Windows Analysis Report http://www.mdstrategies.com

Overview

General Information

Sample URL:	http://www.mdstrategies.com
Analysis ID:	502667
Infos:
Most interesting Screenshot:

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

HTML body contains low number of good links

No HTML title found

Classification

Signatures

Phishing:

HTML body contains low number of good links

Source: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f	HTTP Parser: Number of links: 1
Source: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f	HTTP Parser: Number of links: 1
Source: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx	HTTP Parser: Number of links: 0
Source: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx	HTTP Parser: Number of links: 0

No HTML title found

Source: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f	HTTP Parser: HTML title missing
Source: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f	HTTP Parser: HTML title missing
Source: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx	HTTP Parser: HTML title missing
Source: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx	HTTP Parser: HTML title missing

Source: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f	HTTP Parser: No <meta name="author".. found
Source: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f	HTTP Parser: No <meta name="author".. found
Source: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx	HTTP Parser: No <meta name="author".. found
Source: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx	HTTP Parser: No <meta name="author".. found

Source: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f	HTTP Parser: No <meta name="copyright".. found
Source: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f	HTTP Parser: No <meta name="copyright".. found
Source: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx	HTTP Parser: No <meta name="copyright".. found
Source: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Source: unknown	HTTPS traffic detected: 107.180.1.3:443 -> 192.168.2.6:49826 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.180.1.3:443 -> 192.168.2.6:49827 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.226.226.62:443 -> 192.168.2.6:49926 version: TLS 1.2

Source: unknown

DNS traffic detected: queries for: clients2.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50001
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50002
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfmX-Goog-Update-Updater: chromecrx-85.0.4183.121Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/css/bootstrap.css HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/css/style.css HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/css/dist/block-library/style.min.css?ver=5.4.2 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/embed-any-document/css/embed-public.min.css?ver=2.6.1 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.3 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/style.css?ver=5.4.2 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.2.26 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.2.26 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/js/bootstrap.js HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/04/new-banner2-1901x847.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/logo.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/images/banner-cont-bg.png HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/ml-slider/assets/sliders/flexslider/flexslider.css?ver=3.13.1 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.13.1 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/embed-any-document/js/pdfobject.min.js?ver=2.6.1 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/embed-any-document/js/embed-public.min.js?ver=2.6.1 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/wpcf7-redirect/js/wpcf7-redirect-script.js HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/assets/js/skip-link-focus-fix.js?ver=1.0 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/assets/js/global.js?ver=1.0 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/assets/js/jquery.scrollTo.js?ver=2.1.2 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.2.26 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/wp-embed.min.js?ver=5.4.2 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider.min.js?ver=3.13.1 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/ml-slider/assets/easing/jQuery.easing.min.js?ver=3.13.1 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/04/new-banner-1901x847.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/04/new-banner1-1901x847.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/icn01.png HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/icn02.png HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/icn03.png HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/icn04.png HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/wp-emoji-release.min.js?ver=5.4.2 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/about-bg-1.png HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/images/footer-img.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/fonts/josefinsans-semibold.woff2 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveOrigin: https://www.mdstrategies.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/fonts/josefinsans-bold.woff2 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveOrigin: https://www.mdstrategies.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/fonts/josefinsans-regular.woff2 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveOrigin: https://www.mdstrategies.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/favicon-32x32-1.png HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/favicon-32x32-1.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/logo.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/04/new-banner1-1901x847.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/04/new-banner2-1901x847.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/04/new-banner-1901x847.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/icn01.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/icn02.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Account/Login?ReturnUrl=%2f HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/icn03.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/icn04.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /assets/css/icons/icomoon/styles.css HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/css/bootstrap.css HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/css/core.css HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/css/components.css HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/css/colors.css HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/js/plugins/loaders/pace.min.js HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/js/core/libraries/jquery.min.js HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/js/core/libraries/bootstrap.min.js HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/js/plugins/loaders/blockui.min.js HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/js/plugins/forms/styling/uniform.min.js HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/js/core/app.js HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/js/pages/login.js HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://portal.mdstrategies.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=Roboto:400,300,100,500,700,900Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/css/icons/icomoon/fonts/icomoon.woff?3p0rtw HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveOrigin: https://portal.mdstrategies.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://portal.mdstrategies.com/assets/css/icons/icomoon/styles.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /training HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /training/ HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/css/login.css HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/css/form.css HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/js/jquery.js HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/js/jquery.curvycorners.js HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/js/jquery.pngFix.js HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/WebResource.axd?d=pbNn64BsvhCC7H1IAUyejwyEeivIF7H6PKLOsXYlvY7qvp9RKSPE8qZ-y583xizWGWVgfl8goRMqktoQ_47rW_yOQgg1&t=637290886660000000 HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/WebResource.axd?d=3SvgtNU4L35DXiXJcPQYqPYuuyHsOAyZcTDEk3azvL_j3ivwfwsWoriSzWIXro0J33ii4Iuc01G0tqfKpLb3FZ-FPXQ1&t=637290886660000000 HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/images/login-bg.jpg HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/WebResource.axd?d=pbNn64BsvhCC7H1IAUyejwyEeivIF7H6PKLOsXYlvY7qvp9RKSPE8qZ-y583xizWGWVgfl8goRMqktoQ_47rW_yOQgg1&t=637290886660000000&_=1634225989017 HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveAccept: text/javascript, application/javascript, /User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36X-Requested-With: XMLHttpRequestSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/WebResource.axd?d=3SvgtNU4L35DXiXJcPQYqPYuuyHsOAyZcTDEk3azvL_j3ivwfwsWoriSzWIXro0J33ii4Iuc01G0tqfKpLb3FZ-FPXQ1&t=637290886660000000&_=1634225989754 HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveAccept: text/javascript, application/javascript, /User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36X-Requested-With: XMLHttpRequestSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /category/coding-news/ HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/images/default.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/category/coding-news/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/logo.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.comIf-Modified-Since: Wed, 08 Apr 2020 18:33:21 GMTIf-None-Match: "544112e-2a89-5a2cbbc1f2a96"
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/images/default.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /education/ HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/education-1.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/education/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /icp/static/form/javascripts/validation.js HTTP/1.1Host: app.icontact.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/education/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /icp/static/form/javascripts/tracking.js HTTP/1.1Host: app.icontact.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/education/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /icp/static/human/css/signupBuilder/formGlobalStyles.css HTTP/1.1Host: app.icontact.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/education/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /icp/core/signup/tracking.gif?id=120&cid=280035&lid=54997 HTTP/1.1Host: app.icontact.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/education/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/education-1.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/logo.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.comIf-Modified-Since: Wed, 08 Apr 2020 18:33:21 GMTIf-None-Match: "544112e-2a89-5a2cbbc1f2a96"
Source: global traffic	HTTP traffic detected: GET /icp/core/signup/tracking.gif?id=120&cid=280035&lid=54997 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: app.icontact.com
Source: global traffic	HTTP traffic detected: GET /careers/ HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/about-cont-img-1.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/careers/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/about-cont-img-1.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/logo.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.comIf-Modified-Since: Wed, 08 Apr 2020 18:33:21 GMTIf-None-Match: "544112e-2a89-5a2cbbc1f2a96"
Source: global traffic	HTTP traffic detected: GET /category/uncategorized/www-ascoregon-org/ HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/fonts/josefinsans-semibold.woff HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveOrigin: https://www.mdstrategies.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/fonts/josefinsans-bold.woff HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveOrigin: https://www.mdstrategies.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/fonts/josefinsans-regular.woff HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveOrigin: https://www.mdstrategies.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /about/ HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/logo.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.comIf-Modified-Since: Wed, 08 Apr 2020 18:33:21 GMTIf-None-Match: "544112e-2a89-5a2cbbc1f2a96"
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/about-cont-img-1.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.comIf-Modified-Since: Wed, 08 Apr 2020 18:33:28 GMTIf-None-Match: "5441144-1eef8-5a2cbbc87eb52"
Source: global traffic	HTTP traffic detected: GET /coding/ HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/coding-1.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/coding/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/logo.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.comIf-Modified-Since: Wed, 08 Apr 2020 18:33:21 GMTIf-None-Match: "544112e-2a89-5a2cbbc1f2a96"
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/coding-1.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /auditing/ HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/audit-1.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/auditing/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/logo.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.comIf-Modified-Since: Wed, 08 Apr 2020 18:33:21 GMTIf-None-Match: "544112e-2a89-5a2cbbc1f2a96"
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/audit-1.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/mdstratergies/wp-content/uploads/2018/04/innerbanner.jpg HTTP/1.1Host: netitsystems.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/mdstratergies/wp-content/uploads/2018/04/innerbanner.jpg HTTP/1.1Host: netitsystems.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/mdstratergies/wp-content/uploads/2018/04/innerbanner.jpg HTTP/1.1Host: netitsystems.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/mdstratergies/wp-content/uploads/2018/04/innerbanner.jpg HTTP/1.1Host: netitsystems.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/mdstratergies/wp-content/uploads/2018/04/innerbanner.jpg HTTP/1.1Host: netitsystems.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/mdstratergies/wp-content/uploads/2018/04/innerbanner.jpg HTTP/1.1Host: netitsystems.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: Ruleset Data.0.dr	String found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
Source: Filtering Rules.0.dr	String found in binary or memory: www.facebook.com/ajax/ads/ equals www.facebook.com (Facebook)
Source: Filtering Rules.0.dr	String found in binary or memory: www.facebook.com0 equals www.facebook.com (Facebook)

