:	100%

Signatures

Creates files inside the system directory

Deletes files inside the Windows folder

HTML page contains hidden javascript code

Classification

Signatures

HTML page contains hidden javascript code

Source: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3d

HTTP Parser: Base64 decoded: TSD Rental PROD

Source: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3d	HTTP Parser: No favicon
Source: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3d	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 142.251.40.132:443 -> 192.168.2.7:49690 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.190.169.36:443 -> 192.168.2.7:49691 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.190.169.36:443 -> 192.168.2.7:49692 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.40:443 -> 192.168.2.7:49701 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.190.169.36:443 -> 192.168.2.7:49705 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.98.62
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.215.203
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.98.62
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.215.203
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /?Go=SIG&Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3D HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3d HTTP/1.1Host: www.tsdrms.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38
Source: global traffic	HTTP traffic detected: GET /Telerik.Web.UI.WebResource.axd?d=PMrIT5dOWaVYIcpFWUE4nP9yWVW_LPdGCuxImvKb9GvHd8tdC9UtVu5NWbQus4fzitpTcCAh-TLo4rvA1_2ay2obIuRnun36ZkXyVXjq4plK31M0Kb2SlXIlkm2-yMZm0&t=638780296757989810&compress=1&_TSM_CombinedScripts_=%3b%3bRmsDotNet%3aen-US%3a1acf599b-6f62-4d96-b264-57bc163834b1%3a9a2a500a%3a5be57624%3af9dcecd7%3bTelerik.Web.UI%2c+Version%3d2023.3.1010.45%2c+Culture%3dneutral%2c+PublicKeyToken%3d121fae78165ba3d4%3aen-US%3a366ce917-c5cd-4c60-b5c7-0560a9bf3282%3a505983de%3ad7e35272%3a3e0dfe6c%3ae7750fd8 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=iaiOiKB3VYPtv-3qQiIlmrwNyNWBxPhEnkLBeM93MxeKZbT0K4y35mcmkeGAw1wphHwe6J4MhvKwJ0D2mGencublt-zMtp9ztBoj0TRh6xuGz-yhy3RfrPaQ9hpeoi6c6_i4d0MrT1arpQEk0JDtWw2&t=638755637488522181 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=_tg1CM77smVeEL1E7ssmaEN2uGpiRgEHIkiaOvD9KYl5DEGynTOM9ZxpQ3QknkmaF8Y7GABo2iqvdF-oMpBJulAgrD77qPFuZ81lbQkTMj97Qy-ZPAR35EXgGLMALzhNf2n1R-9-iNXosMkMnQa6vg2&t=638755637488522181 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /RadControls/Ajax/LoadingProgressBar.gif HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=pynGkmcFUV13He1Qd6_TZCQHhlIJUflz_eYx-RNIGCMw0FFlfHLytob_9ULfna0joSOOcCOcAsFGRiuTsMiouA2&t=638780296759708690 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /stckjs.js HTTP/1.1Host: stckjs.stackify.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.tsdrms.net/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=S942o5NpNFJ4S0MrALCnJBClVN2LGBKTmQGBk8JjcrMC6LIjaWEZUgvT8Tbm4Qjj6adI5LNSTHq9fu1gmahUvWZhQ9-6U_PxB94DmAxv8D6jrTWQLegEjPbpACRNeueA0&t=638779009524259514 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=ltkh5Ee7qWmzwJYG6AwzLIg-Q8XmVQUE5kW1CoEQBcmn6P5ExAPxF5ViZLu7ruQcmIdNYHNn-4BRpRiC25xWJUHxUzhCAH6SYbs3Cdyzu3o1&t=638779009524259514 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /RadControls/Ajax/LoadingProgressBar.gif HTTP/1.1Host: www.tsdrms.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=-q4YBx0UbRW_Pm1G1znu2zDhyYlCNHAs_HCdGVp2tYsRwTth1bWXEsz6STF_mVmBLZKY0MAwbKTREgTb6hh3IFXCDDuXX0VOfg-PuIf2ZwRu8lfaPE0iRdR4kbSLVx9i0&t=638779009524259514 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=2mQsUKsJJtk-3PzVoAymQnP7iqEHlCfdEuOUuY-kEdpNEip0AneWNCGKuWS0VrS3QJts5_XQpL0R3OWOqadsabt2aICjIfwgebpo1crKqjd5Gg8-pFcLh14Fjf9HEq2C0&t=638779009524259514 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=me7k-UNSswsN82wRT4ZBWrndD0TEGb4DK1EjXoK1cY5g-ugXzGnb7VOuRNInLRY_E8pjOLJPCcPJHIUxe5AGw84JKN0IHSYfwWUy3hn8qFg1&t=638779009524259514 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=uHIkleVeDJf4xS50Krz-yA3WQcwvH-SXeubYbtmZiwLPfURCTL-PE4bZ_IQ2v_V-d7t3mwJk9FxgY7T3G75Jkrc-EOMcUSFTk_6p-TjwuNcH1K5IMThYCMZLdq8bkVD2sq5PMTEjSSpow-SPEifZS4-uDObvpcY4JKLr_5Vv1e01&t=b990ecd HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=Jw6tUGWnA15YEa3ai3FadFIOAPMtzo4xB9l-WW-G-7Ho44wc0RMpLbpeinbB308j40qsddE5duL8gWm7hdgAOb3cL6LWJl93uR9U4MklNLh_TH5mweu7fVYWRgasJqE_W5HxyhOXgn-TnTyXnDqy8iPsvIlN1ewKNcI3UqGJi8o1&t=b990ecd HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=vbzqrQhv3ncWBk4jyRvwuxNzxx8f8b3Gzv7pJ61Sb_-q2tHGNsbGLJp-nrhNqNcGtEqznEr5YRgc0CgOMjW6piydgAnaB6wvDlt1hkW-JhHYo1SsuA5qaK2EFnRMLfuG0&t=ffffffffbea5e277 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=8u3ngCqoRB16IXgFyG-fdn2tq0UMRG2n0gRFWbepARqfDn12_ccM-Nfc9HBkOSsvqBfcT87m0Z7eLgaGoZoIXmbf2Elxh7IZgKzb6nHOp6Y-wxDTJvefJUQDc3fzgbKx0&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=fgH2o6PXbcTnUV6W8ibPa3xlClUvLv41uyP_T8wygd-se-DcJKsQ8w-wdEM8MdeS3WAWQyOUN9wcUQ3iPldZqxMdQByK0SjRlOyRPEn1w0F_ayNLqocMmqEXuLInTII70&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=pL5wgiwL1GpmyqMwhkDjF_baONxN0QlVODWdXkrM68UwFTBBf66YJ_8v8UZubtvXn-i_nP_T_610TA7UG1I8TO8Pkv8JoLPbbF_VTpJFvmtFecoFHp_7v1N0AcwbptJYuHNEZH6--JI2i3QioJWnqA2&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=dnHi0nMgDDe1Bo6v1KTdpNsRaTGLnaCA4IZbREZSJJJwvLDxwbDbFtikYD7BRqcgh9Dn3WEpv7FmfM-wAY9CoO556i8gBAXgO7_J_hFUU-MesVyPNONzHPDfHGrNZ5bWO-NEShS8DfD0U1HA-qG0PQ2&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=U8OMYmPzb2LbIsKauUCqxqgbVht69dAmEp-zeMM1NOCJeHh7GdKjgAGJgCozhNygdCUHLne2zg0xcm6oC48g44TflCZQlSSwAb-6sV9A2qMkzr5FH2uKcSlxSDeOFpXLq6o7lxKUgx2ANmBQ5zHNqiDV6IswcqTuyG1KIu9izLU1&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=Taq5viT0lCo7nhcwUrcGx8cW2EqbMV2DtFpuEerteMtS0BClhNikofIWULWTTu42AjmgkpNzjUWUEZaaNSazI479uw1eLx42f-lCDbznKb-5wlTyUVSkv-4MVzscxjjjb4Myi6juCnz7qSEjuc7Szg2&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=p7uNRdaoc4-b1DBapoIeEPQqm9a_rKxtxU1ySVwU8oxt5vN-WAOvfSyh3oNPr3ZkQ0OSE6atwwC9aE-F6fchWugRYq4tPbwKUdGJcnrUpRP0M4ABhtJ3GlPFhlGZEJvU6OXbhXS1DgLFo8m8HSrnuz5eHbqb2KQnnje_mET_T6s1&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=DnBhZK7c8H-TJp2F5YouF3HQYFVioPTWw3suPNWkN21vfwOsLC8RJLilvmsve3-Rxq1_JLUFaWUZaSjHjBzdfQRPZh7dSUp1cvspSTy9SoFa68GxkPBdgj0GUHvs8oNN9xcRyCCftah3TAtMvh2DYg2&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=PVwahu2UCS6NMfsBPGrJ9zAxqsSrWGgb9wJtaHil08CsmjW-tr_N97cCpmIvZ0ohK6NbaF2iSRpC6F10g9heMRLgnZ8PXh3WDd5wA9oN_k2yUMW57VbcVOHgEH0_J_-W5sOxDKgoO3aLzO4DxMlgAA2&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=kJlKp4-GwOWHtOAUilzQiXjy8IMYHxkKdH5Ykh4rWJEAybtBlOK5SPjdvsZYtJMe96-eh2vQaU1azDt-fCD67eSuadFgrCjezZiCmQTFnTqNDs0osGRD4YRxf4GNrFz1AhB4NLJRgqvi_IBtTlCfjqTuReJPPz-Q6AXjjc_MSTa7k2aTBWUOaM0hZfKnJycS0&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=oTWEP7ThC1yo24ooSsBTo_LJxmNyme-Yok7GCXb6_a-LJRFewqhLpOoKfi8Cwm8rRgqWEjFp-F_GxrB7I8zvgmzbFnX7YAP3Db08c9SPRGhDYslILnZwa4hsv45RuWcSHjVngGIWiqPNKpgi_v4fT_UnqX7Yqd0KgtxZbBhGyp81&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=6q2f3O5KC8zLZ35GnSZEMv1V1a8PmmwfciLNBUj99DIWo3gUndkWalzOJJD7GaL4GGuNGHALj_XNFIOA27ttvutBPQxeHwB-17JAJ_gkYPYmmwSxBu1JOVP6FGXqyrfwpt7g9Y_cgYZvMdldX7m48r_aJYjDc2W2Im9Ogi_eF141&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=KlfC4ae2T77svfC92c_tARKZQY7M2b7ylcmIQU8L_u71TC4lNzNp2M1BSmV6XZgGislkXnn465poiohvXmyC_Mn7sQY8m0x8UnBUuYkvibEXVWHFnDdHrQ6Rtm_Sp5-6_Lzo_DhcABqYCY7Wd6xdHQ2&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=ZhcY_FEp20YikoUyFfo5TDD7NM4KOAKGCSFxGjiNwKHSB1B7HXW_f_WINi4g8D8Z8ZjmOX4GqDo7oaVrV_kykuU1iK4yqJOZHgBnrhUWG42r2UGQyD1uHrw4UkuiXWlMWiAVLPnTAh80w81Wh5B1wA2&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=46ZO5QrHUJEydEfBp83-z2FH-8IMQV0X4R0MfVcsSAeGFqmGZzcM1iHekRe7MfbJglfU6dX6b7L8jIenrnFY_maP1HS6_CSMAISGw1EZs6cw79TaQpB0f5ynq-k-E1KQqRbZ01BaPTcwuUmmw5LROg2&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ShowFile.aspx?Name=Print%20Agreement-TOY-4647.jpg&Type=image/jpeg&Extension=.jpg&Disposition=inline&FileName=32fd1d87-fd08-4ce4-8bb1-64de8ba8284d HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=vrJQWbErxr_ZHmhKucriM4QhwT83cg-PrO7o35AEKaF13L0ZjPQ4Ra8tYA9qSBwmk2snrhLqlDexIA59sq8wvoWME3VKLdIYIfGB2kPpM3pRKuoEYbTKkjHCEYLaEcDk4gdVZ-kHxQm1dJq75whwNg2&t=638755637488522181 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /images/footer_logo154rez.png HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=vrJQWbErxr_ZHmhKucriM4QhwT83cg-PrO7o35AEKaF13L0ZjPQ4Ra8tYA9qSBwmk2snrhLqlDexIA59sq8wvoWME3VKLdIYIfGB2kPpM3pRKuoEYbTKkjHCEYLaEcDk4gdVZ-kHxQm1dJq75whwNg2&t=638755637488522181 HTTP/1.1Host: www.tsdrms.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /images/footer_logo154rez.png HTTP/1.1Host: www.tsdrms.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ShowFile.aspx?Name=Print%20Agreement-TOY-4647.jpg&Type=image/jpeg&Extension=.jpg&Disposition=inline&FileName=32fd1d87-fd08-4ce4-8bb1-64de8ba8284d HTTP/1.1Host: www.tsdrms.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.tsdrms.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /r/gsr1.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: /If-Modified-Since: Tue, 07 Jan 2025 07:28:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
Source: global traffic	HTTP traffic detected: GET /r/r4.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: /If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog

Source: chromecache_100.1.dr	String found in binary or memory: Math.round(q);t["gtm.videoElapsedTime"]=Math.round(f);t["gtm.videoPercent"]=r;t["gtm.videoVisible"]=v;return t},Vk:function(){e=qb()},Md:function(){d()}}};var $b=va(["data-gtm-yt-inspected-"]),AH=["www.youtube.com","www.youtube-nocookie.com"],BH,CH=!1; equals www.youtube.com (Youtube)
Source: chromecache_100.1.dr	String found in binary or memory: S(b)\|\|Im(a,b)},b)},Jt=function(){return[L.m.R,L.m.T]},Kt=/^(?:www\.)?google(?:\.com?)?(?:\.[a-z]{2}t?)?$/,Lt=/^www\.googleadservices\.com$/,Pt=/^gad_source[_=](\d+)$/;function Ut(){return ro("dedupe_gclid",function(){return mr()})};var Vt=/^(www\.)?google(\.com?)?(\.[a-z]{2}t?)?$/,Wt=/^www.googleadservices.com$/;function Xt(a){a\|\|(a=Yt());return a.fo?!1:a.fn\|\|a.gn\|\|a.kn\|\|a.hn\|\|a.rf\|\|a.Pm\|\|a.jn\|\|a.Um?!0:!1}function Yt(){var a={},b=Sr(!0);a.fo=!!b._up;var c=ht();a.fn=c.aw!==void 0;a.gn=c.dc!==void 0;a.kn=c.wbraid!==void 0;a.hn=c.gbraid!==void 0;a.jn=c.gclsrc==="aw.ds";a.rf=Ht().rf;var d=A.referrer?dk(jk(A.referrer),"host"):"";a.Um=Vt.test(d);a.Pm=Wt.test(d);return a};var Zt=["https://www.google.com","https://www.youtube.com"]; equals www.youtube.com (Youtube)
Source: chromecache_100.1.dr	String found in binary or memory: if(!(f\|\|g\|\|k\|\|m.length\|\|n.length))return;var q={Vh:f,Th:g,Uh:k,Fi:m,Gi:n,qf:p,Rb:e},r=z.YT;if(r)return r.ready&&r.ready(d),e;var v=z.onYouTubeIframeAPIReady;z.onYouTubeIframeAPIReady=function(){v&&v();d()};C(function(){for(var u=A.getElementsByTagName("script"),t=u.length,w=0;w<t;w++){var x=u[w].getAttribute("src");if(LH(x,"iframe_api")\|\|LH(x,"player_api"))return e}for(var y=A.getElementsByTagName("iframe"),B=y.length,D=0;D<B;D++)if(!CH&&JH(y[D],q.qf))return sc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.tsdrms.net
Source: global traffic	DNS traffic detected: DNS query: stckjs.stackify.com

