hxxp://www[.]gesdoc[.]campofrio[.]es/campofrio/training2023/?training=8bd4f58f70279bfd5e21c405d786af5463e3f4001c11a320289ac0d2021e4567

Analysis

max time kernel
600s
max time network
601s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
07/07/2023, 07:44 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.gesdoc.campofrio.es/campofrio/training2023/?training=8bd4f58f70279bfd5e21c405d786af5463e3f4001c11a320289ac0d2021e4567

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 1 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4708	chrome.exe
4708	chrome.exe
4188	chrome.exe
4188	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 18 IoCs

pid	Process
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe
Token: SeShutdownPrivilege	4708	chrome.exe
Token: SeCreatePagefilePrivilege	4708	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe
4708	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4708 wrote to memory of 224	4708	chrome.exe	49
PID 4708 wrote to memory of 224	4708	chrome.exe	49
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 1328	4708	chrome.exe	86
PID 4708 wrote to memory of 4476	4708	chrome.exe	88
PID 4708 wrote to memory of 4476	4708	chrome.exe	88
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87
PID 4708 wrote to memory of 476	4708	chrome.exe	87

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://www.gesdoc.campofrio.es/campofrio/training2023/?training=8bd4f58f70279bfd5e21c405d786af5463e3f4001c11a320289ac0d2021e4567
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa1a909758,0x7ffa1a909768,0x7ffa1a909778
  2⤵
  PID:224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1756 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:2
  2⤵
  PID:1328
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2236 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:8
  2⤵
  PID:476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:8
  2⤵
  PID:4476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2972 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:1
  2⤵
  PID:3736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3012 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:1
  2⤵
  PID:2012
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4564 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:1
  2⤵
  PID:2240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5260 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:8
  2⤵
  PID:3956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5368 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:8
  2⤵
  PID:3896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5260 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:8
  2⤵
  PID:896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5528 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:1
  2⤵
  PID:5080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5508 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:1
  2⤵
  PID:1488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4848 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:8
  2⤵
  PID:4956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3936 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:1
  2⤵
  PID:4544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3496 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:1
  2⤵
  PID:2364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2740 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4848 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:1
  2⤵
  PID:3920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5452 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:1
  2⤵
  PID:4180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5448 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:1
  2⤵
  PID:1320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=1872 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:1
  2⤵
  PID:1084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5456 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:1
  2⤵
  PID:2224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5688 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:1
  2⤵
  PID:3428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=3696 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:1
  2⤵
  PID:1164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=2556 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:1
  2⤵
  PID:3744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4904 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:8
  2⤵
  PID:3604
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5944 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:8
  2⤵
  PID:920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=4588 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:1
  2⤵
  PID:4188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5452 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:1
  2⤵
  PID:4832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=1100 --field-trial-handle=1896,i,3155756388874097181,3114297407386360126,131072 /prefetch:1
  2⤵
  PID:3000

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2224

Network

DNS

www.gesdoc.campofrio.es

chrome.exe

Remote address:

8.8.8.8:53

Request

www.gesdoc.campofrio.es

IN A

Response

www.gesdoc.campofrio.es

IN A

213.27.217.147
GET

http://www.gesdoc.campofrio.es/campofrio/training2023/?training=8bd4f58f70279bfd5e21c405d786af5463e3f4001c11a320289ac0d2021e4567

chrome.exe

Remote address:

213.27.217.147:80

Request

GET /campofrio/training2023/?training=8bd4f58f70279bfd5e21c405d786af5463e3f4001c11a320289ac0d2021e4567 HTTP/1.1
Host: www.gesdoc.campofrio.es
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Fri, 07 Jul 2023 07:44:25 GMT
Server: Apache
Content-Length: 670
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html
GET

http://www.gesdoc.campofrio.es/favicon.ico

chrome.exe

Remote address:

213.27.217.147:80

Request

GET /favicon.ico HTTP/1.1
Host: www.gesdoc.campofrio.es
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.gesdoc.campofrio.es/campofrio/training2023/?training=8bd4f58f70279bfd5e21c405d786af5463e3f4001c11a320289ac0d2021e4567
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Date: Fri, 07 Jul 2023 07:44:26 GMT
Server: Apache
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en
DNS

techno-training.com

chrome.exe

Remote address:

8.8.8.8:53

Request

techno-training.com

IN A

Response

techno-training.com

IN A

18.207.180.120
DNS

assets.msn.com

Remote address:

8.8.8.8:53

Request

assets.msn.com

IN A

Response

assets.msn.com

IN CNAME

assets.msn.com.edgekey.net

assets.msn.com.edgekey.net

IN CNAME

e28578.d.akamaiedge.net

e28578.d.akamaiedge.net

IN A

95.101.143.170

e28578.d.akamaiedge.net

IN A

95.101.143.160

e28578.d.akamaiedge.net

IN A

95.101.143.163

e28578.d.akamaiedge.net

IN A

95.101.143.155

e28578.d.akamaiedge.net

IN A

95.101.143.145

e28578.d.akamaiedge.net

IN A

95.101.143.130

e28578.d.akamaiedge.net

IN A

95.101.143.137

e28578.d.akamaiedge.net

IN A

95.101.143.153

e28578.d.akamaiedge.net

IN A

95.101.143.176
GET

https://assets.msn.com/serviceak/v1/news/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&activityId=a56cef84-b9cb-4c18-a07b-565d119dd361&ocid=windows-windowsShell-feeds&user=m-fa8e403e370641a38e8d864e13395814&Treatment=T6&MaximumDimensions=660x640&experience=Taskbar&AppVersion=1&osLocale=en-US&caller=bgtask

Remote address:

95.101.143.170:443

Request

GET /serviceak/v1/news/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&activityId=a56cef84-b9cb-4c18-a07b-565d119dd361&ocid=windows-windowsShell-feeds&user=m-fa8e403e370641a38e8d864e13395814&Treatment=T6&MaximumDimensions=660x640&experience=Taskbar&AppVersion=1&osLocale=en-US&caller=bgtask HTTP/2.0
host: assets.msn.com
x-search-account: None
accept-encoding: gzip, deflate
x-device-machineid: {FA70D926-E1F3-47D1-8072-3C281BF806AB}
x-userageclass: Unknown
x-bm-market: US
x-bm-dateformat: M/d/yyyy
x-device-ossku: 48
x-bm-dtz: 0
x-deviceid: 0100B2E609000CC3
x-bm-windowsflights: FX:119E26AD,FX:11D898D7,FX:11DB147C,FX:11DE505A,FX:11E11E97,FX:11E3E2BA,FX:11E50151,FX:11E9EE98,FX:11F1992A,FX:11F4161E,FX:11F41B68,FX:11FB0F2F,FX:1201B330,FX:1202B7FC,FX:120BB68E,FX:121A20E1,FX:121BF15F,FX:121E5EC8,FX:122D8E86,FX:123031A3,FX:1231B88B,FX:123371B1,FX:1233C945,FX:123D7C31,FX:1240013C,FX:1246E4A3,FX:1248306D,FX:124B38D0,FX:1250080B,FX:125A7FDA,FX:1264FA75,FX:126DBC22,FX:127159BE,FX:12769734,FX:127C935B,FX:127DC03A,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5
sitename: www.msn.com
x-bm-theme: 000000;0078d7
muid: FA8E403E370641A38E8D864E13395814
x-agent-deviceid: 0100B2E609000CC3
x-bm-onlinesearchdisabled: true
x-bm-cbt: 1688715863
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.2.19041; 10.0.0.0.19041.1288) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
x-device-isoptin: false
accept-language: en-US, en
x-device-touch: false
x-device-clientsession: 62C4FE3C8B4B4D25960C9878151987C8
cookie: MUID=FA8E403E370641A38E8D864E13395814

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
server: Kestrel
access-control-allow-credentials: true
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType,traceparent
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-origin: *.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType,traceparent
content-encoding: gzip
ddd-authenticatedwithjwtflow: False
ddd-usertype: AnonymousMuid
ddd-tmpl: partialResponse:1;lowT:0;coldStartUpsell:1;winbadge:1;coldStart:1;lowC:0;tbn:0
x-wpo-activityid: 10716B9A-DEBF-4230-8F4D-3B68F3635501|2023-07-07T07:44:26.5114331Z|fabric:/wpo|FRC|WPO_74
ddd-feednewsitemcount: 0
ddd-activityid: 10716b9a-debf-4230-8f4d-3b68f3635501
ddd-strategyexecutionlatency: 00:00:00.1583386
ddd-debugid: 10716b9a-debf-4230-8f4d-3b68f3635501|2023-07-07T07:44:26.5332437Z|fabric:/winfeed|FRC|WinFeed_501
onewebservicelatency: 159
x-msedge-responseinfo: 159
x-ceto-ref: 64a7c25a62404ea292fe0c454dcaddeb|2023-07-07T07:44:26.371Z
expires: Fri, 07 Jul 2023 07:44:26 GMT
date: Fri, 07 Jul 2023 07:44:26 GMT
content-length: 5774
akamai-request-bc: [a=95.101.143.166,b=160416793,c=g,n=GB_EN_LONDON,o=20940],[a=20.74.25.147,c=o]
server-timing: clientrtt; dur=53, clienttt; dur=176, origin; dur=176 , cdntime; dur=0
akamai-cache-status: Miss from child
akamai-server-ip: 95.101.143.166
akamai-request-id: 98fc419
x-as-suppresssetcookie: 1
cache-control: private, max-age=0
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
timing-allow-origin: *
vary: Origin
DNS

aadcdn.msauth.net

chrome.exe

Remote address:

8.8.8.8:53

Request

aadcdn.msauth.net

IN A

Response

aadcdn.msauth.net

IN CNAME

aadcdnoriginwus2.azureedge.net

aadcdnoriginwus2.azureedge.net

IN CNAME

aadcdnoriginwus2.afd.azureedge.net

aadcdnoriginwus2.afd.azureedge.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

dual.part-0039.t-0009.t-msedge.net

dual.part-0039.t-0009.t-msedge.net

IN CNAME

part-0039.t-0009.t-msedge.net

part-0039.t-0009.t-msedge.net

IN A

13.107.246.67

part-0039.t-0009.t-msedge.net

IN A

13.107.213.67
DNS

aadcdn.msftauth.net

chrome.exe

Remote address:

8.8.8.8:53

Request

aadcdn.msftauth.net

IN A

Response

aadcdn.msftauth.net

IN CNAME

cs1100.wpc.omegacdn.net

cs1100.wpc.omegacdn.net

IN A

152.199.4.44
DNS

195.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

195.179.250.142.in-addr.arpa

IN PTR

Response

195.179.250.142.in-addr.arpa

IN PTR

ams15s42-in-f31e100net
DNS

202.23.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.23.217.172.in-addr.arpa

IN PTR

Response

202.23.217.172.in-addr.arpa

IN PTR

ams16s37-in-f101e100net

202.23.217.172.in-addr.arpa

IN PTR

prg03s05-in-f10�I

202.23.217.172.in-addr.arpa

IN PTR

prg03s05-in-f202�I
DNS

147.217.27.213.in-addr.arpa

Remote address:

8.8.8.8:53

Request

147.217.27.213.in-addr.arpa

IN PTR

Response
DNS

71.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

71.159.190.20.in-addr.arpa

IN PTR

Response
DNS

120.180.207.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

120.180.207.18.in-addr.arpa

IN PTR

Response

120.180.207.18.in-addr.arpa

IN PTR

ec2-18-207-180-120 compute-1 amazonawscom
DNS

41.249.124.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

41.249.124.192.in-addr.arpa

IN PTR

Response

41.249.124.192.in-addr.arpa

IN PTR

cloudproxy10041sucurinet
DNS

170.143.101.95.in-addr.arpa

Remote address:

8.8.8.8:53

Request

170.143.101.95.in-addr.arpa

IN PTR

Response

170.143.101.95.in-addr.arpa

IN PTR

a95-101-143-170deploystaticakamaitechnologiescom
DNS

aadcdn.msauthimages.net

chrome.exe

Remote address:

8.8.8.8:53

Request

aadcdn.msauthimages.net

IN A

Response

aadcdn.msauthimages.net

IN CNAME

aadcdn.azureedge.net

aadcdn.azureedge.net

IN CNAME

aadcdn.ec.azureedge.net

aadcdn.ec.azureedge.net

IN CNAME

cs1025.wpc.upsiloncdn.net

cs1025.wpc.upsiloncdn.net

IN A

152.199.23.72
GET

https://aadcdn.msauthimages.net/c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/bannerlogo?ts=637284202117920876.svg

chrome.exe

Remote address:

152.199.23.72:443

Request

GET /c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/bannerlogo?ts=637284202117920876.svg HTTP/2.0
host: aadcdn.msauthimages.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
age: 1109
cache-control: public, max-age=86400
content-md5: 60s2XQsqE5k2Y3RuEX78Nw==
content-type: image/*
date: Fri, 07 Jul 2023 07:44:26 GMT
etag: 0x8D8175CDCEFB19E
last-modified: Tue, 23 Jun 2020 10:04:48 GMT
server: ECAcc (ama/48F6)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: b39cf49c-201e-0031-49a4-b077e5000000
x-ms-version: 2009-09-19
content-length: 116415
GET

https://aadcdn.msauthimages.net/c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/illustration?ts=637285034880851837.svg

chrome.exe

Remote address:

152.199.23.72:443

Request

GET /c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/illustration?ts=637285034880851837.svg HTTP/2.0
host: aadcdn.msauthimages.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
age: 446
cache-control: public, max-age=86400
content-md5: qmjT+b++DzaouCPadzrSWw==
content-type: image/*
date: Fri, 07 Jul 2023 07:44:26 GMT
etag: 0x8D8169AF869C4B0
last-modified: Mon, 22 Jun 2020 10:56:52 GMT
server: ECAcc (ama/48F2)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 5303cb0b-501e-003e-79a5-b09a13000000
x-ms-version: 2009-09-19
content-length: 9681
GET

https://aadcdn.msauthimages.net/c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/bannerlogo?ts=637284202117920876.svg

chrome.exe

Remote address:

152.199.23.72:443

Request

GET /c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/bannerlogo?ts=637284202117920876.svg HTTP/2.0
host: aadcdn.msauthimages.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
age: 1184
cache-control: public, max-age=86400
content-md5: qmjT+b++DzaouCPadzrSWw==
content-type: image/*
date: Fri, 07 Jul 2023 07:45:40 GMT
etag: 0x8D8169AF869C4B0
last-modified: Mon, 22 Jun 2020 10:56:52 GMT
server: ECAcc (ama/48B1)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: eaf9dc91-201e-005c-0ba4-b0ddcb000000
x-ms-version: 2009-09-19
content-length: 9681
GET

https://aadcdn.msauthimages.net/c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/illustration?ts=637285034880851837.svg

chrome.exe

Remote address:

152.199.23.72:443

Request

GET /c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/illustration?ts=637285034880851837.svg HTTP/2.0
host: aadcdn.msauthimages.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
age: 1183
cache-control: public, max-age=86400
content-md5: 60s2XQsqE5k2Y3RuEX78Nw==
content-type: image/*
date: Fri, 07 Jul 2023 07:45:40 GMT
etag: 0x8D8175CDCEFB19E
last-modified: Tue, 23 Jun 2020 10:04:48 GMT
server: ECAcc (ama/48F6)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: b39cf49c-201e-0031-49a4-b077e5000000
x-ms-version: 2009-09-19
content-length: 116415
GET

https://aadcdn.msauthimages.net/c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/bannerlogo?ts=637284202117920876.svg

chrome.exe

Remote address:

152.199.23.72:443

Request

GET /c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/bannerlogo?ts=637284202117920876.svg HTTP/2.0
host: aadcdn.msauthimages.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
age: 1264
cache-control: public, max-age=86400
content-md5: qmjT+b++DzaouCPadzrSWw==
content-type: image/*
date: Fri, 07 Jul 2023 07:47:00 GMT
etag: 0x8D8169AF869C4B0
last-modified: Mon, 22 Jun 2020 10:56:52 GMT
server: ECAcc (ama/48B1)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: eaf9dc91-201e-005c-0ba4-b0ddcb000000
x-ms-version: 2009-09-19
content-length: 9681
GET

https://aadcdn.msauthimages.net/c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/illustration?ts=637285034880851837.svg

chrome.exe

Remote address:

152.199.23.72:443

Request

GET /c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/illustration?ts=637285034880851837.svg HTTP/2.0
host: aadcdn.msauthimages.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
age: 1263
cache-control: public, max-age=86400
content-md5: 60s2XQsqE5k2Y3RuEX78Nw==
content-type: image/*
date: Fri, 07 Jul 2023 07:47:00 GMT
etag: 0x8D8175CDCEFB19E
last-modified: Tue, 23 Jun 2020 10:04:48 GMT
server: ECAcc (ama/48F6)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: b39cf49c-201e-0031-49a4-b077e5000000
x-ms-version: 2009-09-19
content-length: 116415
GET

https://aadcdn.msauthimages.net/c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/bannerlogo?ts=637284202117920876.svg

chrome.exe

Remote address:

152.199.23.72:443

Request

GET /c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/bannerlogo?ts=637284202117920876.svg HTTP/2.0
host: aadcdn.msauthimages.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://techno-training.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
age: 1353
cache-control: public, max-age=86400
content-md5: qmjT+b++DzaouCPadzrSWw==
content-type: image/*
date: Fri, 07 Jul 2023 07:48:29 GMT
etag: 0x8D8169AF869C4B0
last-modified: Mon, 22 Jun 2020 10:56:52 GMT
server: ECAcc (ama/48B1)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: eaf9dc91-201e-005c-0ba4-b0ddcb000000
x-ms-version: 2009-09-19
content-length: 9681
GET

https://aadcdn.msauthimages.net/c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/illustration?ts=637285034880851837.svg

chrome.exe

Remote address:

152.199.23.72:443

Request

GET /c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/illustration?ts=637285034880851837.svg HTTP/2.0
host: aadcdn.msauthimages.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://techno-training.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
age: 1352
cache-control: public, max-age=86400
content-md5: 60s2XQsqE5k2Y3RuEX78Nw==
content-type: image/*
date: Fri, 07 Jul 2023 07:48:29 GMT
etag: 0x8D8175CDCEFB19E
last-modified: Tue, 23 Jun 2020 10:04:48 GMT
server: ECAcc (ama/48F6)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: b39cf49c-201e-0031-49a4-b077e5000000
x-ms-version: 2009-09-19
content-length: 116415
DNS

content-autofill.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

content-autofill.googleapis.com

IN A

Response

content-autofill.googleapis.com

IN A

142.251.39.106

content-autofill.googleapis.com

IN A

172.217.23.202

content-autofill.googleapis.com

IN A

216.58.208.106

content-autofill.googleapis.com

IN A

216.58.214.10

content-autofill.googleapis.com

IN A

142.250.179.138

content-autofill.googleapis.com

IN A

142.251.36.42

content-autofill.googleapis.com

IN A

172.217.168.234

content-autofill.googleapis.com

IN A

142.250.179.170

content-autofill.googleapis.com

IN A

142.250.179.202

content-autofill.googleapis.com

IN A

142.251.36.10
GET

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSFwkEU_h8CtYn6BIFDdFbUVISBQ1Xevf9?alt=proto

chrome.exe

Remote address:

142.251.39.106:443

Request

GET /v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSFwkEU_h8CtYn6BIFDdFbUVISBQ1Xevf9?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CMziygE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

privacy.microsoft.com

chrome.exe

Remote address:

8.8.8.8:53

Request

privacy.microsoft.com

IN A

Response

privacy.microsoft.com

IN CNAME

privacy.microsoft.com.edgekey.net

privacy.microsoft.com.edgekey.net

IN CNAME

e13678.dspb.akamaiedge.net

e13678.dspb.akamaiedge.net

IN A

173.223.113.131
DNS

www.microsoft.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

104.123.41.162
DNS

67.246.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

67.246.107.13.in-addr.arpa

IN PTR

Response
DNS

72.23.199.152.in-addr.arpa

Remote address:

8.8.8.8:53

Request

72.23.199.152.in-addr.arpa

IN PTR

Response
DNS

clients2.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

clients2.google.com

IN A

Response

clients2.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

142.251.36.46
DNS

106.39.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

106.39.251.142.in-addr.arpa

IN PTR

Response

106.39.251.142.in-addr.arpa

IN PTR

ams15s48-in-f101e100net
DNS

46.36.251.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

46.36.251.142.in-addr.arpa

IN PTR

Response

46.36.251.142.in-addr.arpa

IN PTR

ams17s12-in-f141e100net
DNS

acctcdn.msauth.net

chrome.exe

Remote address:

8.8.8.8:53

Request

acctcdn.msauth.net

IN A

Response

acctcdn.msauth.net

IN CNAME

acctcdnmsftuswe2.azureedge.net

acctcdnmsftuswe2.azureedge.net

IN CNAME

acctcdnmsftuswe2.afd.azureedge.net

acctcdnmsftuswe2.afd.azureedge.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

dual.part-0039.t-0009.t-msedge.net

dual.part-0039.t-0009.t-msedge.net

IN CNAME

part-0039.t-0009.t-msedge.net

part-0039.t-0009.t-msedge.net

IN A

13.107.246.67

part-0039.t-0009.t-msedge.net

IN A

13.107.213.67
DNS

185.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

185.221.229.192.in-addr.arpa

IN PTR

Response
GET

http://www.gesdoc.campofrio.es/campofrio/training2023/?training=8bd4f58f70279bfd5e21c405d786af5463e3f4001c11a320289ac0d2021e4567

chrome.exe

Remote address:

213.27.217.147:80

Request

GET /campofrio/training2023/?training=8bd4f58f70279bfd5e21c405d786af5463e3f4001c11a320289ac0d2021e4567 HTTP/1.1
Host: www.gesdoc.campofrio.es
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Fri, 07 Jul 2023 07:46:32 GMT
Server: Apache
Content-Length: 670
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html
DNS

cdn.jsdelivr.net

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.jsdelivr.net

IN A

Response

cdn.jsdelivr.net

IN CNAME

jsdelivr.map.fastly.net

jsdelivr.map.fastly.net

IN A

151.101.1.229

jsdelivr.map.fastly.net

IN A

151.101.65.229

jsdelivr.map.fastly.net

IN A

151.101.129.229

jsdelivr.map.fastly.net

IN A

151.101.193.229
GET

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

chrome.exe

Remote address:

151.101.1.229:443

Request

GET /npm/bootstrap@5.1.3/dist/css/bootstrap.min.css HTTP/2.0
host: cdn.jsdelivr.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: null
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
content-encoding: br
accept-ranges: bytes
date: Fri, 07 Jul 2023 07:46:50 GMT
age: 7525761
x-served-by: cache-fra-eddf8230037-FRA, cache-ams21061-AMS
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26333
DNS