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/10.0X-Powered-By: ASP.NETDate: Thu, 14 Oct 2021 06:39:51 GMTConnection: closeContent-Length: 1245
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 14 Oct 2021 06:39:55 GMTServer: ApacheX-Powered-By: PHP/7.4.23Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cacheX-Nitro-Cache: MISSX-Nitro-Disabled: 1X-Nitro-Disabled-Reason: 404Link: <http://netitsystems.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, Keep-AliveKeep-Alive: timeout=5, max=100Transfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 34 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 09 09 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 27 6a 73 27 3b 0a 09 3c 2f 73 63 72 69 70 74 3e 0a 0a 09 3c 73 63 72 69 70 74 3e 76 61 72 20 65 74 5f 73 69 74 65 5f 75 72 6c 3d 27 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 27 3b 76 61 72 20 65 74 5f 70 6f 73 74 5f 69 64 3d 27 30 27 3b 66 75 6e 63 74 69 6f 6e 20 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 5f 66 61 6c 6c 62 61 63 6b 28 61 2c 62 29 7b 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 62 26 26 28 62 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 26 26 30 3d 3d 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 2e 6c 65 6e 67 74 68 29 3b 62 26 26 28 61 2e 6f 6e 65 72 72 6f 72 3d 6e 75 6c 6c 2c 61 2e 6f 6e 6c 6f 61 64 3d 6e 75 6c 6c 2c 61 2e 68 72 65 66 3f 61 2e 68 72 65 66 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 3a 61 2e 73 72 63 26 26 28 61 2e 73 72 63 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 29 29 7d 0a 3c 2f 73 63 72 69 70 74 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 31 34 2e 37 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 14 Oct 2021 06:40:00 GMTServer: ApacheX-Powered-By: PHP/7.4.23Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cacheX-Nitro-Cache: MISSX-Nitro-Disabled: 1X-Nitro-Disabled-Reason: 404Link: <http://netitsystems.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, Keep-AliveKeep-Alive: timeout=5, max=100Transfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 34 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 09 09 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 27 6a 73 27 3b 0a 09 3c 2f 73 63 72 69 70 74 3e 0a 0a 09 3c 73 63 72 69 70 74 3e 76 61 72 20 65 74 5f 73 69 74 65 5f 75 72 6c 3d 27 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 27 3b 76 61 72 20 65 74 5f 70 6f 73 74 5f 69 64 3d 27 30 27 3b 66 75 6e 63 74 69 6f 6e 20 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 5f 66 61 6c 6c 62 61 63 6b 28 61 2c 62 29 7b 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 62 26 26 28 62 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 26 26 30 3d 3d 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 2e 6c 65 6e 67 74 68 29 3b 62 26 26 28 61 2e 6f 6e 65 72 72 6f 72 3d 6e 75 6c 6c 2c 61 2e 6f 6e 6c 6f 61 64 3d 6e 75 6c 6c 2c 61 2e 68 72 65 66 3f 61 2e 68 72 65 66 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 3a 61 2e 73 72 63 26 26 28 61 2e 73 72 63 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 29 29 7d 0a 3c 2f 73 63 72 69 70 74 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 31 34 2e 37 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 14 Oct 2021 06:40:08 GMTServer: ApacheX-Powered-By: PHP/7.4.23Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cacheX-Nitro-Cache: MISSX-Nitro-Disabled: 1X-Nitro-Disabled-Reason: 404Link: <http://netitsystems.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, Keep-AliveKeep-Alive: timeout=5, max=100Transfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 34 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 09 09 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 27 6a 73 27 3b 0a 09 3c 2f 73 63 72 69 70 74 3e 0a 0a 09 3c 73 63 72 69 70 74 3e 76 61 72 20 65 74 5f 73 69 74 65 5f 75 72 6c 3d 27 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 27 3b 76 61 72 20 65 74 5f 70 6f 73 74 5f 69 64 3d 27 30 27 3b 66 75 6e 63 74 69 6f 6e 20 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 5f 66 61 6c 6c 62 61 63 6b 28 61 2c 62 29 7b 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 62 26 26 28 62 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 26 26 30 3d 3d 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 2e 6c 65 6e 67 74 68 29 3b 62 26 26 28 61 2e 6f 6e 65 72 72 6f 72 3d 6e 75 6c 6c 2c 61 2e 6f 6e 6c 6f 61 64 3d 6e 75 6c 6c 2c 61 2e 68 72 65 66 3f 61 2e 68 72 65 66 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 3a 61 2e 73 72 63 26 26 28 61 2e 73 72 63 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 29 29 7d 0a 3c 2f 73 63 72 69 70 74 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 31 34 2e 37 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 14 Oct 2021 06:40:17 GMTServer: ApacheX-Powered-By: PHP/7.4.23Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cacheX-Nitro-Cache: MISSX-Nitro-Disabled: 1X-Nitro-Disabled-Reason: 404Link: <http://netitsystems.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, Keep-AliveKeep-Alive: timeout=5, max=100Transfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 34 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 09 09 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 27 6a 73 27 3b 0a 09 3c 2f 73 63 72 69 70 74 3e 0a 0a 09 3c 73 63 72 69 70 74 3e 76 61 72 20 65 74 5f 73 69 74 65 5f 75 72 6c 3d 27 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 27 3b 76 61 72 20 65 74 5f 70 6f 73 74 5f 69 64 3d 27 30 27 3b 66 75 6e 63 74 69 6f 6e 20 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 5f 66 61 6c 6c 62 61 63 6b 28 61 2c 62 29 7b 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 62 26 26 28 62 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 26 26 30 3d 3d 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 2e 6c 65 6e 67 74 68 29 3b 62 26 26 28 61 2e 6f 6e 65 72 72 6f 72 3d 6e 75 6c 6c 2c 61 2e 6f 6e 6c 6f 61 64 3d 6e 75 6c 6c 2c 61 2e 68 72 65 66 3f 61 2e 68 72 65 66 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 3a 61 2e 73 72 63 26 26 28 61 2e 73 72 63 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 29 29 7d 0a 3c 2f 73 63 72 69 70 74 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 31 34 2e 37 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 14 Oct 2021 06:40:25 GMTServer: ApacheX-Powered-By: PHP/7.4.23Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cacheX-Nitro-Cache: MISSX-Nitro-Disabled: 1X-Nitro-Disabled-Reason: 404Link: <http://netitsystems.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, Keep-AliveKeep-Alive: timeout=5, max=100Transfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 34 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 09 09 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 27 6a 73 27 3b 0a 09 3c 2f 73 63 72 69 70 74 3e 0a 0a 09 3c 73 63 72 69 70 74 3e 76 61 72 20 65 74 5f 73 69 74 65 5f 75 72 6c 3d 27 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 27 3b 76 61 72 20 65 74 5f 70 6f 73 74 5f 69 64 3d 27 30 27 3b 66 75 6e 63 74 69 6f 6e 20 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 5f 66 61 6c 6c 62 61 63 6b 28 61 2c 62 29 7b 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 62 26 26 28 62 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 26 26 30 3d 3d 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 2e 6c 65 6e 67 74 68 29 3b 62 26 26 28 61 2e 6f 6e 65 72 72 6f 72 3d 6e 75 6c 6c 2c 61 2e 6f 6e 6c 6f 61 64 3d 6e 75 6c 6c 2c 61 2e 68 72 65 66 3f 61 2e 68 72 65 66 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 3a 61 2e 73 72 63 26 26 28 61 2e 73 72 63 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 29 29 7d 0a 3c 2f 73 63 72 69 70 74 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 31 34 2e 37 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 14 Oct 2021 06:40:31 GMTServer: ApacheX-Powered-By: PHP/7.4.23Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cacheX-Nitro-Cache: MISSX-Nitro-Disabled: 1X-Nitro-Disabled-Reason: 404Link: <http://netitsystems.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, Keep-AliveKeep-Alive: timeout=5, max=100Transfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 34 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 09 09 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 27 6a 73 27 3b 0a 09 3c 2f 73 63 72 69 70 74 3e 0a 0a 09 3c 73 63 72 69 70 74 3e 76 61 72 20 65 74 5f 73 69 74 65 5f 75 72 6c 3d 27 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 27 3b 76 61 72 20 65 74 5f 70 6f 73 74 5f 69 64 3d 27 30 27 3b 66 75 6e 63 74 69 6f 6e 20 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 5f 66 61 6c 6c 62 61 63 6b 28 61 2c 62 29 7b 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 62 26 26 28 62 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 26 26 30 3d 3d 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 2e 6c 65 6e 67 74 68 29 3b 62 26 26 28 61 2e 6f 6e 65 72 72 6f 72 3d 6e 75 6c 6c 2c 61 2e 6f 6e 6c 6f 61 64 3d 6e 75 6c 6c 2c 61 2e 68 72 65 66 3f 61 2e 68 72 65 66 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 3a 61 2e 73 72 63 26 26 28 61 2e 73 72 63 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 29 29 7d 0a 3c 2f 73 63 72 69 70 74 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 31 34 2e 37 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20