Source: chromecache_112.1.dr	String found in binary or memory: http://benalman.com/about/license/
Source: chromecache_112.1.dr	String found in binary or memory: http://benalman.com/projects/jquery-throttle-debounce-plugin/
Source: chromecache_112.1.dr	String found in binary or memory: http://gsgd.co.uk/sandbox/jquery/easing/
Source: chromecache_112.1.dr	String found in binary or memory: http://www.appcropolis.com)
Source: chromecache_112.1.dr	String found in binary or memory: http://www.gnu.org/licenses/gpl.html
Source: chromecache_112.1.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: chromecache_100.1.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_100.1.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_100.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_100.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/ccm/collect
Source: chromecache_100.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_100.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_100.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_100.1.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_100.1.dr	String found in binary or memory: https://www.google.com
Source: chromecache_100.1.dr	String found in binary or memory: https://www.google.com/ccm/collect
Source: chromecache_100.1.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_100.1.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_100.1.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_100.1.dr	String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_100.1.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_100.1.dr	String found in binary or memory: https://www.youtube.com
Source: chromecache_100.1.dr	String found in binary or memory: https://www.youtube.com/iframe_api

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49695 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49697
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49696
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49695
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49692
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49691
Source: unknown	Network traffic detected: HTTP traffic on port 49692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49690
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701

Source: unknown	HTTPS traffic detected: 142.251.40.132:443 -> 192.168.2.7:49690 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.190.169.36:443 -> 192.168.2.7:49691 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.190.169.36:443 -> 192.168.2.7:49692 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.40:443 -> 192.168.2.7:49701 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.190.169.36:443 -> 192.168.2.7:49705 version: TLS 1.2

Creates files inside the system directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\scoped_dir4984_7361478

Jump to behavior

Deletes files inside the Windows folder

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File deleted: C:\Windows\SystemTemp\scoped_dir4984_7361478

Jump to behavior

Source: classification engine

Classification label: clean1.win@21/75@8/4

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1896,i,15569224392608360037,13946120855451749353,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=1964 /prefetch:3
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.tsdrms.net/?Go=SIG&Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3D"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1896,i,15569224392608360037,13946120855451749353,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=1964 /prefetch:3	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior

Click here to start
Slideshow Behavior Animation

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
13.107.246.40	s-part-0012.t-0009.t-msedge.net	United States	8068	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
209.190.169.36	www.tsdrms.net	United States	17054	AS17054US	false
142.251.40.132	www.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.7

Contacted Domains

Name	IP	Active
www.tsdrms.net	209.190.169.36	true
s-part-0012.t-0009.t-msedge.net	13.107.246.40	true
www.google.com	142.251.40.132	true
stckjs.stackify.com	unknown	unknown