229.1.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

229.1.101.151.in-addr.arpa

IN PTR

Response
DNS

226.21.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

226.21.18.104.in-addr.arpa

IN PTR

Response
DNS

acctcdn.msauth.net

chrome.exe

Remote address:

8.8.8.8:53

Request

acctcdn.msauth.net

IN A

Response

acctcdn.msauth.net

IN CNAME

acctcdnmsftuswe2.azureedge.net

acctcdnmsftuswe2.azureedge.net

IN CNAME

acctcdnmsftuswe2.afd.azureedge.net

acctcdnmsftuswe2.afd.azureedge.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

dual.part-0039.t-0009.t-msedge.net

dual.part-0039.t-0009.t-msedge.net

IN CNAME

part-0039.t-0009.t-msedge.net

part-0039.t-0009.t-msedge.net

IN A

13.107.246.67

part-0039.t-0009.t-msedge.net

IN A

13.107.213.67
DNS

196.168.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.168.217.172.in-addr.arpa

IN PTR

Response

196.168.217.172.in-addr.arpa

IN PTR

ams16s32-in-f41e100net
DNS

aadcdn.msauth.net

chrome.exe

Remote address:

8.8.8.8:53

Request

aadcdn.msauth.net

IN A

Response

aadcdn.msauth.net

IN CNAME

aadcdnoriginwus2.azureedge.net

aadcdnoriginwus2.azureedge.net

IN CNAME

aadcdnoriginwus2.afd.azureedge.net

aadcdnoriginwus2.afd.azureedge.net

IN CNAME

firstparty-azurefd-prod.trafficmanager.net

firstparty-azurefd-prod.trafficmanager.net

IN CNAME

dual.part-0039.t-0009.t-msedge.net

dual.part-0039.t-0009.t-msedge.net

IN CNAME

part-0039.t-0009.t-msedge.net

part-0039.t-0009.t-msedge.net

IN A

13.107.246.67

part-0039.t-0009.t-msedge.net

IN A

13.107.213.67
DNS

aadcdn.msftauth.net

chrome.exe

Remote address:

8.8.8.8:53

Request

aadcdn.msftauth.net

IN A

Response

aadcdn.msftauth.net

IN CNAME

cs1100.wpc.omegacdn.net

cs1100.wpc.omegacdn.net

IN A

152.199.23.37
DNS

privacy.microsoft.com

chrome.exe

Remote address:

8.8.8.8:53

Request

privacy.microsoft.com

IN A

Response

privacy.microsoft.com

IN CNAME

privacy.microsoft.com.edgekey.net

privacy.microsoft.com.edgekey.net

IN CNAME

e13678.dspb.akamaiedge.net

e13678.dspb.akamaiedge.net

IN A

173.223.113.131
DNS

www.microsoft.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.microsoft.com

IN A

Response

www.microsoft.com

IN CNAME

www.microsoft.com-c-3.edgekey.net

www.microsoft.com-c-3.edgekey.net

IN CNAME

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net

IN CNAME

e13678.dscb.akamaiedge.net

e13678.dscb.akamaiedge.net

IN A

173.223.113.131
DNS

64.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

64.159.190.20.in-addr.arpa

IN PTR

Response

213.27.217.147:80

http://www.gesdoc.campofrio.es/favicon.ico

http

chrome.exe

1.4kB
2.9kB
8
7

HTTP Request

GET http://www.gesdoc.campofrio.es/campofrio/training2023/?training=8bd4f58f70279bfd5e21c405d786af5463e3f4001c11a320289ac0d2021e4567

HTTP Response

200

HTTP Request

GET http://www.gesdoc.campofrio.es/favicon.ico

HTTP Response

404
213.27.217.147:80

www.gesdoc.campofrio.es

chrome.exe

288 B
236 B
6
5
18.207.180.120:443

techno-training.com

tls

chrome.exe

2.1kB
14.5kB
15
17
95.101.143.170:443

https://assets.msn.com/serviceak/v1/news/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&activityId=a56cef84-b9cb-4c18-a07b-565d119dd361&ocid=windows-windowsShell-feeds&user=m-fa8e403e370641a38e8d864e13395814&Treatment=T6&MaximumDimensions=660x640&experience=Taskbar&AppVersion=1&osLocale=en-US&caller=bgtask

tls, http2

2.8kB
14.9kB
24
22

HTTP Request

GET https://assets.msn.com/serviceak/v1/news/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&activityId=a56cef84-b9cb-4c18-a07b-565d119dd361&ocid=windows-windowsShell-feeds&user=m-fa8e403e370641a38e8d864e13395814&Treatment=T6&MaximumDimensions=660x640&experience=Taskbar&AppVersion=1&osLocale=en-US&caller=bgtask

HTTP Response

200
13.107.246.67:443

aadcdn.msauth.net

tls

chrome.exe

839 B
4.4kB
7
9
13.107.246.67:443

aadcdn.msauth.net

tls

chrome.exe

5.0kB
173.5kB
78
138
13.107.246.67:443

aadcdn.msauth.net

tls

chrome.exe

839 B
4.4kB
7
9
13.107.246.67:443

aadcdn.msauth.net

tls

chrome.exe

10.7kB
451.9kB
189
357
152.199.23.72:443

https://aadcdn.msauthimages.net/c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/illustration?ts=637285034880851837.svg

tls, http2

chrome.exe

13.7kB
532.6kB
242
418

HTTP Request

GET https://aadcdn.msauthimages.net/c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/bannerlogo?ts=637284202117920876.svg

HTTP Request

GET https://aadcdn.msauthimages.net/c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/illustration?ts=637285034880851837.svg

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://aadcdn.msauthimages.net/c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/bannerlogo?ts=637284202117920876.svg

HTTP Response

200

HTTP Request

GET https://aadcdn.msauthimages.net/c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/illustration?ts=637285034880851837.svg

HTTP Response

200

HTTP Request

GET https://aadcdn.msauthimages.net/c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/bannerlogo?ts=637284202117920876.svg