Source: angular.js.0.dr	String found in binary or memory: http://angularjs.org
Source: data_3.1.dr	String found in binary or memory: http://blue-anvil.com
Source: data_3.1.dr	String found in binary or memory: http://crl.pki.goog/gsr1/gsr1.crl0;
Source: data_3.1.dr	String found in binary or memory: http://crl.pki.goog/gtsr1/gtsr1.crl0W
Source: data_3.1.dr	String found in binary or memory: http://crls.pki.goog/gts1c3/fVJxbV-Ktmk.crl0
Source: angular.js.0.dr	String found in binary or memory: http://errors.angularjs.org/1.6.4-local
Source: data_3.1.dr	String found in binary or memory: http://flesler.blogspot.com
Source: data_3.1.dr	String found in binary or memory: http://flesler.blogspot.com/2007/10/jqueryscrollto.html
Source: data_3.1.dr	String found in binary or memory: http://gsgd.co.uk/sandbox/jquery/easing/
Source: data_2.1.dr	String found in binary or memory: http://jquery.andreaseberhard.de/
Source: data_3.1.dr	String found in binary or memory: http://ocsp.pki.goog/gsr10)
Source: data_3.1.dr	String found in binary or memory: http://ocsp.pki.goog/gts1c301
Source: data_3.1.dr	String found in binary or memory: http://ocsp.pki.goog/gtsr100
Source: data_2.1.dr	String found in binary or memory: http://pipwerks.mit-license.org/
Source: data_3.1.dr	String found in binary or memory: http://pki.goog/gsr1/gsr1.crt02
Source: data_3.1.dr	String found in binary or memory: http://pki.goog/repo/certs/gts1c3.der0
Source: data_3.1.dr	String found in binary or memory: http://pki.goog/repo/certs/gtsr1.der04
Source: data_3.1.dr	String found in binary or memory: http://stackoverflow.com/questions/14115080/detect-support-for-background-attachment-fixed
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: http://tools.ietf.org/html/rfc1950
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: data_3.1.dr	String found in binary or memory: http://www.curvycorners.net
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
Source: data_2.1.dr	String found in binary or memory: http://www.imagemagick.org
Source: Current Session.0.dr, data_1.1.dr, Favicons.0.dr	String found in binary or memory: http://www.mdstrategies.com/
Source: History Provider Cache.0.dr	String found in binary or memory: http://www.mdstrategies.com/2?Home
Source: data_1.1.dr	String found in binary or memory: http://www.mdstrategies.com/:
Source: History.0.dr	String found in binary or memory: http://www.mdstrategies.com/Home
Source: data_2.1.dr	String found in binary or memory: http://www.opensource.org/licenses/gpl-license.php)
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, manifest.json1.0.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://accounts.google.com
Source: craw_window.js.0.dr	String found in binary or memory: https://accounts.google.com/MergeSession
Source: d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://ajax.googleapis.com
Source: Network Action Predictor.0.dr	String found in binary or memory: https://ajax.googleapis.com/
Source: data_1.1.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Source: data_2.1.dr	String found in binary or memory: https://api.w.org/
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, manifest.json1.0.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://apis.google.com
Source: mirroring_common.js.0.dr	String found in binary or memory: https://apis.google.com/js/client.js
Source: Current Session.0.dr	String found in binary or memory: https://app.icontact.com/icp/core/mycontacts/signup/designer/form/
Source: data_1.1.dr	String found in binary or memory: https://app.icontact.com/icp/static/form/javascripts/tracking.js
Source: data_1.1.dr	String found in binary or memory: https://app.icontact.com/icp/static/form/javascripts/validation.js
Source: data_1.1.dr	String found in binary or memory: https://app.icontact.com/icp/static/human/css/signupBuilder/formGlobalStyles.css
Source: Network Action Predictor.0.dr	String found in binary or memory: https://app.mdstrategies.com/
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/WebResource.axd?d=3SvgtNU4L35DXiXJcPQYqPYuuyHsOAyZcTDEk3azvL_j
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/WebResource.axd?d=pbNn64BsvhCC7H1IAUyejwyEeivIF7H6PKLOsXYlvY7q
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/css/form.css
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/css/login.css
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/images/login-bg.jpg
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/images/login-bg.jpg/
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/js/jquery.curvycorners.js
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/js/jquery.js
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/js/jquery.pngFix.js
Source: Current Session.0.dr	String found in binary or memory: https://app.mdstrategies.com/Training/login.aspx
Source: Current Session.0.dr, data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx
Source: History.0.dr	String found in binary or memory: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxMd
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxoMC
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/favicon.ico
Source: Current Session.0.dr, data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/training
Source: data_1.1.dr, data_2.1.dr	String found in binary or memory: https://app.mdstrategies.com/training/
Source: History.0.dr	String found in binary or memory: https://app.mdstrategies.com/training/Md
Source: data_2.1.dr	String found in binary or memory: https://app.mdstrategies.com/training/Server:
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/training/X
Source: History.0.dr	String found in binary or memory: https://app.mdstrategies.com/trainingMd
Source: Current Session.0.dr	String found in binary or memory: https://app.mdstrategies.com/trainingr.
Source: mirroring_common.js.0.dr	String found in binary or memory: https://castedumessaging-pa.googleapis.com/v1
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://clients2.google.com
Source: mirroring_hangouts.js.0.dr, mirroring_cast_streaming.js.0.dr	String found in binary or memory: https://clients2.google.com/cr/report
Source: manifest.json1.0.dr	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: https://clients6.google.com
Source: d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://content-autofill.googleapis.com
Source: data_1.1.dr	String found in binary or memory: https://content-autofill.googleapis.com/v1/pages/Chc2LjEuMTcxNS4xNDQyL2VuIChHR0xMKRIfCa3_zMV_Ca28Egk
Source: data_1.1.dr	String found in binary or memory: https://content-autofill.googleapis.com/v1/pages/Chc2LjEuMTcxNS4xNDQyL2VuIChHR0xMKRIfCdmDYCp3s4NXEgk
Source: data_1.1.dr	String found in binary or memory: https://content-autofill.googleapis.com/v1/pages/Chc2LjEuMTcxNS4xNDQyL2VuIChHR0xMKRJLCZDfEgcN9pLAEgk
Source: manifest.json1.0.dr	String found in binary or memory: https://content.googleapis.com
Source: mirroring_cast_streaming.js.0.dr, common.js.0.dr	String found in binary or memory: https://crash.corp.google.com/samples?reportid=&q=
Source: LICENSE.txt.0.dr	String found in binary or memory: https://creativecommons.org/.
Source: LICENSE.txt.0.dr	String found in binary or memory: https://creativecommons.org/compatiblelicenses
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: https://creativecommons.org/publicdomain/zero/1.0/.
Source: data_2.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/apps-themes
Source: data_2.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/apps-themesCross-Origin-Resource-Policy:
Source: data_3.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/hosted-libraries-pushers
Source: data_3.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/hosted-libraries-pushersCross-Origin-Resource-Policy:
Source: Reporting and NEL.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
Source: data_2.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/apps-themes
Source: data_3.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk
Source: data_3.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
Source: data_3.1.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/CustomEvent/CustomEvent
Source: aed5d4fd-b705-4b61-93fa-c2c65ceddad6.tmp.1.dr, d831affb-24ef-4b04-9a43-190caa833f7f.tmp.1.dr, ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr, e61a105c-a85e-4dd8-8be2-17f9ac99bb4f.tmp.1.dr	String found in binary or memory: https://dns.google
Source: mirroring_common.js.0.dr	String found in binary or memory: https://docs.google.com
Source: LICENSE.txt.0.dr	String found in binary or memory: https://easylist.to/)
Source: manifest.json1.0.dr	String found in binary or memory: https://feedback.googleusercontent.com
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://fonts.googleapis.com
Source: Network Action Predictor.0.dr	String found in binary or memory: https://fonts.googleapis.com/
Source: data_1.1.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Libre
Source: data_1.1.dr, data_3.1.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Roboto:400
Source: manifest.json1.0.dr	String found in binary or memory: https://fonts.googleapis.com;
Source: data_3.1.dr	String found in binary or memory: https://fonts.gstatic.com
Source: data_3.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/librefranklin/v7/jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjg.woff2)
Source: data_3.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/librefranklin/v7/jizBREVItHgc8qDIbSTKq4XkRiUa6zoTjmbI.woff2)
Source: data_3.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/librefranklin/v7/jizBREVItHgc8qDIbSTKq4XkRiUa6zsTjmbI.woff2)
Source: data_3.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/librefranklin/v7/jizDREVItHgc8qDIbSTKq4XkRiUQ2zcLig.woff2)
Source: data_3.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/librefranklin/v7/jizDREVItHgc8qDIbSTKq4XkRiUR2zcLig.woff2)
Source: data_3.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/librefranklin/v7/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2)
Source: data_1.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Source: data_1.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2ChoKCw1
Source: manifest.json1.0.dr	String found in binary or memory: https://fonts.gstatic.com;
Source: data_1.1.dr	String found in binary or memory: https://git.io/vWdr2
Source: data_3.1.dr	String found in binary or memory: https://github.com/Modernizr/Modernizr/
Source: material_css_min.css.0.dr	String found in binary or memory: https://github.com/angular/material
Source: LICENSE.txt.0.dr	String found in binary or memory: https://github.com/easylist)
Source: craw_window.js.0.dr, craw_background.js.0.dr	String found in binary or memory: https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: https://github.com/madler/zlib/blob/master/zlib.h
Source: data_2.1.dr	String found in binary or memory: https://github.com/pipwerks/PDFObject
Source: data_2.1.dr	String found in binary or memory: https://github.com/umdjs/umd/blob/master/templates/returnExports.js
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: https://hangouts.clients6.google.com
Source: manifest.json1.0.dr	String found in binary or memory: https://hangouts.google.com/
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: https://hangouts.google.com/hangouts/_/logpref
Source: mirroring_common.js.0.dr	String found in binary or memory: https://meet.google.com
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: https://meetings.clients6.google.com
Source: mirroring_common.js.0.dr	String found in binary or memory: https://networktraversal.googleapis.com/v1alpha
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://ogs.google.com
Source: craw_window.js.0.dr, manifest.json0.0.dr	String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: data_3.1.dr	String found in binary or memory: https://pki.goog/repository/0
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: Network Action Predictor.0.dr, Current Session.0.dr	String found in binary or memory: https://portal.mdstrategies.com/
Source: History Provider Cache.0.dr	String found in binary or memory: https://portal.mdstrategies.com/2
Source: Current Session.0.dr	String found in binary or memory: https://portal.mdstrategies.com/Account/Login
Source: Current Session.0.dr	String found in binary or memory: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f
Source: History Provider Cache.0.dr	String found in binary or memory: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f2
Source: History.0.dr	String found in binary or memory: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fLogin
Source: History.0.dr	String found in binary or memory: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fLogin/
Source: History.0.dr	String found in binary or memory: https://portal.mdstrategies.com/Login
Source: History.0.dr	String found in binary or memory: https://portal.mdstrategies.com/Login/
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/css/bootstrap.css
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/css/colors.css
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/css/components.css
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/css/core.css
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/css/core.cssW
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/css/icons/icomoon/fonts/icomoon.woff?3p0rtw
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/css/icons/icomoon/styles.css
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/css/icons/icomoon/styles.cssS
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/core/app.js
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/core/app.jso
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/core/libraries/bootstrap.min.js
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/core/libraries/jquery.min.js
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/core/libraries/jquery.min.jsgIr
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/pages/login.js
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/plugins/forms/styling/uniform.min.js
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/plugins/loaders/blockui.min.js
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/plugins/loaders/pace.min.js
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/plugins/loaders/pace.min.js?
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/favicon.ico
Source: Favicons.0.dr	String found in binary or memory: https://portal.mdstrategies.com/favicon.icoP
Source: Current Session.0.dr	String found in binary or memory: https://portal.mdstrategies.com/ueq
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: https://preprod-hangouts-googleapis.sandbox.google.com
Source: d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://r4---sn-4g5ednsd.gvt1.com
Source: data_3.1.dr	String found in binary or memory: https://r4---sn-4g5ednsd.gvt1.com/edgedl/chrome/dict/en-us-9-0.bdic?cms_redirect=yes&mh=I2&mip=102.1
Source: d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://redirector.gvt1.com
Source: data_1.1.dr	String found in binary or memory: https://redirector.gvt1.com/edgedl/chrome/dict/en-us-9-0.bdic
Source: craw_window.js.0.dr, manifest.json0.0.dr	String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://ssl.gstatic.com
Source: messages.json41.0.dr, feedback.html.0.dr	String found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.dr, feedback.html.0.dr	String found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: craw_window.js.0.dr, craw_background.js.0.dr	String found in binary or memory: https://www-googleapis-staging.sandbox.google.com
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, manifest.json1.0.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://www.google.com
Source: manifest.json0.0.dr	String found in binary or memory: https://www.google.com/
Source: craw_window.js.0.dr	String found in binary or memory: https://www.google.com/accounts/OAuthLogin?issueuberauth=1
Source: craw_window.js.0.dr	String found in binary or memory: https://www.google.com/images/cleardot.gif
Source: craw_window.js.0.dr	String found in binary or memory: https://www.google.com/images/dot2.gif
Source: craw_window.js.0.dr	String found in binary or memory: https://www.google.com/images/x2.gif
Source: craw_background.js.0.dr	String found in binary or memory: https://www.google.com/intl/en-US/chrome/blank.html
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: https://www.google.com/log?format=json&hasfast=true
Source: feedback_script.js.0.dr	String found in binary or memory: https://www.google.com/tools/feedback
Source: manifest.json1.0.dr	String found in binary or memory: https://www.google.com;
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, craw_window.js.0.dr, craw_background.js.0.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://www.googleapis.com
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/
Source: manifest.json1.0.dr	String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json1.0.dr	String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json1.0.dr	String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json1.0.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json1.0.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json1.0.dr	String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json1.0.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json1.0.dr	String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: mirroring_common.js.0.dr	String found in binary or memory: https://www.googleapis.com/calendar/v3
Source: mirroring_common.js.0.dr	String found in binary or memory: https://www.googleapis.com/hangouts/v1
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://www.gstatic.com
Source: common.js.0.dr	String found in binary or memory: https://www.gstatic.com/hangouts_echo_detector/release/%
Source: manifest.json1.0.dr	String found in binary or memory: https://www.gstatic.com;
Source: data_2.1.dr, Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/
Source: History Provider Cache.0.dr	String found in binary or memory: https://www.mdstrategies.com/2?Home
Source: data_2.1.dr	String found in binary or memory: https://www.mdstrategies.com/?p=20
Source: data_2.1.dr	String found in binary or memory: https://www.mdstrategies.com/?p=23
Source: data_2.1.dr	String found in binary or memory: https://www.mdstrategies.com/?p=25
Source: data_2.1.dr	String found in binary or memory: https://www.mdstrategies.com/?p=29
Source: data_2.1.dr	String found in binary or memory: https://www.mdstrategies.com/?p=49
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/Content-Length:
Source: History.0.dr	String found in binary or memory: https://www.mdstrategies.com/Home
Source: Current Session.0.dr, Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/about/
Source: History.0.dr	String found in binary or memory: https://www.mdstrategies.com/about/ABOUT
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/about/D
Source: Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/about/K
Source: Current Session.0.dr, data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/auditing/
Source: Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/auditing/(
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/auditing/-
Source: History.0.dr	String found in binary or memory: https://www.mdstrategies.com/auditing/MEDICAL
Source: Current Session.0.dr	String found in binary or memory: https://www.mdstrategies.com/auditing/xez.
Source: Current Session.0.dr, data_1.1.dr, Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/careers/
Source: Current Session.0.dr	String found in binary or memory: https://www.mdstrategies.com/careers/(Z
Source: History.0.dr	String found in binary or memory: https://www.mdstrategies.com/careers/ASC
Source: Current Session.0.dr, data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/category/coding-news/
Source: Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/category/coding-news/A
Source: History.0.dr	String found in binary or memory: https://www.mdstrategies.com/category/coding-news/Coding
Source: Current Session.0.dr	String found in binary or memory: https://www.mdstrategies.com/category/uncategorized/www-ascoregon-org/
Source: Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/category/uncategorized/www-ascoregon-org/)
Source: History.0.dr	String found in binary or memory: https://www.mdstrategies.com/category/uncategorized/www-ascoregon-org/Events
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/category/uncategorized/www-ascoregon-org/W(
Source: Current Session.0.dr, Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/coding/
Source: History.0.dr	String found in binary or memory: https://www.mdstrategies.com/coding/FULL
Source: Current Session.0.dr, History.0.dr	String found in binary or memory: https://www.mdstrategies.com/education/
Source: Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/education/6
Source: History.0.dr	String found in binary or memory: https://www.mdstrategies.com/education/EDUCATION
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/education/Of
Source: Current Session.0.dr	String found in binary or memory: https://www.mdstrategies.com/education/XEDUCATION
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.3
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/embed-any-document/css/embed-public.min.css?ver=2.6.
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/embed-any-document/js/embed-public.min.js?ver=2.6.1
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/embed-any-document/js/pdfobject.min.js?ver=2.6.1
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/ml-slider/assets/easing/jQuery.easing.min.js?ver=3.1
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.13.1
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.13.14
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/flexslider.css?v
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslide
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-pub
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-publ
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/wpcf7-redirect/js/wpcf7-redirect-script.js
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/assets/js/global.js?ver=1.0
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/assets/js/global.js?ver=1.0dKG5
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/assets/js/jquery.scrollTo.js?ver=2.1.2
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/assets/js/jquery.scrollTo.js?ver=2.1.23
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/assets/js/skip-link-focus-fix.js?ver=1.
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/bootstrap.css
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/style.css
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-bold.woff
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-bold.woff2
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-bold.woff2c
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-bold.woffIG9
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-regular.woff
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-regular.woff2
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-semibold.woff
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-semibold.woff2
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/images/banner-cont-bg.png
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/images/default.jpg
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/images/footer-img.jpg
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/js/bootstrap.js
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/style.css?ver=5.4.2
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/02/about-bg-1.png
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/02/icn01.png
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/02/icn02.png
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/02/icn03.png
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/02/icn04.png
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/02/icn04.pngE
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/02/logo.jpg
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/02/logo.jpgp
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/03/about-cont-img-1.jpg
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/03/audit-1.jpg
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/03/coding-1.jpg
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/03/education-1.jpg
Source: data_1.1.dr, Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/03/favicon-32x32-1.png
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/04/new-banner-1901x847.jpg
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/04/new-banner1-1901x847.jpg
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/04/new-banner2-1901x847.jpg
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-includes/js/wp-embed.min.js?ver=5.4.2
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
Source: data_2.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-json/