Contacted URLs

Name	Malicious	Reputation
https://stckjs.stackify.com/stckjs.js	false	high
https://www.tsdrms.net/Telerik.Web.UI.WebResource.axd?d=PMrIT5dOWaVYIcpFWUE4nP9yWVW_LPdGCuxImvKb9GvHd8tdC9UtVu5NWbQus4fzitpTcCAh-TLo4rvA1_2ay2obIuRnun36ZkXyVXjq4plK31M0Kb2SlXIlkm2-yMZm0&t=638780296757989810&compress=1&_TSM_CombinedScripts_=%3b%3bRmsDotNet%3aen-US%3a1acf599b-6f62-4d96-b264-57bc163834b1%3a9a2a500a%3a5be57624%3af9dcecd7%3bTelerik.Web.UI%2c+Version%3d2023.3.1010.45%2c+Culture%3dneutral%2c+PublicKeyToken%3d121fae78165ba3d4%3aen-US%3a366ce917-c5cd-4c60-b5c7-0560a9bf3282%3a505983de%3ad7e35272%3a3e0dfe6c%3ae7750fd8	false	high
https://www.tsdrms.net/ScriptResource.axd?d=ZhcY_FEp20YikoUyFfo5TDD7NM4KOAKGCSFxGjiNwKHSB1B7HXW_f_WINi4g8D8Z8ZjmOX4GqDo7oaVrV_kykuU1iK4yqJOZHgBnrhUWG42r2UGQyD1uHrw4UkuiXWlMWiAVLPnTAh80w81Wh5B1wA2&t=7328cdd6	false	high
https://www.tsdrms.net/ScriptResource.axd?d=pL5wgiwL1GpmyqMwhkDjF_baONxN0QlVODWdXkrM68UwFTBBf66YJ_8v8UZubtvXn-i_nP_T_610TA7UG1I8TO8Pkv8JoLPbbF_VTpJFvmtFecoFHp_7v1N0AcwbptJYuHNEZH6--JI2i3QioJWnqA2&t=7328cdd6	false	high
https://www.tsdrms.net/ScriptResource.axd?d=6q2f3O5KC8zLZ35GnSZEMv1V1a8PmmwfciLNBUj99DIWo3gUndkWalzOJJD7GaL4GGuNGHALj_XNFIOA27ttvutBPQxeHwB-17JAJ_gkYPYmmwSxBu1JOVP6FGXqyrfwpt7g9Y_cgYZvMdldX7m48r_aJYjDc2W2Im9Ogi_eF141&t=7328cdd6	false	high
http://c.pki.goog/r/r4.crl	false	high
https://www.tsdrms.net/ScriptResource.axd?d=oTWEP7ThC1yo24ooSsBTo_LJxmNyme-Yok7GCXb6_a-LJRFewqhLpOoKfi8Cwm8rRgqWEjFp-F_GxrB7I8zvgmzbFnX7YAP3Db08c9SPRGhDYslILnZwa4hsv45RuWcSHjVngGIWiqPNKpgi_v4fT_UnqX7Yqd0KgtxZbBhGyp81&t=7328cdd6	false	high
https://www.tsdrms.net/WebResource.axd?d=2mQsUKsJJtk-3PzVoAymQnP7iqEHlCfdEuOUuY-kEdpNEip0AneWNCGKuWS0VrS3QJts5_XQpL0R3OWOqadsabt2aICjIfwgebpo1crKqjd5Gg8-pFcLh14Fjf9HEq2C0&t=638779009524259514	false	high
https://www.tsdrms.net/ScriptResource.axd?d=p7uNRdaoc4-b1DBapoIeEPQqm9a_rKxtxU1ySVwU8oxt5vN-WAOvfSyh3oNPr3ZkQ0OSE6atwwC9aE-F6fchWugRYq4tPbwKUdGJcnrUpRP0M4ABhtJ3GlPFhlGZEJvU6OXbhXS1DgLFo8m8HSrnuz5eHbqb2KQnnje_mET_T6s1&t=7328cdd6	false	high
https://www.tsdrms.net/ScriptResource.axd?d=Taq5viT0lCo7nhcwUrcGx8cW2EqbMV2DtFpuEerteMtS0BClhNikofIWULWTTu42AjmgkpNzjUWUEZaaNSazI479uw1eLx42f-lCDbznKb-5wlTyUVSkv-4MVzscxjjjb4Myi6juCnz7qSEjuc7Szg2&t=7328cdd6	false	high
https://www.tsdrms.net/ScriptResource.axd?d=KlfC4ae2T77svfC92c_tARKZQY7M2b7ylcmIQU8L_u71TC4lNzNp2M1BSmV6XZgGislkXnn465poiohvXmyC_Mn7sQY8m0x8UnBUuYkvibEXVWHFnDdHrQ6Rtm_Sp5-6_Lzo_DhcABqYCY7Wd6xdHQ2&t=7328cdd6	false	high
https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3d	false	high
https://www.tsdrms.net/ScriptResource.axd?d=uHIkleVeDJf4xS50Krz-yA3WQcwvH-SXeubYbtmZiwLPfURCTL-PE4bZ_IQ2v_V-d7t3mwJk9FxgY7T3G75Jkrc-EOMcUSFTk_6p-TjwuNcH1K5IMThYCMZLdq8bkVD2sq5PMTEjSSpow-SPEifZS4-uDObvpcY4JKLr_5Vv1e01&t=b990ecd	false	high
https://www.tsdrms.net/ScriptResource.axd?d=PVwahu2UCS6NMfsBPGrJ9zAxqsSrWGgb9wJtaHil08CsmjW-tr_N97cCpmIvZ0ohK6NbaF2iSRpC6F10g9heMRLgnZ8PXh3WDd5wA9oN_k2yUMW57VbcVOHgEH0_J_-W5sOxDKgoO3aLzO4DxMlgAA2&t=7328cdd6	false	high
http://c.pki.goog/r/gsr1.crl	false	high
https://www.tsdrms.net/RadControls/Ajax/LoadingProgressBar.gif	false	high
https://www.tsdrms.net/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZCQHhlIJUflz_eYx-RNIGCMw0FFlfHLytob_9ULfna0joSOOcCOcAsFGRiuTsMiouA2&t=638780296759708690	false	high
https://www.tsdrms.net/WebResource.axd?d=S942o5NpNFJ4S0MrALCnJBClVN2LGBKTmQGBk8JjcrMC6LIjaWEZUgvT8Tbm4Qjj6adI5LNSTHq9fu1gmahUvWZhQ9-6U_PxB94DmAxv8D6jrTWQLegEjPbpACRNeueA0&t=638779009524259514	false	high
https://www.tsdrms.net/WebResource.axd?d=vrJQWbErxr_ZHmhKucriM4QhwT83cg-PrO7o35AEKaF13L0ZjPQ4Ra8tYA9qSBwmk2snrhLqlDexIA59sq8wvoWME3VKLdIYIfGB2kPpM3pRKuoEYbTKkjHCEYLaEcDk4gdVZ-kHxQm1dJq75whwNg2&t=638755637488522181	false	high
https://www.tsdrms.net/images/footer_logo154rez.png	false	high
https://www.tsdrms.net/ScriptResource.axd?d=Jw6tUGWnA15YEa3ai3FadFIOAPMtzo4xB9l-WW-G-7Ho44wc0RMpLbpeinbB308j40qsddE5duL8gWm7hdgAOb3cL6LWJl93uR9U4MklNLh_TH5mweu7fVYWRgasJqE_W5HxyhOXgn-TnTyXnDqy8iPsvIlN1ewKNcI3UqGJi8o1&t=b990ecd	false	high
https://www.tsdrms.net/ScriptResource.axd?d=dnHi0nMgDDe1Bo6v1KTdpNsRaTGLnaCA4IZbREZSJJJwvLDxwbDbFtikYD7BRqcgh9Dn3WEpv7FmfM-wAY9CoO556i8gBAXgO7_J_hFUU-MesVyPNONzHPDfHGrNZ5bWO-NEShS8DfD0U1HA-qG0PQ2&t=7328cdd6	false	high
https://www.tsdrms.net/WebResource.axd?d=-q4YBx0UbRW_Pm1G1znu2zDhyYlCNHAs_HCdGVp2tYsRwTth1bWXEsz6STF_mVmBLZKY0MAwbKTREgTb6hh3IFXCDDuXX0VOfg-PuIf2ZwRu8lfaPE0iRdR4kbSLVx9i0&t=638779009524259514	false	high
https://www.tsdrms.net/ScriptResource.axd?d=DnBhZK7c8H-TJp2F5YouF3HQYFVioPTWw3suPNWkN21vfwOsLC8RJLilvmsve3-Rxq1_JLUFaWUZaSjHjBzdfQRPZh7dSUp1cvspSTy9SoFa68GxkPBdgj0GUHvs8oNN9xcRyCCftah3TAtMvh2DYg2&t=7328cdd6	false	high
https://www.tsdrms.net/ShowFile.aspx?Name=Print%20Agreement-TOY-4647.jpg&Type=image/jpeg&Extension=.jpg&Disposition=inline&FileName=32fd1d87-fd08-4ce4-8bb1-64de8ba8284d	false	high
https://www.tsdrms.net/ScriptResource.axd?d=vbzqrQhv3ncWBk4jyRvwuxNzxx8f8b3Gzv7pJ61Sb_-q2tHGNsbGLJp-nrhNqNcGtEqznEr5YRgc0CgOMjW6piydgAnaB6wvDlt1hkW-JhHYo1SsuA5qaK2EFnRMLfuG0&t=ffffffffbea5e277	false	high
https://www.tsdrms.net/ScriptResource.axd?d=8u3ngCqoRB16IXgFyG-fdn2tq0UMRG2n0gRFWbepARqfDn12_ccM-Nfc9HBkOSsvqBfcT87m0Z7eLgaGoZoIXmbf2Elxh7IZgKzb6nHOp6Y-wxDTJvefJUQDc3fzgbKx0&t=7328cdd6	false	high
https://www.tsdrms.net/ScriptResource.axd?d=kJlKp4-GwOWHtOAUilzQiXjy8IMYHxkKdH5Ykh4rWJEAybtBlOK5SPjdvsZYtJMe96-eh2vQaU1azDt-fCD67eSuadFgrCjezZiCmQTFnTqNDs0osGRD4YRxf4GNrFz1AhB4NLJRgqvi_IBtTlCfjqTuReJPPz-Q6AXjjc_MSTa7k2aTBWUOaM0hZfKnJycS0&t=7328cdd6	false	high
https://www.tsdrms.net/WebResource.axd?d=ltkh5Ee7qWmzwJYG6AwzLIg-Q8XmVQUE5kW1CoEQBcmn6P5ExAPxF5ViZLu7ruQcmIdNYHNn-4BRpRiC25xWJUHxUzhCAH6SYbs3Cdyzu3o1&t=638779009524259514	false	high
https://www.tsdrms.net/ScriptResource.axd?d=U8OMYmPzb2LbIsKauUCqxqgbVht69dAmEp-zeMM1NOCJeHh7GdKjgAGJgCozhNygdCUHLne2zg0xcm6oC48g44TflCZQlSSwAb-6sV9A2qMkzr5FH2uKcSlxSDeOFpXLq6o7lxKUgx2ANmBQ5zHNqiDV6IswcqTuyG1KIu9izLU1&t=7328cdd6	false	high
https://www.tsdrms.net/WebResource.axd?d=me7k-UNSswsN82wRT4ZBWrndD0TEGb4DK1EjXoK1cY5g-ugXzGnb7VOuRNInLRY_E8pjOLJPCcPJHIUxe5AGw84JKN0IHSYfwWUy3hn8qFg1&t=638779009524259514	false	high
https://www.tsdrms.net/favicon.ico	false	high
https://www.tsdrms.net/ScriptResource.axd?d=fgH2o6PXbcTnUV6W8ibPa3xlClUvLv41uyP_T8wygd-se-DcJKsQ8w-wdEM8MdeS3WAWQyOUN9wcUQ3iPldZqxMdQByK0SjRlOyRPEn1w0F_ayNLqocMmqEXuLInTII70&t=7328cdd6	false	high
https://www.tsdrms.net/?Go=SIG&Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3D	false	high
https://www.tsdrms.net/ScriptResource.axd?d=46ZO5QrHUJEydEfBp83-z2FH-8IMQV0X4R0MfVcsSAeGFqmGZzcM1iHekRe7MfbJglfU6dX6b7L8jIenrnFY_maP1HS6_CSMAISGw1EZs6cw79TaQpB0f5ynq-k-E1KQqRbZ01BaPTcwuUmmw5LROg2&t=7328cdd6	false	high