HTTP Response

200

HTTP Request

GET https://aadcdn.msauthimages.net/c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/illustration?ts=637285034880851837.svg

HTTP Response

200

HTTP Request

GET https://aadcdn.msauthimages.net/c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/bannerlogo?ts=637284202117920876.svg

HTTP Response

200

HTTP Request

GET https://aadcdn.msauthimages.net/c1c6b6c8-pqf8i-axktu3tmgg2l1brsuacdrtoxg4alc9eduufy4/logintenantbranding/0/illustration?ts=637285034880851837.svg

HTTP Response

200
152.199.23.72:443

aadcdn.msauthimages.net

tls

chrome.exe

1.5kB
7.5kB
13
11
142.251.39.106:443

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSFwkEU_h8CtYn6BIFDdFbUVISBQ1Xevf9?alt=proto

tls, http2

chrome.exe

2.0kB
7.3kB
19
21

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSFwkEU_h8CtYn6BIFDdFbUVISBQ1Xevf9?alt=proto
142.251.36.46:443

clients2.google.com

tls, http2

chrome.exe

1.1kB
8.4kB
11
11
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
213.27.217.147:80

www.gesdoc.campofrio.es

chrome.exe

288 B
236 B
6
5
213.27.217.147:80

www.gesdoc.campofrio.es

chrome.exe

288 B
236 B
6
5
18.207.180.120:443

techno-training.com

tls

chrome.exe

6.3kB
3.6kB
11
13
13.107.246.67:443

acctcdn.msauth.net

tls

chrome.exe

1.2kB
7.9kB
13
15
213.27.217.147:80

http://www.gesdoc.campofrio.es/campofrio/training2023/?training=8bd4f58f70279bfd5e21c405d786af5463e3f4001c11a320289ac0d2021e4567

http

chrome.exe

649 B
1.1kB
6
5

HTTP Request

GET http://www.gesdoc.campofrio.es/campofrio/training2023/?training=8bd4f58f70279bfd5e21c405d786af5463e3f4001c11a320289ac0d2021e4567

HTTP Response

200
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
18.207.180.120:443

techno-training.com

tls

chrome.exe

1.8kB
1.3kB
10
9
151.101.1.229:443

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

tls, http2

chrome.exe

2.5kB
34.2kB
30
42

HTTP Request

GET https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

HTTP Response

200
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
13.107.246.67:443

acctcdn.msauth.net

tls

chrome.exe

1.1kB
7.1kB
9
13
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe
18.207.180.120:443