Source: unknown

HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9

Source: unknown	HTTPS traffic detected: 107.180.1.3:443 -> 192.168.2.6:49826 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.180.1.3:443 -> 192.168.2.6:49827 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.226.226.62:443 -> 192.168.2.6:49926 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\162628ad-1d92-4ddb-b8e7-2e213d0f7f88.tmp

Jump to behavior

Source: classification engine

Classification label: clean1.win@37/233@13/12

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'http://www.mdstrategies.com'
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1564,16111795685182632513,6191466307148351903,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1956 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1564,16111795685182632513,6191466307148351903,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1956 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-61684F27-1610.pma

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
148.66.137.37	netitsystems.com	Singapore	26496	AS-26496-GO-DADDY-COM-LLCUS	false
216.58.215.225	googlehosted.l.googleusercontent.com	United States	15169	GOOGLEUS	false
107.180.1.3	www.mdstrategies.com	United States	26496	AS-26496-GO-DADDY-COM-LLCUS	false
172.217.168.78	clients.l.google.com	United States	15169	GOOGLEUS	false
172.217.168.45	accounts.google.com	United States	15169	GOOGLEUS	false
34.226.226.62	app-temp-2146096302.us-east-1.elb.amazonaws.com	United States	14618	AMAZON-AESUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
40.84.237.199	portal.mdstrategies.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
104.215.83.131	app.mdstrategies.com	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
142.250.203.99	gstaticadssl.l.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.1
127.0.0.1

Contacted Domains

Name	IP	Active
gstaticadssl.l.google.com	142.250.203.99	true
accounts.google.com	172.217.168.45	true
portal.mdstrategies.com	40.84.237.199	true
app.mdstrategies.com	104.215.83.131	true
app-temp-2146096302.us-east-1.elb.amazonaws.com	34.226.226.62	true
www.mdstrategies.com	107.180.1.3	true
clients.l.google.com	172.217.168.78	true
netitsystems.com	148.66.137.37	true
s.w.org	192.0.77.48	true
googlehosted.l.googleusercontent.com	216.58.215.225	true
clients2.googleusercontent.com	unknown	unknown
clients2.google.com	unknown	unknown
app.icontact.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.mdstrategies.com/auditing/	false		unknown
https://app.icontact.com/icp/static/form/javascripts/tracking.js	false		high
https://www.mdstrategies.com/education/	false		unknown
https://www.mdstrategies.com/wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.13.1	false	Avira URL Cloud: safe	unknown
https://portal.mdstrategies.com/assets/js/plugins/loaders/blockui.min.js	false	Avira URL Cloud: safe	unknown
https://app.mdstrategies.com/favicon.ico	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/wp-content/plugins/ml-slider/assets/easing/jQuery.easing.min.js?ver=3.13.1	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/category/uncategorized/www-ascoregon-org/	false		unknown
https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-regular.woff	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/wp-content/plugins/embed-any-document/js/embed-public.min.js?ver=2.6.1	false	Avira URL Cloud: safe	unknown
https://app.mdstrategies.com/Training/images/login-bg.jpg	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/wp-content/themes/mdstratergies/images/banner-cont-bg.png	false	Avira URL Cloud: safe	unknown
https://portal.mdstrategies.com/assets/css/bootstrap.css	false	Avira URL Cloud: safe	unknown
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1	false		high
https://www.mdstrategies.com/wp-includes/js/wp-embed.min.js?ver=5.4.2	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/wp-content/uploads/2018/03/coding-1.jpg	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/coding/	false		unknown
https://www.mdstrategies.com/wp-content/uploads/2018/02/icn02.png	false	Avira URL Cloud: safe	unknown
https://portal.mdstrategies.com/assets/js/plugins/forms/styling/uniform.min.js	false	Avira URL Cloud: safe	unknown
https://portal.mdstrategies.com/assets/css/colors.css	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/wp-content/uploads/2018/03/education-1.jpg	false	Avira URL Cloud: safe	unknown
https://portal.mdstrategies.com/assets/js/plugins/loaders/pace.min.js	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2	false	Avira URL Cloud: safe	unknown
https://app.mdstrategies.com/Training/css/form.css	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/category/uncategorized/www-ascoregon-org/	false		unknown
https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-bold.woff	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/wp-content/uploads/2018/03/favicon-32x32-1.png	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/wp-content/themes/mdstratergies/assets/js/jquery.scrollTo.js?ver=2.1.2	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/wp-content/themes/mdstratergies/images/footer-img.jpg	false	Avira URL Cloud: safe	unknown
https://portal.mdstrategies.com/	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/category/coding-news/	false		unknown
https://app.icontact.com/icp/core/signup/tracking.gif?id=120&cid=280035&lid=54997	false		high
https://app.mdstrategies.com/Training/js/jquery.curvycorners.js	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/careers/	false		unknown
https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard	false		high
https://www.mdstrategies.com/about/	false		unknown
https://www.mdstrategies.com/	false		unknown
https://www.mdstrategies.com/wp-content/plugins/embed-any-document/js/pdfobject.min.js?ver=2.6.1	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-semibold.woff2	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/wp-content/uploads/2018/02/logo.jpg	false	Avira URL Cloud: safe	unknown
https://portal.mdstrategies.com/assets/css/components.css	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/auditing/	false		unknown
https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-semibold.woff	false	Avira URL Cloud: safe	unknown
https://www.mdstrategies.com/wp-content/uploads/2018/04/new-banner1-1901x847.jpg	false	Avira URL Cloud: safe	unknown

Phishing:

HTML body contains low number of good links

Source: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f	HTTP Parser: Number of links: 1
Source: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f	HTTP Parser: Number of links: 1
Source: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx	HTTP Parser: Number of links: 0
Source: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx	HTTP Parser: Number of links: 0

No HTML title found

Source: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f	HTTP Parser: HTML title missing
Source: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f	HTTP Parser: HTML title missing
Source: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx	HTTP Parser: HTML title missing
Source: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx	HTTP Parser: HTML title missing

Source: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f	HTTP Parser: No <meta name="author".. found
Source: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f	HTTP Parser: No <meta name="author".. found
Source: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx	HTTP Parser: No <meta name="author".. found
Source: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx	HTTP Parser: No <meta name="author".. found