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	ASCII text, with very long lines (5436)	3A5ACA4E0C73DE5568FB6A438467FF93	87844C6A4FE3A3069E899244FF797A93AD2B8A96	894188A305E98276ABC7116C7B3FFE05A3EAF09B11F311A31AD83558A60C97DB
Chrome Cache Entry: 101	ASCII text	28F5ED8BA6096A3B283AFDE163CC542D	EA64B713BF39D2C3E1CC92135F48E65C3C5E7DB9	8F9D32B4389B3179D6E6D0CD78EECF1537DCFB178745B379C6397A299C2C1400
Chrome Cache Entry: 102	ASCII text, with very long lines (458)	1C1809FBD92DFEB459F464AAF89040CC	9143135FAA185CC283C449DC7B5C1E4A216EFADC	09FBBEBE13F59E67B6963DEA45B9AB50B482C88EF6B81BB9A42F9138FEE15D40
Chrome Cache Entry: 103	data	69A0156F0A0FE1B115780CB5A37FD296	7968E513E27FACC681244B8E1EC54519FA82F216	BEC08E191ABC6FA55F7CA9747A20B954604EFBC8712836039835CF2D17281B22
Chrome Cache Entry: 104	Unicode text, UTF-8 text, with very long lines (930)	9E37DF0678C58B35AA8FFA09E335D7E4	A6C963354997B319337593DD3F64FC797DCBD30D	0184658A95E415C5403C1E62AC7427173B53959488033C7FA6EB55459A2DAAB9
Chrome Cache Entry: 105	MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel	FEF2A7B4C49A906078EB6504DA4E366A	4A9CD900A3D7000024FD00B6DAE5BE7CBA744F65	8EC0A807C5B8F55CC95D8F90A00AFF32B6A1F931EF00F2DBA61EA81081313275
Chrome Cache Entry: 106	ASCII text, with very long lines (39257), with CRLF line terminators	DA9DC1C32E89C02FC1E9EEB7E5AAB91E	3EFB110EFA6068CE6B586A67F87DA5125310BC30	398CDF1B27EF247E5BC77805F266BB441E60355463FC3D1776F41AAE58B08CF1
Chrome Cache Entry: 107	MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel	FEF2A7B4C49A906078EB6504DA4E366A	4A9CD900A3D7000024FD00B6DAE5BE7CBA744F65	8EC0A807C5B8F55CC95D8F90A00AFF32B6A1F931EF00F2DBA61EA81081313275
Chrome Cache Entry: 108	ASCII text, with very long lines (65329), with CRLF line terminators	C89EAA5B28DF1E17376BE71D71649173	2B34DF4C66BB57DE5A24A2EF0896271DFCA4F4CD	66B804E7A96A87C11E1DD74EA04AC2285DF5AD9043F48046C3E5000114D39B1C
Chrome Cache Entry: 109	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 816x2112, components 3	6DA02147AAFF259B13F6CDDA508A3617	07D78045E6649C9A9F3462B66CBB1430A019CB9F	41D6ED31E4888A0D8C37D8A37A11DFE99CE19927B309E8CC81C6E4B410F8F85F
Chrome Cache Entry: 110	GIF image data, version 89a, 65 x 13	F27D1BDF086516604CAA9311626E9E0A	7B1C5FCB6A4583647FB0399197C9DEFDD731CC67	5221BF2F307BCC8053C740C50471C942A96ADFA09A1C0378453C91881AA050A1
Chrome Cache Entry: 111	ASCII text, with CRLF line terminators	90EA7274F19755002360945D54C2A0D7	647B5D8BF7D119A2C97895363A07A0C6EB8CD284	40732E9DCFA704CF615E4691BB07AECFD1CC5E063220A46E4A7FF6560C77F5DB
Chrome Cache Entry: 112	Unicode text, UTF-8 text	EE625DD9D46D8064C395D6576CE58763	266255FA11F4C3A39A69E71964DC82623E8B022C	A36528EF685F308B2453336C51D1BCC71525EEB41F0F3A199978B1CB604AFE98
Chrome Cache Entry: 113	ASCII text, with very long lines (438)	4546FDB1E0B1B89780A89627959367BE	EFDFADA658220D903F8B9B78E64D53AA5B1A1BE8	55A588C3D6EE8182932B2E4AEA48D10056F4D4EEEE1E86271FB93220908BEFB3
Chrome Cache Entry: 114	ASCII text, with very long lines (519)	D04CAD8E56FB50D7DC1E2CEEEC08A57D	0D2B1B21195892D4102C67D52DDBE1AF176D8DA1	C85A5F11FF8F319EF90F7266A60674B621266408FECD3F6533ADB3C8D2540A62
Chrome Cache Entry: 115	ASCII text, with very long lines (61719), with CRLF line terminators	426A81C4A164FCFEEF6C393494760E0B	47BABE599E5CA31DD6CDD59C3B3E031E4630B75F	F3923F8F88BD2D0F3B8BEA5A0B073B9FE2B4BF28B6C164596216AB428D6CBF50
Chrome Cache Entry: 116	Unicode text, UTF-8 (with BOM) text, with CRLF line terminators	565641064AAF84E0D534A0A80EEDF41E	8B30CDDE407EE2ADAA52826A6A3A691D49AF7076	6C9FEEAEE1FE59D0A4A44FAA34642C3EC53C9454FF44078F52DC4D72610201DB
Chrome Cache Entry: 117	ASCII text, with very long lines (32027)	506E5BF6ABCF59B64157FEF50F304E4E	5C681E1A6A0EA94B91F683C1D8842E87213A1601	1F2C2E44E0666390BBF335374B8D7A2D0321A94A25483CCF4B5E1CE879CF85B8
Chrome Cache Entry: 118	ASCII text	0CB0497D4B6B03430B5AB6EC49FF2CBA	C2D437177B21E2D7233D51E1E2E0E95F12324A98	3110CE94B7A9693F65B3A4A298B28DF5D4FB61B0FD9668E9A258B32A0C3DE40D
Chrome Cache Entry: 119	ASCII text, with very long lines (1969), with CRLF line terminators	62915AA0BB4B59D97640501762A23F51	33561B28F1D6FE439B3F09B4B98D120C391B5124	AA3814BF8121A4774F5D94552E5DEA784A31038F1BC5470EB150A063593E0765
Chrome Cache Entry: 120	GIF image data, version 89a, 65 x 13	F27D1BDF086516604CAA9311626E9E0A	7B1C5FCB6A4583647FB0399197C9DEFDD731CC67	5221BF2F307BCC8053C740C50471C942A96ADFA09A1C0378453C91881AA050A1
Chrome Cache Entry: 121	JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 816x2112, components 3	6DA02147AAFF259B13F6CDDA508A3617	07D78045E6649C9A9F3462B66CBB1430A019CB9F	41D6ED31E4888A0D8C37D8A37A11DFE99CE19927B309E8CC81C6E4B410F8F85F
Chrome Cache Entry: 122	ASCII text	3D14517E4E53AED427A66E4CECB1CA55	2339A96E0C25E066E9072095421133D7A5D7AFCC	D3A5CB1C7B7EC61446D792D355A01E176906056C176FC36573EF319A55C4F1C4
Chrome Cache Entry: 123	PNG image data, 40 x 14, 8-bit/color RGBA, non-interlaced	94ADA0057B4ECFEB30C3786FCC608CF0	39BAD96B82076A1513EA6939FF008F355E742116	3967855E757757580FE1464D758F2DBCC5AA38006E4D6B46D07A652E43265406
Chrome Cache Entry: 124	ASCII text, with very long lines (65450), with CRLF line terminators	E9A6D5F25B9DE1216B81AF8E9E19C24A	89EAE24116E837BF3941E9677A7AC521B6B4E270	E2075DACBCF097EBF6CA41703BC5D835515A440E994E3B48A824C4613C671337
Chrome Cache Entry: 125	ASCII text, with very long lines (1827)	9D16BC346935A5AFD9B99B289DD4241F	104D24C4E417C8AC49EBF4437355291E4121B50A	D88CF468774A2119FDA793F91D3CA6B0E68E123173C90608BAC428103C1E9241
Chrome Cache Entry: 86	ASCII text, with very long lines (512)	8BDFCFD1ED87113563E83C20D0E4A65B	27B12CA443BDD1E643E8C462E7B9401018006482	CB9FF1698E22A614C091AA4D4B259662180D9158B2D04EC7C2DAB586BF0DBA9E
Chrome Cache Entry: 87	ASCII text, with very long lines (38516), with CRLF line terminators	E4FFFE0E2F213DB53F7258FB3A82535E	4CA8C92C6893F9504D8EB48C00A913C6FB6F5CB5	7E4D9D9E89DCA8175ECB505292D599BEB09B7631DA558FB76879D559032EE991
Chrome Cache Entry: 88	ASCII text, with very long lines (664), with no line terminators	1B755CDAB5787A2F72BC0E179ACF8437	F07B906CADD0168C6163676634A7DFC612AFE930	D80487AB7C615CAF1D289DCA7AD547A8D776CECD50817115C4F19BAC3341E017
Chrome Cache Entry: 89	PNG image data, 40 x 14, 8-bit/color RGBA, non-interlaced	94ADA0057B4ECFEB30C3786FCC608CF0	39BAD96B82076A1513EA6939FF008F355E742116	3967855E757757580FE1464D758F2DBCC5AA38006E4D6B46D07A652E43265406
Chrome Cache Entry: 90	ASCII text, with very long lines (813)	50890375B8AA1A9EB37102B71FD52417	88D51CEFC6E6076666033710C8BB652A358755AE	7CBE1870DAA76370658F8437AD1764967E70C8A2E3189ACACD7917C2B5EDB631
Chrome Cache Entry: 91	ASCII text, with very long lines (2472), with no line terminators	6B4E557C92C26D4CC9CC45C7460C4282	C1084D5B844AD043B2448BDE83ABAE80FB70A7EE	41287C870EB6A1F4D85EA2CB8B4F2E253FA71D31ECF7196CA9FE11CD1A6CF50D
Chrome Cache Entry: 92	ASCII text, with very long lines (742), with no line terminators	BEF93F96F6F9F02A921AC4F5012314D3	1A2CC5160BB393E39E575584052ED601B223A2F3	FBD249489FF901A3CD74251AA51F838A3325492EF0C54110D3D7427E044DB811
Chrome Cache Entry: 93	ASCII text, with very long lines (408)	0802356B3A009E344BD17EE3FB148958	324DC795720982614D705A1B7C5E808F61A690FA	5316756805B10027BDB631A6F3CCFDA2EC4B99014E554A276BE6D7F936B176C9
Chrome Cache Entry: 94	ASCII text, with very long lines (9908), with no line terminators	E4E54F14D04B66601D0C73C1FBD68FC9	DD51136E1863F3B90626490EA22C9233E62E6A7F	9F064D2FBD313A062404A9C387D64C5B77DB22F6EA184DCC3886C9BF64789D3D
Chrome Cache Entry: 95	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced	4997318F36CD44097036F512DF3711D8	B53A9E3EBD6238C9C2A3CE4DD29FC1C059857703	959228121A7F932A82C9254FF595DFE81591C8CF59876621974B1A8DB7E7E28B
Chrome Cache Entry: 96	PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced	4997318F36CD44097036F512DF3711D8	B53A9E3EBD6238C9C2A3CE4DD29FC1C059857703	959228121A7F932A82C9254FF595DFE81591C8CF59876621974B1A8DB7E7E28B
Chrome Cache Entry: 97	ASCII text	DDF4F156309DCBBFB8AD1D3C470B9304	15F43C7E7CD43B75CCFC86961E24C9A015281655	2B8AC1ED0A2F1D6368FD328344F39D0DA353015886189423667AE49926AC0ABE
Chrome Cache Entry: 98	ASCII text, with very long lines (65472)	DA233CD41FF0EC8598D8690E0610E687	DDE6E6ACC0ECE5990A318420FA06A553519CB721	F4ADF7A0F9347E891D43525A068B5826E2DC0304DD68DFF9C1475C2C10993A04
Chrome Cache Entry: 99	ASCII text	D959CF272F501BDA2E55EB8081CCF311	499BC95646AB85715159653BF26FCF5567BECEBC	19192EAA73E5519FC981E0E82C82D1F3DA0A34B844CC37ED844AB930496E8C37