techno-training.com

tls

chrome.exe

816 B
479 B
5
7
18.207.180.120:443

techno-training.com

tls

chrome.exe

1.8kB
12.2kB
11
16
13.107.246.67:443

aadcdn.msauth.net

tls

chrome.exe

5.1kB
173.8kB
77
140
13.107.246.67:443

aadcdn.msauth.net

tls

chrome.exe

9.8kB
414.8kB
174
322
127.0.0.1:9229

chrome.exe
127.0.0.1:9229

chrome.exe

8.8.8.8:53

www.gesdoc.campofrio.es

dns

chrome.exe

69 B
85 B
1
1

DNS Request

www.gesdoc.campofrio.es

DNS Response

213.27.217.147
8.8.8.8:53

techno-training.com

dns

chrome.exe

65 B
81 B
1
1

DNS Request

techno-training.com

DNS Response

18.207.180.120
8.8.8.8:53

assets.msn.com

dns

60 B
278 B
1
1

DNS Request

assets.msn.com

DNS Response

95.101.143.170

95.101.143.160

95.101.143.163

95.101.143.155

95.101.143.145

95.101.143.130

95.101.143.137

95.101.143.153

95.101.143.176
8.8.8.8:53

aadcdn.msauth.net

dns

chrome.exe

63 B
283 B
1
1

DNS Request

aadcdn.msauth.net

DNS Response

13.107.246.67

13.107.213.67
8.8.8.8:53

aadcdn.msftauth.net

dns

chrome.exe

65 B
115 B
1
1

DNS Request

aadcdn.msftauth.net

DNS Response

152.199.4.44
8.8.8.8:53

195.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

195.179.250.142.in-addr.arpa
8.8.8.8:53

202.23.217.172.in-addr.arpa

dns

73 B
173 B
1
1

DNS Request

202.23.217.172.in-addr.arpa
8.8.8.8:53

147.217.27.213.in-addr.arpa

dns

73 B
133 B
1
1

DNS Request

147.217.27.213.in-addr.arpa
8.8.8.8:53

71.159.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

71.159.190.20.in-addr.arpa
8.8.8.8:53

120.180.207.18.in-addr.arpa

dns

73 B
129 B
1
1

DNS Request

120.180.207.18.in-addr.arpa
8.8.8.8:53

41.249.124.192.in-addr.arpa

dns

73 B
113 B
1
1

DNS Request

41.249.124.192.in-addr.arpa
8.8.8.8:53

170.143.101.95.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

170.143.101.95.in-addr.arpa
8.8.8.8:53

aadcdn.msauthimages.net

dns

chrome.exe

69 B
176 B
1
1

DNS Request

aadcdn.msauthimages.net

DNS Response

152.199.23.72
8.8.8.8:53

content-autofill.googleapis.com

dns

chrome.exe

77 B
237 B
1
1

DNS Request

content-autofill.googleapis.com

DNS Response

142.251.39.106

172.217.23.202

216.58.208.106

216.58.214.10

142.250.179.138

142.251.36.42

172.217.168.234

142.250.179.170

142.250.179.202

142.251.36.10
8.8.8.8:53

privacy.microsoft.com

dns

chrome.exe

67 B
167 B
1
1

DNS Request

privacy.microsoft.com

DNS Response

173.223.113.131
8.8.8.8:53

www.microsoft.com

dns

chrome.exe

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

104.123.41.162
8.8.8.8:53

67.246.107.13.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

67.246.107.13.in-addr.arpa
8.8.8.8:53

72.23.199.152.in-addr.arpa

dns

72 B
143 B
1
1

DNS Request

72.23.199.152.in-addr.arpa
8.8.8.8:53

clients2.google.com

dns

chrome.exe

65 B
105 B
1
1

DNS Request

clients2.google.com

DNS Response

142.251.36.46
142.251.36.46:443

clients2.google.com

https

chrome.exe

3.8kB
8.1kB
11
12
224.0.0.251:5353

chrome.exe

204 B
3
8.8.8.8:53

106.39.251.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

106.39.251.142.in-addr.arpa
8.8.8.8:53

46.36.251.142.in-addr.arpa

dns

72 B
111 B
1
1

DNS Request

46.36.251.142.in-addr.arpa
8.8.8.8:53

acctcdn.msauth.net

dns

chrome.exe

64 B
284 B
1
1

DNS Request

acctcdn.msauth.net

DNS Response

13.107.246.67

13.107.213.67
142.251.39.106:443

content-autofill.googleapis.com

https

chrome.exe

3.4kB
7.1kB
8
11
8.8.8.8:53

185.221.229.192.in-addr.arpa

dns

74 B
145 B
1
1

DNS Request

185.221.229.192.in-addr.arpa
8.8.8.8:53

cdn.jsdelivr.net

dns

chrome.exe

62 B
160 B
1
1

DNS Request

cdn.jsdelivr.net

DNS Response

151.101.1.229

151.101.65.229

151.101.129.229

151.101.193.229
151.101.1.229:443

cdn.jsdelivr.net

https

chrome.exe

5.7kB
89.2kB
42
73
8.8.8.8:53

229.1.101.151.in-addr.arpa

dns

72 B
132 B
1
1

DNS Request

229.1.101.151.in-addr.arpa
8.8.8.8:53

226.21.18.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

226.21.18.104.in-addr.arpa
8.8.8.8:53

acctcdn.msauth.net

dns

chrome.exe

64 B
284 B
1
1

DNS Request

acctcdn.msauth.net

DNS Response

13.107.246.67

13.107.213.67
8.8.8.8:53

196.168.217.172.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

196.168.217.172.in-addr.arpa
8.8.8.8:53

aadcdn.msauth.net

dns

chrome.exe

63 B
283 B
1
1

DNS Request

aadcdn.msauth.net

DNS Response

13.107.246.67

13.107.213.67
8.8.8.8:53

aadcdn.msftauth.net

dns

chrome.exe

65 B
115 B
1
1

DNS Request

aadcdn.msftauth.net

DNS Response

152.199.23.37
8.8.8.8:53

privacy.microsoft.com

dns

chrome.exe

67 B
167 B
1
1

DNS Request

privacy.microsoft.com

DNS Response

173.223.113.131
8.8.8.8:53

www.microsoft.com

dns

chrome.exe

63 B
230 B
1
1

DNS Request

www.microsoft.com

DNS Response

173.223.113.131
142.251.39.106:443

content-autofill.googleapis.com

https

chrome.exe

2.2kB
3.2kB
8
9
8.8.8.8:53

64.159.190.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

64.159.190.20.in-addr.arpa

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
19KB

MD5
d0ed87f63b8660bd339337185abd0d22

SHA1
eab58f2ada552aaaa64115714a53911b808e9960

SHA256
7de61e0e2dc500867def43564fd1e74e44e81659d37017f4a2805de625b0ec0d

SHA512
c8ff5278beb12e44fc2701306a34a2f1330ed9a7d1f7939058bb18061390deb9fb4be3e9261a85b60e671ec6dc34aca53ea12290bb7338441c8d759b9109ddc4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
e2e7fdb7db9fb5f2634d050e037545ca

SHA1
92fe4a73704e9ac56313f7d93fbc0c8b53393118

SHA256
86bbbb1028bc309b138d7f6b69dfe056423cec7535df97ceb8e1cfae0f17c86e

SHA512
f6117e6982fc9a7b67aa9994686921c5290556f153823ae0401dc7eee2610ce821468f8e78dc009b811cbc6f861657612306f769b453b3cb593cbc93a84cf7de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
120B

MD5
baf6a35074ecaf483ce4393ae877eca9

SHA1
1e8f4856b6fa601e8e4080cf8d2e1938e4114682

SHA256
797ecd85cc527aa15dce615de189b5d2f363390406d8f88eebe3532ca425ce6c

SHA512
4598b1ceb356f5b4714d8157de41accf1ee9ddccf71891e3a7d57ec095a677ce60db8c2293483b3307e69fb1fa56d6772b5c5d960a6098f3767d94aefe90d99c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
b1e032cbe6b0173fa2c85a3541ce3e4d

SHA1
22894761fe63b70dc8ef6a8dcee29748b02bf5e1

SHA256
a26ec1b4214b3f327e689189548ebca4407baf9028aa5165ff79c68b6cd6816b

SHA512
9abeffacf5db93d755f0cf58cb93b5848da7cc33314955284f14ddb2c9538efc10df7306135f4e9e2c049f1abd126f9bcbc85e2d5c6f12e7c13d9ce9ca1a2da3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
638fae4b407bb0fc8d5e24e85cc17d40

SHA1
b5de51f17df0dec5c0ae25d49849d66f923ac826

SHA256
48500018389761d1942d9dd4845cacc33ca2ce888df9f9c06990cdcb1bbe2810

SHA512
c94e984acde3a7437149b49ba58f587f068c0a7bb77fbc447584e9c55b34d90b3ca946fe1b05dcf815a0310f8a46bad95abb1bbf319ea15d2c66a95346ba75a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
6a02c2d7407c69db8a50e063c31ea13d

SHA1
52024491bbaec3c8bb7df887c6c4f8e2bf21d885

SHA256
b50175e6485abd8ae460c3b39590536687d437835ae6c21d9b1fa8da04e77c7f

SHA512
c128c9e58d0f66c0d8afc8b9270762b1f0aa6da7f914e78f18f0348c9b173aab277ae05e2e812597f37acf17fff002ba5507d9adf7e7b172f7601598fe492ded

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
0fea86901f16e7583c192b1749974809

SHA1
5cd79aa0cc4616ad5ab176279b1a1c29ef6566e7

SHA256
a781d01f861190cc6e1493ad1764de8ded0fc7460eb8126de89de06952a2d3f5

SHA512
d99e18d6ad9a6a6be286de0f627cf836329aa64229364921c9ad94423d89fb7466a91f9d27aca5c82aa455edd175d660597e20ec8b50bc0f32b3aa103d2fe15a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
539B

MD5
fd340e1ab4ab399e865ba6f6c1533cec

SHA1
87b17144977924e9bbf12834388e54dce23a6bda

SHA256
4edf3319f9b8df7f0e104f588634bed66e772e2bbf7a8cc1fcc0a85a66532f07

SHA512
678294c609cf61fa0396fe603b7921159ff028eec8bbc4604e563d94d1c9ce6a830ffa0c69f5bd5b9549c4ce56bfb9b841e99c7c55b8d896ccbd68329fe6cdf3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
ef24a4d805bdb2a9eada300e570148bd

SHA1
f098886b4b0883df62765f42f520ec59156219ba

SHA256
02e940b323d03f3307cb8fe6ef04f6195b77b2fb13efd0e16a0fcf09598572e1

SHA512
a9b7c36ab38e9b473a73aa6257f5d9f616e8836c5dcdc9ea739c4347e0426662571ca8a222be6d0a122657d239407ee1d0b9faefec5d0f01c719a472d845067e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
706B

MD5
20875970f322a404a94b961f724122ee

SHA1
10e2533e648ce3842425701940d99a681d66ae1a

SHA256
6293ccbbbbca4672d96793a2a2d00dcfae537ee93bf0f648dd90c68ab5babe31

SHA512
d1eb3106b2c08f12f77ebede08b1904f892682177c3ad24d9cf4dcde29e3ab159ca47318202691b8d54b30add5f28646bc93cf2ba3e2ae4d60af53f32be1c70a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
52adb8380713d0edf45bc59dce3465c7

SHA1
c873afde70a221a2a10bd4d7719233be4dffed4f

SHA256
1b46885bb7a4b6066fd0a351a7fde05e4343dc2fd9ce9021a573d632c3065282

SHA512
ea41045a4dbc769f41da08ded31fa7532947d789a979fbd206de4f1fdd78502de86719f782f4c8cd05aca3942ce5384449ca79b077475ce328e1122d43be3ba0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
7af7cda2f4616671b77cdbbd1b5408f1

SHA1
3bc6a43710614091572ec27d0cc671f877a0fabb

SHA256
19e235ad41deb01afb98cc3dbec57213a82b0db8fb770ed2e81e89b77ede86e8

SHA512
883017da628135d43cf790beb327123dc97692022e0ffa55051f087fad1e8acbe24d99f8ae2bf4278df7be28e9dcbd075c130b7853af8d1155c870ca1f0a0175

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
172KB

MD5
3bf0af99c4170c0f184c6e11dcd7633f

SHA1
3066cf8048265fb45c46e548d881b9141409176e

SHA256
573b04958315e3f63664d23bf6eb451c2609d282b2853ffa0dbc61089034b0da

SHA512
a7c4f1738a5710a4c59ad9c3c4880deae0f08d0c719b8a8643959ef8fd54c82ef749b3e56244efd5f52e5b98a549d3b83600c51f5ecbe4cb6171fd92d91d4459

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
172KB

MD5
afccb8c07c0bac3ec123a0affadcfa09

SHA1
02a103c470c5a38d624186bdc11782697d947690

SHA256
1ccf3db3893ca01fe1aff456584480d3f688846a5d77f380c0ae1b5377b2dcc2

SHA512
0094d5ecb6ebbc08285ddce5e943f5b6b238a408144c28a196abe238d3d05f987ab8c915457c35102255e9420d1350bf9fb053a554e8eb357c119f0519c84267

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
172KB

MD5
2e819d8f8253db546f4fdc3e381cacef

SHA1
c987304d0412c6fcc07ebafd27584968b5ddcbf3

SHA256
159bf2b3a64a74908868a80617f9e91e3cffec60e7a028176e1265c7431f2207

SHA512
c9e4c7c25d702c849e32193dfc50b801db34119c59c344293fd51db8cd1fefbd23c73009a228f884fd0b5c34173b854f0081a23877b5a6125f08a186325602ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
102KB

MD5
d5b0a720ca31c1fad228a976cf21ac65

SHA1
d7dfac95f057c5dcbccab87d0ccc0127fb2a80e0

SHA256
281217701d325610eda4cd94327ebee9f0fcd1b38c7ef430f109ed44e64902cc

SHA512
c98994e3684072c123df51e4a97237416c64ba138bb8186a895062344164110f798bcf0bc4adb166bd543c749e9005dab4f71fa1b1299167901d11721b40d29f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58bcb4.TMP

Filesize
101KB

MD5
881ce3efe0dfc156e8a07924420fbf89

SHA1
7fe9b02e30b344c5a059b9e2903965f7360c6586

SHA256
4fc5592a0d996dcd92938d8bbb1cbf7b5678737b537e999ebbf35de8808e01ef

SHA512
6cf8915a6b4b827608d1916cc435981db57796c0d459b8b6ca2f14a6244789a71a58505336dcde713eeef949e82a9745bcee268653508d590fee70aac7ba312a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

Filesize
2B

MD5
f3b25701fe362ec84616a93a45ce9998

SHA1
d62636d8caec13f04e28442a0a6fa1afeb024bbb

SHA256
b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

SHA512
98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request