Source: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f	HTTP Parser: No <meta name="copyright".. found
Source: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f	HTTP Parser: No <meta name="copyright".. found
Source: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx	HTTP Parser: No <meta name="copyright".. found
Source: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

Source: unknown	HTTPS traffic detected: 107.180.1.3:443 -> 192.168.2.6:49826 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.180.1.3:443 -> 192.168.2.6:49827 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.226.226.62:443 -> 192.168.2.6:49926 version: TLS 1.2

Source: unknown

DNS traffic detected: queries for: clients2.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49852 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49855
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49853
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49852
Source: unknown	Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49853 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 49917 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49855 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49924 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49844 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 49969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50001
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50002
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49924
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49917
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49843 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfmX-Goog-Update-Updater: chromecrx-85.0.4183.121Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/css/bootstrap.css HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/css/style.css HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/css/dist/block-library/style.min.css?ver=5.4.2 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/embed-any-document/css/embed-public.min.css?ver=2.6.1 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.3 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/style.css?ver=5.4.2 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.2.26 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.css?ver=3.2.26 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/js/bootstrap.js HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/04/new-banner2-1901x847.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/logo.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/images/banner-cont-bg.png HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/ml-slider/assets/sliders/flexslider/flexslider.css?ver=3.13.1 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.13.1 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/embed-any-document/js/pdfobject.min.js?ver=2.6.1 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/embed-any-document/js/embed-public.min.js?ver=2.6.1 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/wpcf7-redirect/js/wpcf7-redirect-script.js HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/assets/js/skip-link-focus-fix.js?ver=1.0 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/assets/js/global.js?ver=1.0 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/assets/js/jquery.scrollTo.js?ver=2.1.2 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.2.26 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/wp-embed.min.js?ver=5.4.2 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslider.min.js?ver=3.13.1 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/plugins/ml-slider/assets/easing/jQuery.easing.min.js?ver=3.13.1 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/04/new-banner-1901x847.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/04/new-banner1-1901x847.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/icn01.png HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/icn02.png HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/icn03.png HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/icn04.png HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-includes/js/wp-emoji-release.min.js?ver=5.4.2 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/about-bg-1.png HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/images/footer-img.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/fonts/josefinsans-semibold.woff2 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveOrigin: https://www.mdstrategies.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/fonts/josefinsans-bold.woff2 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveOrigin: https://www.mdstrategies.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/fonts/josefinsans-regular.woff2 HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveOrigin: https://www.mdstrategies.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/favicon-32x32-1.png HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/favicon-32x32-1.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/logo.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/04/new-banner1-1901x847.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/04/new-banner2-1901x847.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/04/new-banner-1901x847.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/icn01.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/icn02.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Account/Login?ReturnUrl=%2f HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/icn03.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/icn04.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /assets/css/icons/icomoon/styles.css HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/css/bootstrap.css HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/css/core.css HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/css/components.css HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/css/colors.css HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/js/plugins/loaders/pace.min.js HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/js/core/libraries/jquery.min.js HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/js/core/libraries/bootstrap.min.js HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/js/plugins/loaders/blockui.min.js HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/js/plugins/forms/styling/uniform.min.js HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /assets/js/core/app.js HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /crx/blobs/Acy1k0bLIjHsvnKaKN_oRpVaYYvFs25d7GKYF1WXrT6yizCMksBO0c_ggE0B6tx6HPRHe6q1GOEe3_NcIbSiGG8kXeLMUY0sAKVvC6R89zvKM13s5VqoAMZSmuUgjQL5vlygJuArQghXXE_qTL7NlQ/extension_8520_615_0_5.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/js/pages/login.js HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-aliveOrigin: https://portal.mdstrategies.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/css?family=Roboto:400,300,100,500,700,900Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /assets/css/icons/icomoon/fonts/icomoon.woff?3p0rtw HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveOrigin: https://portal.mdstrategies.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://portal.mdstrategies.com/assets/css/icons/icomoon/styles.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: portal.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: __RequestVerificationToken=KK95nCunspUV2d-Liz_igD2uOIkpyv6UQwfLrnPXJy7Gj9ZHKcfXvfVzIKI_SzlCaFEzT2CHXewk6W-UzAR9Xol88uP_ScpudgkO9PxP6dU1
Source: global traffic	HTTP traffic detected: GET /training HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /training/ HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/css/login.css HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/css/form.css HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/js/jquery.js HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/js/jquery.curvycorners.js HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/js/jquery.pngFix.js HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/WebResource.axd?d=pbNn64BsvhCC7H1IAUyejwyEeivIF7H6PKLOsXYlvY7qvp9RKSPE8qZ-y583xizWGWVgfl8goRMqktoQ_47rW_yOQgg1&t=637290886660000000 HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/WebResource.axd?d=3SvgtNU4L35DXiXJcPQYqPYuuyHsOAyZcTDEk3azvL_j3ivwfwsWoriSzWIXro0J33ii4Iuc01G0tqfKpLb3FZ-FPXQ1&t=637290886660000000 HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/images/login-bg.jpg HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/WebResource.axd?d=pbNn64BsvhCC7H1IAUyejwyEeivIF7H6PKLOsXYlvY7qvp9RKSPE8qZ-y583xizWGWVgfl8goRMqktoQ_47rW_yOQgg1&t=637290886660000000&_=1634225989017 HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveAccept: text/javascript, application/javascript, /User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36X-Requested-With: XMLHttpRequestSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /Training/WebResource.axd?d=3SvgtNU4L35DXiXJcPQYqPYuuyHsOAyZcTDEk3azvL_j3ivwfwsWoriSzWIXro0J33ii4Iuc01G0tqfKpLb3FZ-FPXQ1&t=637290886660000000&_=1634225989754 HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveAccept: text/javascript, application/javascript, /User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36X-Requested-With: XMLHttpRequestSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: app.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /category/coding-news/ HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/images/default.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/category/coding-news/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/logo.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.comIf-Modified-Since: Wed, 08 Apr 2020 18:33:21 GMTIf-None-Match: "544112e-2a89-5a2cbbc1f2a96"
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/images/default.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /education/ HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/education-1.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/education/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /icp/static/form/javascripts/validation.js HTTP/1.1Host: app.icontact.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/education/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /icp/static/form/javascripts/tracking.js HTTP/1.1Host: app.icontact.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.mdstrategies.com/education/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /icp/static/human/css/signupBuilder/formGlobalStyles.css HTTP/1.1Host: app.icontact.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.mdstrategies.com/education/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /icp/core/signup/tracking.gif?id=120&cid=280035&lid=54997 HTTP/1.1Host: app.icontact.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/education/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/education-1.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/logo.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.comIf-Modified-Since: Wed, 08 Apr 2020 18:33:21 GMTIf-None-Match: "544112e-2a89-5a2cbbc1f2a96"
Source: global traffic	HTTP traffic detected: GET /icp/core/signup/tracking.gif?id=120&cid=280035&lid=54997 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: app.icontact.com
Source: global traffic	HTTP traffic detected: GET /careers/ HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/about-cont-img-1.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/careers/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/about-cont-img-1.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/logo.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.comIf-Modified-Since: Wed, 08 Apr 2020 18:33:21 GMTIf-None-Match: "544112e-2a89-5a2cbbc1f2a96"
Source: global traffic	HTTP traffic detected: GET /category/uncategorized/www-ascoregon-org/ HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/fonts/josefinsans-semibold.woff HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveOrigin: https://www.mdstrategies.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/fonts/josefinsans-bold.woff HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveOrigin: https://www.mdstrategies.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/themes/mdstratergies/fonts/josefinsans-regular.woff HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveOrigin: https://www.mdstrategies.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/style.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /about/ HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/logo.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.comIf-Modified-Since: Wed, 08 Apr 2020 18:33:21 GMTIf-None-Match: "544112e-2a89-5a2cbbc1f2a96"
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/about-cont-img-1.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.comIf-Modified-Since: Wed, 08 Apr 2020 18:33:28 GMTIf-None-Match: "5441144-1eef8-5a2cbbc87eb52"
Source: global traffic	HTTP traffic detected: GET /coding/ HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/coding-1.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/coding/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/logo.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.comIf-Modified-Since: Wed, 08 Apr 2020 18:33:21 GMTIf-None-Match: "544112e-2a89-5a2cbbc1f2a96"
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/coding-1.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET /auditing/ HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/audit-1.jpg HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.mdstrategies.com/auditing/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/02/logo.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.comIf-Modified-Since: Wed, 08 Apr 2020 18:33:21 GMTIf-None-Match: "544112e-2a89-5a2cbbc1f2a96"
Source: global traffic	HTTP traffic detected: GET /wp-content/uploads/2018/03/audit-1.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: www.mdstrategies.com
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.mdstrategies.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/mdstratergies/wp-content/uploads/2018/04/innerbanner.jpg HTTP/1.1Host: netitsystems.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/mdstratergies/wp-content/uploads/2018/04/innerbanner.jpg HTTP/1.1Host: netitsystems.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/mdstratergies/wp-content/uploads/2018/04/innerbanner.jpg HTTP/1.1Host: netitsystems.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/mdstratergies/wp-content/uploads/2018/04/innerbanner.jpg HTTP/1.1Host: netitsystems.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/mdstratergies/wp-content/uploads/2018/04/innerbanner.jpg HTTP/1.1Host: netitsystems.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /client/mdstratergies/wp-content/uploads/2018/04/innerbanner.jpg HTTP/1.1Host: netitsystems.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: Ruleset Data.0.dr	String found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
Source: Filtering Rules.0.dr	String found in binary or memory: www.facebook.com/ajax/ads/ equals www.facebook.com (Facebook)
Source: Filtering Rules.0.dr	String found in binary or memory: www.facebook.com0 equals www.facebook.com (Facebook)