HTML page contains hidden javascript code

Source: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3d

HTTP Parser: Base64 decoded: TSD Rental PROD

Source: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3d	HTTP Parser: No favicon
Source: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3d	HTTP Parser: No favicon

Source: unknown	HTTPS traffic detected: 142.251.40.132:443 -> 192.168.2.7:49690 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.190.169.36:443 -> 192.168.2.7:49691 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.190.169.36:443 -> 192.168.2.7:49692 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.40:443 -> 192.168.2.7:49701 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.190.169.36:443 -> 192.168.2.7:49705 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.98.62
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.215.203
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.98.62
Source: unknown	TCP traffic detected without corresponding DNS query: 23.199.215.203
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 20.189.173.15
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	TCP traffic detected without corresponding DNS query: 142.251.40.163
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /?Go=SIG&Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3D HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3d HTTP/1.1Host: www.tsdrms.netConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38
Source: global traffic	HTTP traffic detected: GET /Telerik.Web.UI.WebResource.axd?d=PMrIT5dOWaVYIcpFWUE4nP9yWVW_LPdGCuxImvKb9GvHd8tdC9UtVu5NWbQus4fzitpTcCAh-TLo4rvA1_2ay2obIuRnun36ZkXyVXjq4plK31M0Kb2SlXIlkm2-yMZm0&t=638780296757989810&compress=1&_TSM_CombinedScripts_=%3b%3bRmsDotNet%3aen-US%3a1acf599b-6f62-4d96-b264-57bc163834b1%3a9a2a500a%3a5be57624%3af9dcecd7%3bTelerik.Web.UI%2c+Version%3d2023.3.1010.45%2c+Culture%3dneutral%2c+PublicKeyToken%3d121fae78165ba3d4%3aen-US%3a366ce917-c5cd-4c60-b5c7-0560a9bf3282%3a505983de%3ad7e35272%3a3e0dfe6c%3ae7750fd8 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=iaiOiKB3VYPtv-3qQiIlmrwNyNWBxPhEnkLBeM93MxeKZbT0K4y35mcmkeGAw1wphHwe6J4MhvKwJ0D2mGencublt-zMtp9ztBoj0TRh6xuGz-yhy3RfrPaQ9hpeoi6c6_i4d0MrT1arpQEk0JDtWw2&t=638755637488522181 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=_tg1CM77smVeEL1E7ssmaEN2uGpiRgEHIkiaOvD9KYl5DEGynTOM9ZxpQ3QknkmaF8Y7GABo2iqvdF-oMpBJulAgrD77qPFuZ81lbQkTMj97Qy-ZPAR35EXgGLMALzhNf2n1R-9-iNXosMkMnQa6vg2&t=638755637488522181 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /RadControls/Ajax/LoadingProgressBar.gif HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=pynGkmcFUV13He1Qd6_TZCQHhlIJUflz_eYx-RNIGCMw0FFlfHLytob_9ULfna0joSOOcCOcAsFGRiuTsMiouA2&t=638780296759708690 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /stckjs.js HTTP/1.1Host: stckjs.stackify.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.tsdrms.net/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=S942o5NpNFJ4S0MrALCnJBClVN2LGBKTmQGBk8JjcrMC6LIjaWEZUgvT8Tbm4Qjj6adI5LNSTHq9fu1gmahUvWZhQ9-6U_PxB94DmAxv8D6jrTWQLegEjPbpACRNeueA0&t=638779009524259514 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=ltkh5Ee7qWmzwJYG6AwzLIg-Q8XmVQUE5kW1CoEQBcmn6P5ExAPxF5ViZLu7ruQcmIdNYHNn-4BRpRiC25xWJUHxUzhCAH6SYbs3Cdyzu3o1&t=638779009524259514 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /RadControls/Ajax/LoadingProgressBar.gif HTTP/1.1Host: www.tsdrms.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=-q4YBx0UbRW_Pm1G1znu2zDhyYlCNHAs_HCdGVp2tYsRwTth1bWXEsz6STF_mVmBLZKY0MAwbKTREgTb6hh3IFXCDDuXX0VOfg-PuIf2ZwRu8lfaPE0iRdR4kbSLVx9i0&t=638779009524259514 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=2mQsUKsJJtk-3PzVoAymQnP7iqEHlCfdEuOUuY-kEdpNEip0AneWNCGKuWS0VrS3QJts5_XQpL0R3OWOqadsabt2aICjIfwgebpo1crKqjd5Gg8-pFcLh14Fjf9HEq2C0&t=638779009524259514 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=me7k-UNSswsN82wRT4ZBWrndD0TEGb4DK1EjXoK1cY5g-ugXzGnb7VOuRNInLRY_E8pjOLJPCcPJHIUxe5AGw84JKN0IHSYfwWUy3hn8qFg1&t=638779009524259514 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=uHIkleVeDJf4xS50Krz-yA3WQcwvH-SXeubYbtmZiwLPfURCTL-PE4bZ_IQ2v_V-d7t3mwJk9FxgY7T3G75Jkrc-EOMcUSFTk_6p-TjwuNcH1K5IMThYCMZLdq8bkVD2sq5PMTEjSSpow-SPEifZS4-uDObvpcY4JKLr_5Vv1e01&t=b990ecd HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=Jw6tUGWnA15YEa3ai3FadFIOAPMtzo4xB9l-WW-G-7Ho44wc0RMpLbpeinbB308j40qsddE5duL8gWm7hdgAOb3cL6LWJl93uR9U4MklNLh_TH5mweu7fVYWRgasJqE_W5HxyhOXgn-TnTyXnDqy8iPsvIlN1ewKNcI3UqGJi8o1&t=b990ecd HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=vbzqrQhv3ncWBk4jyRvwuxNzxx8f8b3Gzv7pJ61Sb_-q2tHGNsbGLJp-nrhNqNcGtEqznEr5YRgc0CgOMjW6piydgAnaB6wvDlt1hkW-JhHYo1SsuA5qaK2EFnRMLfuG0&t=ffffffffbea5e277 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=8u3ngCqoRB16IXgFyG-fdn2tq0UMRG2n0gRFWbepARqfDn12_ccM-Nfc9HBkOSsvqBfcT87m0Z7eLgaGoZoIXmbf2Elxh7IZgKzb6nHOp6Y-wxDTJvefJUQDc3fzgbKx0&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=fgH2o6PXbcTnUV6W8ibPa3xlClUvLv41uyP_T8wygd-se-DcJKsQ8w-wdEM8MdeS3WAWQyOUN9wcUQ3iPldZqxMdQByK0SjRlOyRPEn1w0F_ayNLqocMmqEXuLInTII70&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=pL5wgiwL1GpmyqMwhkDjF_baONxN0QlVODWdXkrM68UwFTBBf66YJ_8v8UZubtvXn-i_nP_T_610TA7UG1I8TO8Pkv8JoLPbbF_VTpJFvmtFecoFHp_7v1N0AcwbptJYuHNEZH6--JI2i3QioJWnqA2&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=dnHi0nMgDDe1Bo6v1KTdpNsRaTGLnaCA4IZbREZSJJJwvLDxwbDbFtikYD7BRqcgh9Dn3WEpv7FmfM-wAY9CoO556i8gBAXgO7_J_hFUU-MesVyPNONzHPDfHGrNZ5bWO-NEShS8DfD0U1HA-qG0PQ2&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=U8OMYmPzb2LbIsKauUCqxqgbVht69dAmEp-zeMM1NOCJeHh7GdKjgAGJgCozhNygdCUHLne2zg0xcm6oC48g44TflCZQlSSwAb-6sV9A2qMkzr5FH2uKcSlxSDeOFpXLq6o7lxKUgx2ANmBQ5zHNqiDV6IswcqTuyG1KIu9izLU1&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=Taq5viT0lCo7nhcwUrcGx8cW2EqbMV2DtFpuEerteMtS0BClhNikofIWULWTTu42AjmgkpNzjUWUEZaaNSazI479uw1eLx42f-lCDbznKb-5wlTyUVSkv-4MVzscxjjjb4Myi6juCnz7qSEjuc7Szg2&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=p7uNRdaoc4-b1DBapoIeEPQqm9a_rKxtxU1ySVwU8oxt5vN-WAOvfSyh3oNPr3ZkQ0OSE6atwwC9aE-F6fchWugRYq4tPbwKUdGJcnrUpRP0M4ABhtJ3GlPFhlGZEJvU6OXbhXS1DgLFo8m8HSrnuz5eHbqb2KQnnje_mET_T6s1&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=DnBhZK7c8H-TJp2F5YouF3HQYFVioPTWw3suPNWkN21vfwOsLC8RJLilvmsve3-Rxq1_JLUFaWUZaSjHjBzdfQRPZh7dSUp1cvspSTy9SoFa68GxkPBdgj0GUHvs8oNN9xcRyCCftah3TAtMvh2DYg2&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=PVwahu2UCS6NMfsBPGrJ9zAxqsSrWGgb9wJtaHil08CsmjW-tr_N97cCpmIvZ0ohK6NbaF2iSRpC6F10g9heMRLgnZ8PXh3WDd5wA9oN_k2yUMW57VbcVOHgEH0_J_-W5sOxDKgoO3aLzO4DxMlgAA2&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=kJlKp4-GwOWHtOAUilzQiXjy8IMYHxkKdH5Ykh4rWJEAybtBlOK5SPjdvsZYtJMe96-eh2vQaU1azDt-fCD67eSuadFgrCjezZiCmQTFnTqNDs0osGRD4YRxf4GNrFz1AhB4NLJRgqvi_IBtTlCfjqTuReJPPz-Q6AXjjc_MSTa7k2aTBWUOaM0hZfKnJycS0&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=oTWEP7ThC1yo24ooSsBTo_LJxmNyme-Yok7GCXb6_a-LJRFewqhLpOoKfi8Cwm8rRgqWEjFp-F_GxrB7I8zvgmzbFnX7YAP3Db08c9SPRGhDYslILnZwa4hsv45RuWcSHjVngGIWiqPNKpgi_v4fT_UnqX7Yqd0KgtxZbBhGyp81&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=6q2f3O5KC8zLZ35GnSZEMv1V1a8PmmwfciLNBUj99DIWo3gUndkWalzOJJD7GaL4GGuNGHALj_XNFIOA27ttvutBPQxeHwB-17JAJ_gkYPYmmwSxBu1JOVP6FGXqyrfwpt7g9Y_cgYZvMdldX7m48r_aJYjDc2W2Im9Ogi_eF141&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=KlfC4ae2T77svfC92c_tARKZQY7M2b7ylcmIQU8L_u71TC4lNzNp2M1BSmV6XZgGislkXnn465poiohvXmyC_Mn7sQY8m0x8UnBUuYkvibEXVWHFnDdHrQ6Rtm_Sp5-6_Lzo_DhcABqYCY7Wd6xdHQ2&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=ZhcY_FEp20YikoUyFfo5TDD7NM4KOAKGCSFxGjiNwKHSB1B7HXW_f_WINi4g8D8Z8ZjmOX4GqDo7oaVrV_kykuU1iK4yqJOZHgBnrhUWG42r2UGQyD1uHrw4UkuiXWlMWiAVLPnTAh80w81Wh5B1wA2&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ScriptResource.axd?d=46ZO5QrHUJEydEfBp83-z2FH-8IMQV0X4R0MfVcsSAeGFqmGZzcM1iHekRe7MfbJglfU6dX6b7L8jIenrnFY_maP1HS6_CSMAISGw1EZs6cw79TaQpB0f5ynq-k-E1KQqRbZ01BaPTcwuUmmw5LROg2&t=7328cdd6 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ShowFile.aspx?Name=Print%20Agreement-TOY-4647.jpg&Type=image/jpeg&Extension=.jpg&Disposition=inline&FileName=32fd1d87-fd08-4ce4-8bb1-64de8ba8284d HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=vrJQWbErxr_ZHmhKucriM4QhwT83cg-PrO7o35AEKaF13L0ZjPQ4Ra8tYA9qSBwmk2snrhLqlDexIA59sq8wvoWME3VKLdIYIfGB2kPpM3pRKuoEYbTKkjHCEYLaEcDk4gdVZ-kHxQm1dJq75whwNg2&t=638755637488522181 HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /images/footer_logo154rez.png HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /WebResource.axd?d=vrJQWbErxr_ZHmhKucriM4QhwT83cg-PrO7o35AEKaF13L0ZjPQ4Ra8tYA9qSBwmk2snrhLqlDexIA59sq8wvoWME3VKLdIYIfGB2kPpM3pRKuoEYbTKkjHCEYLaEcDk4gdVZ-kHxQm1dJq75whwNg2&t=638755637488522181 HTTP/1.1Host: www.tsdrms.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /images/footer_logo154rez.png HTTP/1.1Host: www.tsdrms.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /ShowFile.aspx?Name=Print%20Agreement-TOY-4647.jpg&Type=image/jpeg&Extension=.jpg&Disposition=inline&FileName=32fd1d87-fd08-4ce4-8bb1-64de8ba8284d HTTP/1.1Host: www.tsdrms.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.tsdrms.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.tsdrms.net/mbl_SigCap.aspx?Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3dAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: www.tsdrms.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: ASP.NET_SessionId=ehevbem4evo3uzkesq1gfn1v; TSDSESSION=!Ros6joorpyr1bGkqdy6aTkYsYhbcrPeb8p3Dh1p/C+zi6UjVY6pgZB8voypzUmKpWYVU8etA40qdlQM=; TS01641bc2=01dbfa421c7e135b9cd60f88707aa76ef4870f42805126bbc46acb33e06bc6a70af875c5529fdb6845611e5c5de3e1147b6f271f38; __RequestVerificationToken=jdZjVYVf8IxYEl2SR-NMiW-maoSxJNqJyUuwXmwNBrzRqK082tq8-sktqZyXgG0Ml50LYRrVTYs43XW_gFqGz2Af2Kl6tYe1FDgonFgweWg1; _ga=GA1.1.1051171101.1744038635; _ga_3R3XEH84KS=GS1.1.1744038635.1.0.1744038635.0.0.0
Source: global traffic	HTTP traffic detected: GET /r/gsr1.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: /If-Modified-Since: Tue, 07 Jan 2025 07:28:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog
Source: global traffic	HTTP traffic detected: GET /r/r4.crl HTTP/1.1Cache-Control: max-age = 3000Connection: Keep-AliveAccept: /If-Modified-Since: Thu, 25 Jul 2024 14:48:00 GMTUser-Agent: Microsoft-CryptoAPI/10.0Host: c.pki.goog

Source: chromecache_100.1.dr	String found in binary or memory: Math.round(q);t["gtm.videoElapsedTime"]=Math.round(f);t["gtm.videoPercent"]=r;t["gtm.videoVisible"]=v;return t},Vk:function(){e=qb()},Md:function(){d()}}};var $b=va(["data-gtm-yt-inspected-"]),AH=["www.youtube.com","www.youtube-nocookie.com"],BH,CH=!1; equals www.youtube.com (Youtube)
Source: chromecache_100.1.dr	String found in binary or memory: S(b)\|\|Im(a,b)},b)},Jt=function(){return[L.m.R,L.m.T]},Kt=/^(?:www\.)?google(?:\.com?)?(?:\.[a-z]{2}t?)?$/,Lt=/^www\.googleadservices\.com$/,Pt=/^gad_source[_=](\d+)$/;function Ut(){return ro("dedupe_gclid",function(){return mr()})};var Vt=/^(www\.)?google(\.com?)?(\.[a-z]{2}t?)?$/,Wt=/^www.googleadservices.com$/;function Xt(a){a\|\|(a=Yt());return a.fo?!1:a.fn\|\|a.gn\|\|a.kn\|\|a.hn\|\|a.rf\|\|a.Pm\|\|a.jn\|\|a.Um?!0:!1}function Yt(){var a={},b=Sr(!0);a.fo=!!b._up;var c=ht();a.fn=c.aw!==void 0;a.gn=c.dc!==void 0;a.kn=c.wbraid!==void 0;a.hn=c.gbraid!==void 0;a.jn=c.gclsrc==="aw.ds";a.rf=Ht().rf;var d=A.referrer?dk(jk(A.referrer),"host"):"";a.Um=Vt.test(d);a.Pm=Wt.test(d);return a};var Zt=["https://www.google.com","https://www.youtube.com"]; equals www.youtube.com (Youtube)
Source: chromecache_100.1.dr	String found in binary or memory: if(!(f\|\|g\|\|k\|\|m.length\|\|n.length))return;var q={Vh:f,Th:g,Uh:k,Fi:m,Gi:n,qf:p,Rb:e},r=z.YT;if(r)return r.ready&&r.ready(d),e;var v=z.onYouTubeIframeAPIReady;z.onYouTubeIframeAPIReady=function(){v&&v();d()};C(function(){for(var u=A.getElementsByTagName("script"),t=u.length,w=0;w<t;w++){var x=u[w].getAttribute("src");if(LH(x,"iframe_api")\|\|LH(x,"player_api"))return e}for(var y=A.getElementsByTagName("iframe"),B=y.length,D=0;D<B;D++)if(!CH&&JH(y[D],q.qf))return sc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)

Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: www.tsdrms.net
Source: global traffic	DNS traffic detected: DNS query: stckjs.stackify.com

Source: chromecache_112.1.dr	String found in binary or memory: http://benalman.com/about/license/
Source: chromecache_112.1.dr	String found in binary or memory: http://benalman.com/projects/jquery-throttle-debounce-plugin/
Source: chromecache_112.1.dr	String found in binary or memory: http://gsgd.co.uk/sandbox/jquery/easing/
Source: chromecache_112.1.dr	String found in binary or memory: http://www.appcropolis.com)
Source: chromecache_112.1.dr	String found in binary or memory: http://www.gnu.org/licenses/gpl.html
Source: chromecache_112.1.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.php
Source: chromecache_100.1.dr	String found in binary or memory: https://adservice.google.com/pagead/regclk?
Source: chromecache_100.1.dr	String found in binary or memory: https://cct.google/taggy/agent.js
Source: chromecache_100.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com
Source: chromecache_100.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/ccm/collect
Source: chromecache_100.1.dr	String found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204?id=tcfe
Source: chromecache_100.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect
Source: chromecache_100.1.dr	String found in binary or memory: https://stats.g.doubleclick.net/g/collect?v=2&
Source: chromecache_100.1.dr	String found in binary or memory: https://td.doubleclick.net
Source: chromecache_100.1.dr	String found in binary or memory: https://www.google.com
Source: chromecache_100.1.dr	String found in binary or memory: https://www.google.com/ccm/collect
Source: chromecache_100.1.dr	String found in binary or memory: https://www.googleadservices.com
Source: chromecache_100.1.dr	String found in binary or memory: https://www.googletagmanager.com
Source: chromecache_100.1.dr	String found in binary or memory: https://www.googletagmanager.com/a?
Source: chromecache_100.1.dr	String found in binary or memory: https://www.googletagmanager.com/static/service_worker/
Source: chromecache_100.1.dr	String found in binary or memory: https://www.merchant-center-analytics.goog
Source: chromecache_100.1.dr	String found in binary or memory: https://www.youtube.com
Source: chromecache_100.1.dr	String found in binary or memory: https://www.youtube.com/iframe_api

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49700
Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49695 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49691 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49701 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49698
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49697
Source: unknown	Network traffic detected: HTTP traffic on port 49707 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49696
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49695
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49692
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49691
Source: unknown	Network traffic detected: HTTP traffic on port 49692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49703 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49690
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 49718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 49674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49678 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49697 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49719 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49690 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49719
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49718
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 49698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 49677 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49707
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49703
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49701

Source: unknown	HTTPS traffic detected: 142.251.40.132:443 -> 192.168.2.7:49690 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.190.169.36:443 -> 192.168.2.7:49691 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.190.169.36:443 -> 192.168.2.7:49692 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.40:443 -> 192.168.2.7:49701 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 209.190.169.36:443 -> 192.168.2.7:49705 version: TLS 1.2

Creates files inside the system directory

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Windows\SystemTemp\scoped_dir4984_7361478

Jump to behavior

Deletes files inside the Windows folder

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File deleted: C:\Windows\SystemTemp\scoped_dir4984_7361478

Jump to behavior

Source: classification engine

Classification label: clean1.win@21/75@8/4

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1896,i,15569224392608360037,13946120855451749353,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=1964 /prefetch:3
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.tsdrms.net/?Go=SIG&Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3D"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1896,i,15569224392608360037,13946120855451749353,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=1964 /prefetch:3	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1658479
Product:	CloudBasic
Start time:	17:09:26
Start date:	07.04.2025
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
https://www.tsdrms.net/?Go=SIG&Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3D

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report https://www.tsdrms.net/?Go=SIG&Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3D

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
https://www.tsdrms.net/?Go=SIG&Token=KlgLshTLKMDFz0ASIIoYI1sBF3NBqXmfnEogGiWmmqg%3D