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/htmlServer: Microsoft-IIS/10.0X-Powered-By: ASP.NETDate: Thu, 14 Oct 2021 06:39:51 GMTConnection: closeContent-Length: 1245
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 14 Oct 2021 06:39:55 GMTServer: ApacheX-Powered-By: PHP/7.4.23Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cacheX-Nitro-Cache: MISSX-Nitro-Disabled: 1X-Nitro-Disabled-Reason: 404Link: <http://netitsystems.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, Keep-AliveKeep-Alive: timeout=5, max=100Transfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 34 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 09 09 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 27 6a 73 27 3b 0a 09 3c 2f 73 63 72 69 70 74 3e 0a 0a 09 3c 73 63 72 69 70 74 3e 76 61 72 20 65 74 5f 73 69 74 65 5f 75 72 6c 3d 27 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 27 3b 76 61 72 20 65 74 5f 70 6f 73 74 5f 69 64 3d 27 30 27 3b 66 75 6e 63 74 69 6f 6e 20 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 5f 66 61 6c 6c 62 61 63 6b 28 61 2c 62 29 7b 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 62 26 26 28 62 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 26 26 30 3d 3d 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 2e 6c 65 6e 67 74 68 29 3b 62 26 26 28 61 2e 6f 6e 65 72 72 6f 72 3d 6e 75 6c 6c 2c 61 2e 6f 6e 6c 6f 61 64 3d 6e 75 6c 6c 2c 61 2e 68 72 65 66 3f 61 2e 68 72 65 66 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 3a 61 2e 73 72 63 26 26 28 61 2e 73 72 63 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 29 29 7d 0a 3c 2f 73 63 72 69 70 74 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 31 34 2e 37 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 14 Oct 2021 06:40:00 GMTServer: ApacheX-Powered-By: PHP/7.4.23Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cacheX-Nitro-Cache: MISSX-Nitro-Disabled: 1X-Nitro-Disabled-Reason: 404Link: <http://netitsystems.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, Keep-AliveKeep-Alive: timeout=5, max=100Transfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 34 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 09 09 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 27 6a 73 27 3b 0a 09 3c 2f 73 63 72 69 70 74 3e 0a 0a 09 3c 73 63 72 69 70 74 3e 76 61 72 20 65 74 5f 73 69 74 65 5f 75 72 6c 3d 27 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 27 3b 76 61 72 20 65 74 5f 70 6f 73 74 5f 69 64 3d 27 30 27 3b 66 75 6e 63 74 69 6f 6e 20 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 5f 66 61 6c 6c 62 61 63 6b 28 61 2c 62 29 7b 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 62 26 26 28 62 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 26 26 30 3d 3d 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 2e 6c 65 6e 67 74 68 29 3b 62 26 26 28 61 2e 6f 6e 65 72 72 6f 72 3d 6e 75 6c 6c 2c 61 2e 6f 6e 6c 6f 61 64 3d 6e 75 6c 6c 2c 61 2e 68 72 65 66 3f 61 2e 68 72 65 66 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 3a 61 2e 73 72 63 26 26 28 61 2e 73 72 63 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 29 29 7d 0a 3c 2f 73 63 72 69 70 74 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 31 34 2e 37 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 14 Oct 2021 06:40:08 GMTServer: ApacheX-Powered-By: PHP/7.4.23Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cacheX-Nitro-Cache: MISSX-Nitro-Disabled: 1X-Nitro-Disabled-Reason: 404Link: <http://netitsystems.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, Keep-AliveKeep-Alive: timeout=5, max=100Transfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 34 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 09 09 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 27 6a 73 27 3b 0a 09 3c 2f 73 63 72 69 70 74 3e 0a 0a 09 3c 73 63 72 69 70 74 3e 76 61 72 20 65 74 5f 73 69 74 65 5f 75 72 6c 3d 27 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 27 3b 76 61 72 20 65 74 5f 70 6f 73 74 5f 69 64 3d 27 30 27 3b 66 75 6e 63 74 69 6f 6e 20 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 5f 66 61 6c 6c 62 61 63 6b 28 61 2c 62 29 7b 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 62 26 26 28 62 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 26 26 30 3d 3d 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 2e 6c 65 6e 67 74 68 29 3b 62 26 26 28 61 2e 6f 6e 65 72 72 6f 72 3d 6e 75 6c 6c 2c 61 2e 6f 6e 6c 6f 61 64 3d 6e 75 6c 6c 2c 61 2e 68 72 65 66 3f 61 2e 68 72 65 66 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 3a 61 2e 73 72 63 26 26 28 61 2e 73 72 63 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 29 29 7d 0a 3c 2f 73 63 72 69 70 74 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 31 34 2e 37 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 14 Oct 2021 06:40:17 GMTServer: ApacheX-Powered-By: PHP/7.4.23Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cacheX-Nitro-Cache: MISSX-Nitro-Disabled: 1X-Nitro-Disabled-Reason: 404Link: <http://netitsystems.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, Keep-AliveKeep-Alive: timeout=5, max=100Transfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 34 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 09 09 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 27 6a 73 27 3b 0a 09 3c 2f 73 63 72 69 70 74 3e 0a 0a 09 3c 73 63 72 69 70 74 3e 76 61 72 20 65 74 5f 73 69 74 65 5f 75 72 6c 3d 27 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 27 3b 76 61 72 20 65 74 5f 70 6f 73 74 5f 69 64 3d 27 30 27 3b 66 75 6e 63 74 69 6f 6e 20 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 5f 66 61 6c 6c 62 61 63 6b 28 61 2c 62 29 7b 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 62 26 26 28 62 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 26 26 30 3d 3d 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 2e 6c 65 6e 67 74 68 29 3b 62 26 26 28 61 2e 6f 6e 65 72 72 6f 72 3d 6e 75 6c 6c 2c 61 2e 6f 6e 6c 6f 61 64 3d 6e 75 6c 6c 2c 61 2e 68 72 65 66 3f 61 2e 68 72 65 66 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 3a 61 2e 73 72 63 26 26 28 61 2e 73 72 63 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 29 29 7d 0a 3c 2f 73 63 72 69 70 74 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 31 34 2e 37 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 14 Oct 2021 06:40:25 GMTServer: ApacheX-Powered-By: PHP/7.4.23Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cacheX-Nitro-Cache: MISSX-Nitro-Disabled: 1X-Nitro-Disabled-Reason: 404Link: <http://netitsystems.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, Keep-AliveKeep-Alive: timeout=5, max=100Transfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 34 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 09 09 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 27 6a 73 27 3b 0a 09 3c 2f 73 63 72 69 70 74 3e 0a 0a 09 3c 73 63 72 69 70 74 3e 76 61 72 20 65 74 5f 73 69 74 65 5f 75 72 6c 3d 27 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 27 3b 76 61 72 20 65 74 5f 70 6f 73 74 5f 69 64 3d 27 30 27 3b 66 75 6e 63 74 69 6f 6e 20 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 5f 66 61 6c 6c 62 61 63 6b 28 61 2c 62 29 7b 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 62 26 26 28 62 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 26 26 30 3d 3d 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 2e 6c 65 6e 67 74 68 29 3b 62 26 26 28 61 2e 6f 6e 65 72 72 6f 72 3d 6e 75 6c 6c 2c 61 2e 6f 6e 6c 6f 61 64 3d 6e 75 6c 6c 2c 61 2e 68 72 65 66 3f 61 2e 68 72 65 66 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 3a 61 2e 73 72 63 26 26 28 61 2e 73 72 63 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 29 29 7d 0a 3c 2f 73 63 72 69 70 74 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 31 34 2e 37 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 14 Oct 2021 06:40:31 GMTServer: ApacheX-Powered-By: PHP/7.4.23Expires: Wed, 11 Jan 1984 05:00:00 GMTCache-Control: no-cacheX-Nitro-Cache: MISSX-Nitro-Disabled: 1X-Nitro-Disabled-Reason: 404Link: <http://netitsystems.com/wp-json/>; rel="https://api.w.org/"Upgrade: h2,h2cConnection: Upgrade, Keep-AliveKeep-Alive: timeout=5, max=100Transfer-Encoding: chunkedContent-Type: text/html; charset=UTF-8Data Raw: 34 30 30 30 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 0a 3c 68 65 61 64 3e 0a 09 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 09 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 09 3c 6c 69 6e 6b 20 72 65 6c 3d 22 70 69 6e 67 62 61 63 6b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 2f 78 6d 6c 72 70 63 2e 70 68 70 22 20 2f 3e 0a 0a 09 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 09 09 64 6f 63 75 6d 65 6e 74 2e 64 6f 63 75 6d 65 6e 74 45 6c 65 6d 65 6e 74 2e 63 6c 61 73 73 4e 61 6d 65 20 3d 20 27 6a 73 27 3b 0a 09 3c 2f 73 63 72 69 70 74 3e 0a 0a 09 3c 73 63 72 69 70 74 3e 76 61 72 20 65 74 5f 73 69 74 65 5f 75 72 6c 3d 27 68 74 74 70 3a 2f 2f 6e 65 74 69 74 73 79 73 74 65 6d 73 2e 63 6f 6d 27 3b 76 61 72 20 65 74 5f 70 6f 73 74 5f 69 64 3d 27 30 27 3b 66 75 6e 63 74 69 6f 6e 20 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 5f 66 61 6c 6c 62 61 63 6b 28 61 2c 62 29 7b 22 75 6e 64 65 66 69 6e 65 64 22 3d 3d 3d 74 79 70 65 6f 66 20 62 26 26 28 62 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 26 26 30 3d 3d 3d 61 2e 73 68 65 65 74 2e 63 73 73 52 75 6c 65 73 2e 6c 65 6e 67 74 68 29 3b 62 26 26 28 61 2e 6f 6e 65 72 72 6f 72 3d 6e 75 6c 6c 2c 61 2e 6f 6e 6c 6f 61 64 3d 6e 75 6c 6c 2c 61 2e 68 72 65 66 3f 61 2e 68 72 65 66 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 3a 61 2e 73 72 63 26 26 28 61 2e 73 72 63 3d 65 74 5f 73 69 74 65 5f 75 72 6c 2b 22 2f 3f 65 74 5f 63 6f 72 65 5f 70 61 67 65 5f 72 65 73 6f 75 72 63 65 3d 22 2b 61 2e 69 64 2b 65 74 5f 70 6f 73 74 5f 69 64 29 29 7d 0a 3c 2f 73 63 72 69 70 74 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 27 72 6f 62 6f 74 73 27 20 63 6f 6e 74 65 6e 74 3d 27 6d 61 78 2d 69 6d 61 67 65 2d 70 72 65 76 69 65 77 3a 6c 61 72 67 65 27 20 2f 3e 0a 0a 09 3c 21 2d 2d 20 54 68 69 73 20 73 69 74 65 20 69 73 20 6f 70 74 69 6d 69 7a 65 64 20 77 69 74 68 20 74 68 65 20 59 6f 61 73 74 20 53 45 4f 20 70 6c 75 67 69 6e 20 76 31 34 2e 37 20 2d 20 68 74 74 70 73 3a 2f 2f 79 6f 61 73 74 2e 63 6f 6d 2f 77 6f 72 64 70 72 65 73 73 2f 70 6c 75 67 69 6e 73 2f 73 65 6f 2f 20 2d 2d 3e 0a 09 3c 74 69 74 6c 65 3e 50 61 67 65 20 6e 6f 74 20

Source: angular.js.0.dr	String found in binary or memory: http://angularjs.org
Source: data_3.1.dr	String found in binary or memory: http://blue-anvil.com
Source: data_3.1.dr	String found in binary or memory: http://crl.pki.goog/gsr1/gsr1.crl0;
Source: data_3.1.dr	String found in binary or memory: http://crl.pki.goog/gtsr1/gtsr1.crl0W
Source: data_3.1.dr	String found in binary or memory: http://crls.pki.goog/gts1c3/fVJxbV-Ktmk.crl0
Source: angular.js.0.dr	String found in binary or memory: http://errors.angularjs.org/1.6.4-local
Source: data_3.1.dr	String found in binary or memory: http://flesler.blogspot.com
Source: data_3.1.dr	String found in binary or memory: http://flesler.blogspot.com/2007/10/jqueryscrollto.html
Source: data_3.1.dr	String found in binary or memory: http://gsgd.co.uk/sandbox/jquery/easing/
Source: data_2.1.dr	String found in binary or memory: http://jquery.andreaseberhard.de/
Source: data_3.1.dr	String found in binary or memory: http://ocsp.pki.goog/gsr10)
Source: data_3.1.dr	String found in binary or memory: http://ocsp.pki.goog/gts1c301
Source: data_3.1.dr	String found in binary or memory: http://ocsp.pki.goog/gtsr100
Source: data_2.1.dr	String found in binary or memory: http://pipwerks.mit-license.org/
Source: data_3.1.dr	String found in binary or memory: http://pki.goog/gsr1/gsr1.crt02
Source: data_3.1.dr	String found in binary or memory: http://pki.goog/repo/certs/gts1c3.der0
Source: data_3.1.dr	String found in binary or memory: http://pki.goog/repo/certs/gtsr1.der04
Source: data_3.1.dr	String found in binary or memory: http://stackoverflow.com/questions/14115080/detect-support-for-background-attachment-fixed
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: http://tools.ietf.org/html/rfc1950
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: data_3.1.dr	String found in binary or memory: http://www.curvycorners.net
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
Source: data_2.1.dr	String found in binary or memory: http://www.imagemagick.org
Source: Current Session.0.dr, data_1.1.dr, Favicons.0.dr	String found in binary or memory: http://www.mdstrategies.com/
Source: History Provider Cache.0.dr	String found in binary or memory: http://www.mdstrategies.com/2?Home
Source: data_1.1.dr	String found in binary or memory: http://www.mdstrategies.com/:
Source: History.0.dr	String found in binary or memory: http://www.mdstrategies.com/Home
Source: data_2.1.dr	String found in binary or memory: http://www.opensource.org/licenses/gpl-license.php)
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, manifest.json1.0.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://accounts.google.com
Source: craw_window.js.0.dr	String found in binary or memory: https://accounts.google.com/MergeSession
Source: d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://ajax.googleapis.com
Source: Network Action Predictor.0.dr	String found in binary or memory: https://ajax.googleapis.com/
Source: data_1.1.dr	String found in binary or memory: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Source: data_2.1.dr	String found in binary or memory: https://api.w.org/
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, manifest.json1.0.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://apis.google.com
Source: mirroring_common.js.0.dr	String found in binary or memory: https://apis.google.com/js/client.js
Source: Current Session.0.dr	String found in binary or memory: https://app.icontact.com/icp/core/mycontacts/signup/designer/form/
Source: data_1.1.dr	String found in binary or memory: https://app.icontact.com/icp/static/form/javascripts/tracking.js
Source: data_1.1.dr	String found in binary or memory: https://app.icontact.com/icp/static/form/javascripts/validation.js
Source: data_1.1.dr	String found in binary or memory: https://app.icontact.com/icp/static/human/css/signupBuilder/formGlobalStyles.css
Source: Network Action Predictor.0.dr	String found in binary or memory: https://app.mdstrategies.com/
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/WebResource.axd?d=3SvgtNU4L35DXiXJcPQYqPYuuyHsOAyZcTDEk3azvL_j
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/WebResource.axd?d=pbNn64BsvhCC7H1IAUyejwyEeivIF7H6PKLOsXYlvY7q
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/css/form.css
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/css/login.css
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/images/login-bg.jpg
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/images/login-bg.jpg/
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/js/jquery.curvycorners.js
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/js/jquery.js
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/js/jquery.pngFix.js
Source: Current Session.0.dr	String found in binary or memory: https://app.mdstrategies.com/Training/login.aspx
Source: Current Session.0.dr, data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspx
Source: History.0.dr	String found in binary or memory: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxMd
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/Training/login.aspx?ReturnUrl=%2ftraining%2fdefault.aspxoMC
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/favicon.ico
Source: Current Session.0.dr, data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/training
Source: data_1.1.dr, data_2.1.dr	String found in binary or memory: https://app.mdstrategies.com/training/
Source: History.0.dr	String found in binary or memory: https://app.mdstrategies.com/training/Md
Source: data_2.1.dr	String found in binary or memory: https://app.mdstrategies.com/training/Server:
Source: data_1.1.dr	String found in binary or memory: https://app.mdstrategies.com/training/X
Source: History.0.dr	String found in binary or memory: https://app.mdstrategies.com/trainingMd
Source: Current Session.0.dr	String found in binary or memory: https://app.mdstrategies.com/trainingr.
Source: mirroring_common.js.0.dr	String found in binary or memory: https://castedumessaging-pa.googleapis.com/v1
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://clients2.google.com
Source: mirroring_hangouts.js.0.dr, mirroring_cast_streaming.js.0.dr	String found in binary or memory: https://clients2.google.com/cr/report
Source: manifest.json1.0.dr	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: https://clients6.google.com
Source: d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://content-autofill.googleapis.com
Source: data_1.1.dr	String found in binary or memory: https://content-autofill.googleapis.com/v1/pages/Chc2LjEuMTcxNS4xNDQyL2VuIChHR0xMKRIfCa3_zMV_Ca28Egk
Source: data_1.1.dr	String found in binary or memory: https://content-autofill.googleapis.com/v1/pages/Chc2LjEuMTcxNS4xNDQyL2VuIChHR0xMKRIfCdmDYCp3s4NXEgk
Source: data_1.1.dr	String found in binary or memory: https://content-autofill.googleapis.com/v1/pages/Chc2LjEuMTcxNS4xNDQyL2VuIChHR0xMKRJLCZDfEgcN9pLAEgk
Source: manifest.json1.0.dr	String found in binary or memory: https://content.googleapis.com
Source: mirroring_cast_streaming.js.0.dr, common.js.0.dr	String found in binary or memory: https://crash.corp.google.com/samples?reportid=&q=
Source: LICENSE.txt.0.dr	String found in binary or memory: https://creativecommons.org/.
Source: LICENSE.txt.0.dr	String found in binary or memory: https://creativecommons.org/compatiblelicenses
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: https://creativecommons.org/publicdomain/zero/1.0/.
Source: data_2.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/apps-themes
Source: data_2.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/apps-themesCross-Origin-Resource-Policy:
Source: data_3.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/hosted-libraries-pushers
Source: data_3.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/hosted-libraries-pushersCross-Origin-Resource-Policy:
Source: Reporting and NEL.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/IdentityListAccountsHttp/external
Source: data_2.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/apps-themes
Source: data_3.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk
Source: data_3.1.dr	String found in binary or memory: https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers
Source: data_3.1.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/CustomEvent/CustomEvent
Source: aed5d4fd-b705-4b61-93fa-c2c65ceddad6.tmp.1.dr, d831affb-24ef-4b04-9a43-190caa833f7f.tmp.1.dr, ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr, e61a105c-a85e-4dd8-8be2-17f9ac99bb4f.tmp.1.dr	String found in binary or memory: https://dns.google
Source: mirroring_common.js.0.dr	String found in binary or memory: https://docs.google.com
Source: LICENSE.txt.0.dr	String found in binary or memory: https://easylist.to/)
Source: manifest.json1.0.dr	String found in binary or memory: https://feedback.googleusercontent.com
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://fonts.googleapis.com
Source: Network Action Predictor.0.dr	String found in binary or memory: https://fonts.googleapis.com/
Source: data_1.1.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Libre
Source: data_1.1.dr, data_3.1.dr	String found in binary or memory: https://fonts.googleapis.com/css?family=Roboto:400
Source: manifest.json1.0.dr	String found in binary or memory: https://fonts.googleapis.com;
Source: data_3.1.dr	String found in binary or memory: https://fonts.gstatic.com
Source: data_3.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/librefranklin/v7/jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjg.woff2)
Source: data_3.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/librefranklin/v7/jizBREVItHgc8qDIbSTKq4XkRiUa6zoTjmbI.woff2)
Source: data_3.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/librefranklin/v7/jizBREVItHgc8qDIbSTKq4XkRiUa6zsTjmbI.woff2)
Source: data_3.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/librefranklin/v7/jizDREVItHgc8qDIbSTKq4XkRiUQ2zcLig.woff2)
Source: data_3.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/librefranklin/v7/jizDREVItHgc8qDIbSTKq4XkRiUR2zcLig.woff2)
Source: data_3.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/librefranklin/v7/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2)
Source: data_1.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Source: data_1.1.dr	String found in binary or memory: https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2ChoKCw1
Source: manifest.json1.0.dr	String found in binary or memory: https://fonts.gstatic.com;
Source: data_1.1.dr	String found in binary or memory: https://git.io/vWdr2
Source: data_3.1.dr	String found in binary or memory: https://github.com/Modernizr/Modernizr/
Source: material_css_min.css.0.dr	String found in binary or memory: https://github.com/angular/material
Source: LICENSE.txt.0.dr	String found in binary or memory: https://github.com/easylist)
Source: craw_window.js.0.dr, craw_background.js.0.dr	String found in binary or memory: https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: https://github.com/madler/zlib/blob/master/zlib.h
Source: data_2.1.dr	String found in binary or memory: https://github.com/pipwerks/PDFObject
Source: data_2.1.dr	String found in binary or memory: https://github.com/umdjs/umd/blob/master/templates/returnExports.js
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: https://hangouts.clients6.google.com
Source: manifest.json1.0.dr	String found in binary or memory: https://hangouts.google.com/
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: https://hangouts.google.com/hangouts/_/logpref
Source: mirroring_common.js.0.dr	String found in binary or memory: https://meet.google.com
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: https://meetings.clients6.google.com
Source: mirroring_common.js.0.dr	String found in binary or memory: https://networktraversal.googleapis.com/v1alpha
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://ogs.google.com
Source: craw_window.js.0.dr, manifest.json0.0.dr	String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: data_3.1.dr	String found in binary or memory: https://pki.goog/repository/0
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: Network Action Predictor.0.dr, Current Session.0.dr	String found in binary or memory: https://portal.mdstrategies.com/
Source: History Provider Cache.0.dr	String found in binary or memory: https://portal.mdstrategies.com/2
Source: Current Session.0.dr	String found in binary or memory: https://portal.mdstrategies.com/Account/Login
Source: Current Session.0.dr	String found in binary or memory: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f
Source: History Provider Cache.0.dr	String found in binary or memory: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2f2
Source: History.0.dr	String found in binary or memory: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fLogin
Source: History.0.dr	String found in binary or memory: https://portal.mdstrategies.com/Account/Login?ReturnUrl=%2fLogin/
Source: History.0.dr	String found in binary or memory: https://portal.mdstrategies.com/Login
Source: History.0.dr	String found in binary or memory: https://portal.mdstrategies.com/Login/
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/css/bootstrap.css
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/css/colors.css
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/css/components.css
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/css/core.css
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/css/core.cssW
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/css/icons/icomoon/fonts/icomoon.woff?3p0rtw
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/css/icons/icomoon/styles.css
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/css/icons/icomoon/styles.cssS
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/core/app.js
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/core/app.jso
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/core/libraries/bootstrap.min.js
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/core/libraries/jquery.min.js
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/core/libraries/jquery.min.jsgIr
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/pages/login.js
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/plugins/forms/styling/uniform.min.js
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/plugins/loaders/blockui.min.js
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/plugins/loaders/pace.min.js
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/assets/js/plugins/loaders/pace.min.js?
Source: data_1.1.dr	String found in binary or memory: https://portal.mdstrategies.com/favicon.ico
Source: Favicons.0.dr	String found in binary or memory: https://portal.mdstrategies.com/favicon.icoP
Source: Current Session.0.dr	String found in binary or memory: https://portal.mdstrategies.com/ueq
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: https://preprod-hangouts-googleapis.sandbox.google.com
Source: d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://r4---sn-4g5ednsd.gvt1.com
Source: data_3.1.dr	String found in binary or memory: https://r4---sn-4g5ednsd.gvt1.com/edgedl/chrome/dict/en-us-9-0.bdic?cms_redirect=yes&mh=I2&mip=102.1
Source: d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://redirector.gvt1.com
Source: data_1.1.dr	String found in binary or memory: https://redirector.gvt1.com/edgedl/chrome/dict/en-us-9-0.bdic
Source: craw_window.js.0.dr, manifest.json0.0.dr	String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://ssl.gstatic.com
Source: messages.json41.0.dr, feedback.html.0.dr	String found in binary or memory: https://support.google.com/chromecast/answer/2998456
Source: messages.json41.0.dr, feedback.html.0.dr	String found in binary or memory: https://support.google.com/chromecast/troubleshooter/2995236
Source: craw_window.js.0.dr, craw_background.js.0.dr	String found in binary or memory: https://www-googleapis-staging.sandbox.google.com
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, manifest.json1.0.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://www.google.com
Source: manifest.json0.0.dr	String found in binary or memory: https://www.google.com/
Source: craw_window.js.0.dr	String found in binary or memory: https://www.google.com/accounts/OAuthLogin?issueuberauth=1
Source: craw_window.js.0.dr	String found in binary or memory: https://www.google.com/images/cleardot.gif
Source: craw_window.js.0.dr	String found in binary or memory: https://www.google.com/images/dot2.gif
Source: craw_window.js.0.dr	String found in binary or memory: https://www.google.com/images/x2.gif
Source: craw_background.js.0.dr	String found in binary or memory: https://www.google.com/intl/en-US/chrome/blank.html
Source: mirroring_hangouts.js.0.dr	String found in binary or memory: https://www.google.com/log?format=json&hasfast=true
Source: feedback_script.js.0.dr	String found in binary or memory: https://www.google.com/tools/feedback
Source: manifest.json1.0.dr	String found in binary or memory: https://www.google.com;
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, craw_window.js.0.dr, craw_background.js.0.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://www.googleapis.com
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/
Source: manifest.json1.0.dr	String found in binary or memory: https://www.googleapis.com/auth/calendar.readonly
Source: manifest.json1.0.dr	String found in binary or memory: https://www.googleapis.com/auth/cast-edu-messaging
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json1.0.dr	String found in binary or memory: https://www.googleapis.com/auth/clouddevices
Source: manifest.json1.0.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts
Source: manifest.json1.0.dr	String found in binary or memory: https://www.googleapis.com/auth/hangouts.readonly
Source: manifest.json1.0.dr	String found in binary or memory: https://www.googleapis.com/auth/meetings
Source: manifest.json1.0.dr	String found in binary or memory: https://www.googleapis.com/auth/plus.peopleapi.readwrite
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json0.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: manifest.json1.0.dr	String found in binary or memory: https://www.googleapis.com/auth/userinfo.email
Source: mirroring_common.js.0.dr	String found in binary or memory: https://www.googleapis.com/calendar/v3
Source: mirroring_common.js.0.dr	String found in binary or memory: https://www.googleapis.com/hangouts/v1
Source: ba65e50d-be28-4083-b4b0-86ed8ed47dce.tmp.1.dr, 5805879f-da26-4f6f-98a2-b9fa3d56dbe1.tmp.1.dr, d7e5d27f-1fdc-4413-a2a5-ed683ecc7a32.tmp.1.dr	String found in binary or memory: https://www.gstatic.com
Source: common.js.0.dr	String found in binary or memory: https://www.gstatic.com/hangouts_echo_detector/release/%
Source: manifest.json1.0.dr	String found in binary or memory: https://www.gstatic.com;
Source: data_2.1.dr, Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/
Source: History Provider Cache.0.dr	String found in binary or memory: https://www.mdstrategies.com/2?Home
Source: data_2.1.dr	String found in binary or memory: https://www.mdstrategies.com/?p=20
Source: data_2.1.dr	String found in binary or memory: https://www.mdstrategies.com/?p=23
Source: data_2.1.dr	String found in binary or memory: https://www.mdstrategies.com/?p=25
Source: data_2.1.dr	String found in binary or memory: https://www.mdstrategies.com/?p=29
Source: data_2.1.dr	String found in binary or memory: https://www.mdstrategies.com/?p=49
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/Content-Length:
Source: History.0.dr	String found in binary or memory: https://www.mdstrategies.com/Home
Source: Current Session.0.dr, Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/about/
Source: History.0.dr	String found in binary or memory: https://www.mdstrategies.com/about/ABOUT
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/about/D
Source: Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/about/K
Source: Current Session.0.dr, data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/auditing/
Source: Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/auditing/(
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/auditing/-
Source: History.0.dr	String found in binary or memory: https://www.mdstrategies.com/auditing/MEDICAL
Source: Current Session.0.dr	String found in binary or memory: https://www.mdstrategies.com/auditing/xez.
Source: Current Session.0.dr, data_1.1.dr, Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/careers/
Source: Current Session.0.dr	String found in binary or memory: https://www.mdstrategies.com/careers/(Z
Source: History.0.dr	String found in binary or memory: https://www.mdstrategies.com/careers/ASC
Source: Current Session.0.dr, data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/category/coding-news/
Source: Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/category/coding-news/A
Source: History.0.dr	String found in binary or memory: https://www.mdstrategies.com/category/coding-news/Coding
Source: Current Session.0.dr	String found in binary or memory: https://www.mdstrategies.com/category/uncategorized/www-ascoregon-org/
Source: Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/category/uncategorized/www-ascoregon-org/)
Source: History.0.dr	String found in binary or memory: https://www.mdstrategies.com/category/uncategorized/www-ascoregon-org/Events
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/category/uncategorized/www-ascoregon-org/W(
Source: Current Session.0.dr, Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/coding/
Source: History.0.dr	String found in binary or memory: https://www.mdstrategies.com/coding/FULL
Source: Current Session.0.dr, History.0.dr	String found in binary or memory: https://www.mdstrategies.com/education/
Source: Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/education/6
Source: History.0.dr	String found in binary or memory: https://www.mdstrategies.com/education/EDUCATION
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/education/Of
Source: Current Session.0.dr	String found in binary or memory: https://www.mdstrategies.com/education/XEDUCATION
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.3
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/embed-any-document/css/embed-public.min.css?ver=2.6.
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/embed-any-document/js/embed-public.min.js?ver=2.6.1
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/embed-any-document/js/pdfobject.min.js?ver=2.6.1
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/ml-slider/assets/easing/jQuery.easing.min.js?ver=3.1
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.13.1
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.13.14
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/flexslider.css?v
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/ml-slider/assets/sliders/flexslider/jquery.flexslide
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/sassy-social-share/admin/css/sassy-social-share-svg.
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-pub
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-publ
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/plugins/wpcf7-redirect/js/wpcf7-redirect-script.js
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/assets/js/global.js?ver=1.0
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/assets/js/global.js?ver=1.0dKG5
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/assets/js/jquery.scrollTo.js?ver=2.1.2
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/assets/js/jquery.scrollTo.js?ver=2.1.23
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/assets/js/skip-link-focus-fix.js?ver=1.
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/bootstrap.css
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/css/style.css
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-bold.woff
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-bold.woff2
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-bold.woff2c
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-bold.woffIG9
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-regular.woff
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-regular.woff2
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-semibold.woff
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/fonts/josefinsans-semibold.woff2
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/images/banner-cont-bg.png
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/images/default.jpg
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/images/footer-img.jpg
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/js/bootstrap.js
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/themes/mdstratergies/style.css?ver=5.4.2
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/02/about-bg-1.png
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/02/icn01.png
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/02/icn02.png
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/02/icn03.png
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/02/icn04.png
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/02/icn04.pngE
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/02/logo.jpg
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/02/logo.jpgp
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/03/about-cont-img-1.jpg
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/03/audit-1.jpg
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/03/coding-1.jpg
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/03/education-1.jpg
Source: data_1.1.dr, Favicons.0.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/03/favicon-32x32-1.png
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/04/new-banner-1901x847.jpg
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/04/new-banner1-1901x847.jpg
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-content/uploads/2018/04/new-banner2-1901x847.jpg
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-includes/js/wp-embed.min.js?ver=5.4.2
Source: data_1.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.2
Source: data_2.1.dr	String found in binary or memory: https://www.mdstrategies.com/wp-json/

Source: unknown

Source: unknown	HTTPS traffic detected: 107.180.1.3:443 -> 192.168.2.6:49826 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 107.180.1.3:443 -> 192.168.2.6:49827 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.226.226.62:443 -> 192.168.2.6:49926 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\162628ad-1d92-4ddb-b8e7-2e213d0f7f88.tmp

Jump to behavior

Source: classification engine

Classification label: clean1.win@37/233@13/12

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --start-maximized --enable-automation 'http://www.mdstrategies.com'
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1564,16111795685182632513,6191466307148351903,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1956 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe 'C:\Program Files\Google\Chrome\Application\chrome.exe' --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1564,16111795685182632513,6191466307148351903,131072 --lang=en-US --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1956 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Program Files\Google\Chrome\Application\Dictionaries

Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-61684F27-1610.pma

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Directory created: C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-9-0.bdic			Jump to behavior

ID:	502667
Product:	CloudBasic
Start time:	08:38:22
Start date:	14.10.2021
Cookbook:	browseurl.jbs
System description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Architecture:	WINDOWS

Windows Analysis Report http://www.mdstrategies.com

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing:

Compliance:

Networking:

System Summary:

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs