Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    145s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/05/2024, 08:18 UTC

General

  • Target

    23f8fc1e15e5448a31f2a12a4616c146_JaffaCakes118.html

  • Size

    23KB

  • MD5

    23f8fc1e15e5448a31f2a12a4616c146

  • SHA1

    591e1a12daef59a22a12bd488f24be201e6eeb4e

  • SHA256

    f6b203eafc8bccc67b5f9081739a75d1e50f9dfdb01c1f9544d2cfc8da51cd98

  • SHA512

    f69fc3eed32c89060765766dd57bcb00e55e3d989c305b0b90aa48e5d8d5c5cd8a0777c2432b0155ad9ab20a6af25223ccd543be92f18ec0c7d9dc504983f49f

  • SSDEEP

    384:zVhVtx+dWwputxwQ7U7kSj3Y47ZYZ5iOJtCiCU7uHOeP3x3gdE+uvi40AnZtGkiQ:jVtx+dWx0TA8OarHjP3xaEJvuwGkisi6

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\23f8fc1e15e5448a31f2a12a4616c146_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3732
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa184e46f8,0x7ffa184e4708,0x7ffa184e4718
      2⤵
        PID:1804
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,495735568874913444,5584893931762063905,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
        2⤵
          PID:3004
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,495735568874913444,5584893931762063905,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2128
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,495735568874913444,5584893931762063905,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2836 /prefetch:8
          2⤵
            PID:2104
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,495735568874913444,5584893931762063905,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1
            2⤵
              PID:2964
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,495735568874913444,5584893931762063905,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
              2⤵
                PID:4832
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,495735568874913444,5584893931762063905,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5160 /prefetch:8
                2⤵
                  PID:4492
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,495735568874913444,5584893931762063905,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5160 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:2764
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,495735568874913444,5584893931762063905,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5248 /prefetch:1
                  2⤵
                    PID:2676
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,495735568874913444,5584893931762063905,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5272 /prefetch:1
                    2⤵
                      PID:1488
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,495735568874913444,5584893931762063905,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
                      2⤵
                        PID:3636
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,495735568874913444,5584893931762063905,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5696 /prefetch:1
                        2⤵
                          PID:3260
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,495735568874913444,5584893931762063905,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4768 /prefetch:2
                          2⤵
                          • Suspicious behavior: EnumeratesProcesses
                          PID:3188
                      • C:\Windows\System32\CompPkgSrv.exe
                        C:\Windows\System32\CompPkgSrv.exe -Embedding
                        1⤵
                          PID:4516
                        • C:\Windows\System32\CompPkgSrv.exe
                          C:\Windows\System32\CompPkgSrv.exe -Embedding
                          1⤵
                            PID:688

                          Network

                          • flag-us
                            DNS
                            209.205.72.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            209.205.72.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            s.w.org
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            s.w.org
                            IN A
                            Response
                            s.w.org
                            IN A
                            192.0.77.48
                          • flag-us
                            DNS
                            cls.balantfromsun.com
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            cls.balantfromsun.com
                            IN A
                            Response
                            cls.balantfromsun.com
                            IN A
                            75.2.115.196
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/css/dist/block-library/style_min_css&ver=5.2.2
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-includes/css/dist/block-library/style_min_css&ver=5.2.2 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: text/css,*/*;q=0.1
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/contact-form-7/includes/css/styles_css&ver=5.1.3
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/contact-form-7/includes/css/styles_css&ver=5.1.3 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: text/css,*/*;q=0.1
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/css/components_css&ver=1.0
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/css/components_css&ver=1.0 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: text/css,*/*;q=0.1
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/css/animations_css&ver=1.0
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/css/animations_css&ver=1.0 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: text/css,*/*;q=0.1
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/style_css&ver=1.0
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/style_css&ver=1.0 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: text/css,*/*;q=0.1
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/bootstrap/css/bootstrap_css&ver=1.0
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/bootstrap/css/bootstrap_css&ver=1.0 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: text/css,*/*;q=0.1
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/iconsmind/line-icons_min_css&ver=1.0
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/iconsmind/line-icons_min_css&ver=1.0 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: text/css,*/*;q=0.1
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/jquery/jquery_js&ver=1.12.4-wp
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-includes/js/jquery/jquery_js&ver=1.12.4-wp HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/css/settings_css&ver=5.4.6.4
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/css/settings_css&ver=5.4.6.4 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: text/css,*/*;q=0.1
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/themes/techline/skin_css&ver=1.0
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/themes/techline/skin_css&ver=1.0 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: text/css,*/*;q=0.1
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 200 OK
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html; charset=UTF-8
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            X-Buckets: bucket102
                            X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_FX/BduOOCNdH1jczS9IlRGIzwXb1dNrmqnsB5x5psSH9yKFWCh2jw3BQsW5kWZP98HE+Xhyy26gOk7cAxqN6ug==
                            X-Template: tpl_CleanPeppermintBlack_twoclick
                            X-Language: english
                            Accept-CH: viewport-width
                            Accept-CH: dpr
                            Accept-CH: device-memory
                            Accept-CH: rtt
                            Accept-CH: downlink
                            Accept-CH: ect
                            Accept-CH: ua
                            Accept-CH: ua-full-version
                            Accept-CH: ua-platform
                            Accept-CH: ua-platform-version
                            Accept-CH: ua-arch
                            Accept-CH: ua-model
                            Accept-CH: ua-mobile
                            Accept-CH-Lifetime: 30
                            X-Domain: balantfromsun.com
                            X-Subdomain: cls
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/jquery/jquery-migrate_min_js&ver=1.4.1
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-includes/js/jquery/jquery-migrate_min_js&ver=1.4.1 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/js/jquery_themepunch_tools_min_js&ver=5.4.6.4
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/js/jquery_themepunch_tools_min_js&ver=5.4.6.4 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/js/jquery_themepunch_revolution_min_js&ver=5.4.6.4
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/js/jquery_themepunch_revolution_min_js&ver=5.4.6.4 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/jquery/jquery-migrate_min_js&ver=1.4.1
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-includes/js/jquery/jquery-migrate_min_js&ver=1.4.1 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/3cx-live-chat-talk/includes/js/callus_js&ver=1.4.0
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/3cx-live-chat-talk/includes/js/callus_js&ver=1.4.0 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/contact-form-7/includes/js/scripts_js&ver=5.1.3
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/contact-form-7/includes/js/scripts_js&ver=5.1.3 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/js/jquery_themepunch_tools_min_js&ver=5.4.6.4
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/js/jquery_themepunch_tools_min_js&ver=5.4.6.4 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            DNS
                            74.204.58.216.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            74.204.58.216.in-addr.arpa
                            IN PTR
                            Response
                            74.204.58.216.in-addr.arpa
                            IN PTR
                            lhr48s49-in-f101e100net
                            74.204.58.216.in-addr.arpa
                            IN PTR
                            lhr25s13-in-f74�H
                            74.204.58.216.in-addr.arpa
                            IN PTR
                            lhr25s13-in-f10�H
                          • flag-us
                            DNS
                            196.115.2.75.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            196.115.2.75.in-addr.arpa
                            IN PTR
                            Response
                            196.115.2.75.in-addr.arpa
                            IN PTR
                            a815a0b269b119624awsglobalacceleratorcom
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/js/jquery_themepunch_revolution_min_js&ver=5.4.6.4
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/js/jquery_themepunch_revolution_min_js&ver=5.4.6.4 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/script_js&ver=1.0
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/script_js&ver=1.0 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/bootstrap/js/bootstrap_min_js&ver=1.0
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/bootstrap/js/bootstrap_min_js&ver=1.0 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/imagesloaded_min_js&ver=3.2.0
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-includes/js/imagesloaded_min_js&ver=3.2.0 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/wp-emoji-release.min.js?ver=5.2.2
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-includes/js/wp-emoji-release.min.js?ver=5.2.2 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/wp-embed_min_js&ver=5.2.2
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-includes/js/wp-embed_min_js&ver=5.2.2 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/custom/custom_js&ver=1.0
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/custom/custom_js&ver=1.0 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:11 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            DNS
                            www.atg.com.do
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            www.atg.com.do
                            IN A
                            Response
                            www.atg.com.do
                            IN A
                            172.67.189.47
                            www.atg.com.do
                            IN A
                            104.21.9.80
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/3cx-live-chat-talk/includes/js/callus_js&ver=1.4.0
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/3cx-live-chat-talk/includes/js/callus_js&ver=1.4.0 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:12 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/contact-form-7/includes/js/scripts_js&ver=5.1.3
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/contact-form-7/includes/js/scripts_js&ver=5.1.3 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:12 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            https://www.atg.com.do/2/wp-content/uploads/2016/12/logo-atg.png
                            msedge.exe
                            Remote address:
                            172.67.189.47:443
                            Request
                            GET /2/wp-content/uploads/2016/12/logo-atg.png HTTP/2.0
                            host: www.atg.com.do
                            sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                            dnt: 1
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: image
                            accept-encoding: gzip, deflate, br
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 404
                            date: Wed, 08 May 2024 08:18:12 GMT
                            content-type: text/html; charset=iso-8859-1
                            cache-control: max-age=14400
                            cf-cache-status: MISS
                            report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8fyVLrFo7z5tPxg8iogbB5ZkgArV57Ts%2FGtwAx6JmOnvXY5NGA5vQqDcw8UkXyJGQbTMw7Ve6xiM3pt8jTygOSW%2FbhZJ%2B5L4JWucL5Ae14FErubQbbBOoLJl5dg3l7nuGg%3D%3D"}],"group":"cf-nel","max_age":604800}
                            nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            vary: Accept-Encoding
                            server: cloudflare
                            cf-ray: 8808048afed2949b-LHR
                            content-encoding: br
                            alt-svc: h3=":443"; ma=86400
                          • flag-us
                            GET
                            https://www.atg.com.do/wp-content/uploads/2016/12/logo-atg-min.png
                            msedge.exe
                            Remote address:
                            172.67.189.47:443
                            Request
                            GET /wp-content/uploads/2016/12/logo-atg-min.png HTTP/2.0
                            host: www.atg.com.do
                            sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                            dnt: 1
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: image
                            accept-encoding: gzip, deflate, br
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 404
                            date: Wed, 08 May 2024 08:18:12 GMT
                            content-type: text/html; charset=iso-8859-1
                            cache-control: max-age=14400
                            cf-cache-status: MISS
                            report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1AlTXw5BikRghmy8oCilTB0ppHB7XHeRcmboe04HPVrGSGYzOiJyOzjSzjFEnEinYj8aFWu4ubZ8qNp1jP3n4hd4axF5ZMM4RPG1GM8b%2FQ4yLUO6DMt0MmrpFn7kz6Xxnw%3D%3D"}],"group":"cf-nel","max_age":604800}
                            nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            vary: Accept-Encoding
                            server: cloudflare
                            cf-ray: 8808048afed6949b-LHR
                            content-encoding: br
                            alt-svc: h3=":443"; ma=86400
                          • flag-us
                            GET
                            https://www.atg.com.do/wp-content/uploads/2016/12/logo-atg-black.jpg
                            msedge.exe
                            Remote address:
                            172.67.189.47:443
                            Request
                            GET /wp-content/uploads/2016/12/logo-atg-black.jpg HTTP/2.0
                            host: www.atg.com.do
                            sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                            dnt: 1
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: image
                            accept-encoding: gzip, deflate, br
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 404
                            date: Wed, 08 May 2024 08:18:12 GMT
                            content-type: text/html; charset=iso-8859-1
                            cache-control: max-age=14400
                            cf-cache-status: MISS
                            report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=giwAQ81s%2FGf2ENL%2Bh8%2Fcpv9F5WHE3AKlQLhh5NEwwomAgPXzsPDfiuy8K78QwJ9QUhJdV2FIdqVzpiMeaQVrEH9EIQV3BMr1hLIJqW7PeHY7bKZ7ZHIEWtMUXQcJuIbNyA%3D%3D"}],"group":"cf-nel","max_age":604800}
                            nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            vary: Accept-Encoding
                            server: cloudflare
                            cf-ray: 8808048afed4949b-LHR
                            content-encoding: br
                            alt-svc: h3=":443"; ma=86400
                          • flag-us
                            DNS
                            apps.identrust.com
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            apps.identrust.com
                            IN A
                            Response
                            apps.identrust.com
                            IN CNAME
                            identrust.edgesuite.net
                            identrust.edgesuite.net
                            IN CNAME
                            a1952.dscq.akamai.net
                            a1952.dscq.akamai.net
                            IN A
                            2.18.190.81
                            a1952.dscq.akamai.net
                            IN A
                            2.18.190.80
                          • flag-us
                            GET
                            http://apps.identrust.com/roots/dstrootcax3.p7c
                            msedge.exe
                            Remote address:
                            2.18.190.81:80
                            Request
                            GET /roots/dstrootcax3.p7c HTTP/1.1
                            Connection: Keep-Alive
                            Accept: */*
                            User-Agent: Microsoft-CryptoAPI/10.0
                            Host: apps.identrust.com
                            Response
                            HTTP/1.1 200 OK
                            X-XSS-Protection: 1; mode=block
                            X-Frame-Options: SAMEORIGIN
                            X-Content-Type-Options: nosniff
                            X-Robots-Tag: noindex
                            Referrer-Policy: same-origin
                            Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT
                            ETag: "37d-5f433188daa00"
                            Accept-Ranges: bytes
                            Content-Length: 893
                            X-Content-Type-Options: nosniff
                            X-Frame-Options: sameorigin
                            Content-Type: application/pkcs7-mime
                            Cache-Control: max-age=3600
                            Expires: Wed, 08 May 2024 09:18:12 GMT
                            Date: Wed, 08 May 2024 08:18:12 GMT
                            Connection: keep-alive
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/script_js&ver=1.0
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/script_js&ver=1.0 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:12 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/bootstrap/js/bootstrap_min_js&ver=1.0
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/bootstrap/js/bootstrap_min_js&ver=1.0 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:12 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            DNS
                            a.nel.cloudflare.com
                            msedge.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            a.nel.cloudflare.com
                            IN A
                            Response
                            a.nel.cloudflare.com
                            IN A
                            35.190.80.1
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/imagesloaded_min_js&ver=3.2.0
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-includes/js/imagesloaded_min_js&ver=3.2.0 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:12 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            DNS
                            227.212.58.216.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            227.212.58.216.in-addr.arpa
                            IN PTR
                            Response
                            227.212.58.216.in-addr.arpa
                            IN PTR
                            ams16s22-in-f2271e100net
                            227.212.58.216.in-addr.arpa
                            IN PTR
                            ams16s22-in-f3�J
                            227.212.58.216.in-addr.arpa
                            IN PTR
                            lhr25s28-in-f3�J
                          • flag-us
                            DNS
                            75.159.190.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            75.159.190.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            75.159.190.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            75.159.190.20.in-addr.arpa
                            IN PTR
                          • flag-us
                            DNS
                            47.189.67.172.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            47.189.67.172.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            81.190.18.2.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            81.190.18.2.in-addr.arpa
                            IN PTR
                            Response
                            81.190.18.2.in-addr.arpa
                            IN PTR
                            a2-18-190-81deploystaticakamaitechnologiescom
                          • flag-us
                            DNS
                            81.190.18.2.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            81.190.18.2.in-addr.arpa
                            IN PTR
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/custom/custom_js&ver=1.0
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/custom/custom_js&ver=1.0 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:12 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            OPTIONS
                            https://a.nel.cloudflare.com/report/v4?s=1AlTXw5BikRghmy8oCilTB0ppHB7XHeRcmboe04HPVrGSGYzOiJyOzjSzjFEnEinYj8aFWu4ubZ8qNp1jP3n4hd4axF5ZMM4RPG1GM8b%2FQ4yLUO6DMt0MmrpFn7kz6Xxnw%3D%3D
                            msedge.exe
                            Remote address:
                            35.190.80.1:443
                            Request
                            OPTIONS /report/v4?s=1AlTXw5BikRghmy8oCilTB0ppHB7XHeRcmboe04HPVrGSGYzOiJyOzjSzjFEnEinYj8aFWu4ubZ8qNp1jP3n4hd4axF5ZMM4RPG1GM8b%2FQ4yLUO6DMt0MmrpFn7kz6Xxnw%3D%3D HTTP/2.0
                            host: a.nel.cloudflare.com
                            origin: https://www.atg.com.do
                            access-control-request-method: POST
                            access-control-request-headers: content-type
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            accept-encoding: gzip, deflate, br
                            accept-language: en-US,en;q=0.9
                          • flag-us
                            POST
                            https://a.nel.cloudflare.com/report/v4?s=1AlTXw5BikRghmy8oCilTB0ppHB7XHeRcmboe04HPVrGSGYzOiJyOzjSzjFEnEinYj8aFWu4ubZ8qNp1jP3n4hd4axF5ZMM4RPG1GM8b%2FQ4yLUO6DMt0MmrpFn7kz6Xxnw%3D%3D
                            msedge.exe
                            Remote address:
                            35.190.80.1:443
                            Request
                            POST /report/v4?s=1AlTXw5BikRghmy8oCilTB0ppHB7XHeRcmboe04HPVrGSGYzOiJyOzjSzjFEnEinYj8aFWu4ubZ8qNp1jP3n4hd4axF5ZMM4RPG1GM8b%2FQ4yLUO6DMt0MmrpFn7kz6Xxnw%3D%3D HTTP/2.0
                            host: a.nel.cloudflare.com
                            content-length: 439
                            content-type: application/reports+json
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            accept-encoding: gzip, deflate, br
                            accept-language: en-US,en;q=0.9
                          • flag-us
                            GET
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/wp-embed_min_js&ver=5.2.2
                            msedge.exe
                            Remote address:
                            75.2.115.196:80
                            Request
                            GET /ddb/rend.js?l=1&/wp-includes/js/wp-embed_min_js&ver=5.2.2 HTTP/1.1
                            Host: cls.balantfromsun.com
                            Connection: keep-alive
                            User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                            DNT: 1
                            Accept: */*
                            Accept-Encoding: gzip, deflate
                            Accept-Language: en-US,en;q=0.9
                            Response
                            HTTP/1.1 403 Forbidden
                            Date: Wed, 08 May 2024 08:18:12 GMT
                            Content-Type: text/html
                            Transfer-Encoding: chunked
                            Connection: keep-alive
                            Server: nginx
                            Vary: Accept-Encoding
                            Content-Encoding: gzip
                          • flag-us
                            DNS
                            g.bing.com
                            Remote address:
                            8.8.8.8:53
                            Request
                            g.bing.com
                            IN A
                            Response
                            g.bing.com
                            IN CNAME
                            g-bing-com.dual-a-0034.a-msedge.net
                            g-bing-com.dual-a-0034.a-msedge.net
                            IN CNAME
                            dual-a-0034.a-msedge.net
                            dual-a-0034.a-msedge.net
                            IN A
                            204.79.197.237
                            dual-a-0034.a-msedge.net
                            IN A
                            13.107.21.237
                          • flag-us
                            GET
                            https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=72d11eb8cf3d4af1a97bfdaf999e2afd&localId=w:D3F44B69-51EC-77F5-ABEE-EFD974F351D8&deviceId=6755467847604707&anid=
                            Remote address:
                            204.79.197.237:443
                            Request
                            GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=72d11eb8cf3d4af1a97bfdaf999e2afd&localId=w:D3F44B69-51EC-77F5-ABEE-EFD974F351D8&deviceId=6755467847604707&anid= HTTP/2.0
                            host: g.bing.com
                            accept-encoding: gzip, deflate
                            user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                            Response
                            HTTP/2.0 204
                            cache-control: no-cache, must-revalidate
                            pragma: no-cache
                            expires: Fri, 01 Jan 1990 00:00:00 GMT
                            set-cookie: MUID=11897A27DABC60D22BD86E5EDB5C612F; domain=.bing.com; expires=Mon, 02-Jun-2025 08:18:13 GMT; path=/; SameSite=None; Secure; Priority=High;
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            access-control-allow-origin: *
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: D7891F5FCD3B4E4696FD447E121E7D47 Ref B: LON04EDGE1208 Ref C: 2024-05-08T08:18:13Z
                            date: Wed, 08 May 2024 08:18:13 GMT
                          • flag-us
                            GET
                            https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=72d11eb8cf3d4af1a97bfdaf999e2afd&localId=w:D3F44B69-51EC-77F5-ABEE-EFD974F351D8&deviceId=6755467847604707&anid=
                            Remote address:
                            204.79.197.237:443
                            Request
                            GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=72d11eb8cf3d4af1a97bfdaf999e2afd&localId=w:D3F44B69-51EC-77F5-ABEE-EFD974F351D8&deviceId=6755467847604707&anid= HTTP/2.0
                            host: g.bing.com
                            accept-encoding: gzip, deflate
                            user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                            cookie: MUID=11897A27DABC60D22BD86E5EDB5C612F
                            Response
                            HTTP/2.0 204
                            cache-control: no-cache, must-revalidate
                            pragma: no-cache
                            expires: Fri, 01 Jan 1990 00:00:00 GMT
                            set-cookie: MSPTC=pEQDRFoz72bIBiRFY57pmsGOKHO7gbxAkrrKqvQHwhk; domain=.bing.com; expires=Mon, 02-Jun-2025 08:18:13 GMT; path=/; Partitioned; secure; SameSite=None
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            access-control-allow-origin: *
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: BB7C031A612D4EEBA54C326B5F4CFDDB Ref B: LON04EDGE1208 Ref C: 2024-05-08T08:18:13Z
                            date: Wed, 08 May 2024 08:18:13 GMT
                          • flag-us
                            GET
                            https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=72d11eb8cf3d4af1a97bfdaf999e2afd&localId=w:D3F44B69-51EC-77F5-ABEE-EFD974F351D8&deviceId=6755467847604707&anid=
                            Remote address:
                            204.79.197.237:443
                            Request
                            GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=72d11eb8cf3d4af1a97bfdaf999e2afd&localId=w:D3F44B69-51EC-77F5-ABEE-EFD974F351D8&deviceId=6755467847604707&anid= HTTP/2.0
                            host: g.bing.com
                            accept-encoding: gzip, deflate
                            user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                            cookie: MUID=11897A27DABC60D22BD86E5EDB5C612F; MSPTC=pEQDRFoz72bIBiRFY57pmsGOKHO7gbxAkrrKqvQHwhk
                            Response
                            HTTP/2.0 204
                            cache-control: no-cache, must-revalidate
                            pragma: no-cache
                            expires: Fri, 01 Jan 1990 00:00:00 GMT
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            access-control-allow-origin: *
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: B246160E44734E22AE32E677001E82CF Ref B: LON04EDGE1208 Ref C: 2024-05-08T08:18:13Z
                            date: Wed, 08 May 2024 08:18:13 GMT
                          • flag-us
                            DNS
                            1.80.190.35.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            1.80.190.35.in-addr.arpa
                            IN PTR
                            Response
                            1.80.190.35.in-addr.arpa
                            IN PTR
                            18019035bcgoogleusercontentcom
                          • flag-us
                            DNS
                            237.197.79.204.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            237.197.79.204.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            104.219.191.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            104.219.191.52.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            157.123.68.40.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            157.123.68.40.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            198.187.3.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            198.187.3.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            142.53.16.96.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            142.53.16.96.in-addr.arpa
                            IN PTR
                            Response
                            142.53.16.96.in-addr.arpa
                            IN PTR
                            a96-16-53-142deploystaticakamaitechnologiescom
                          • flag-us
                            DNS
                            79.190.18.2.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            79.190.18.2.in-addr.arpa
                            IN PTR
                            Response
                            79.190.18.2.in-addr.arpa
                            IN PTR
                            a2-18-190-79deploystaticakamaitechnologiescom
                          • flag-us
                            DNS
                            14.251.17.2.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            14.251.17.2.in-addr.arpa
                            IN PTR
                            Response
                            14.251.17.2.in-addr.arpa
                            IN PTR
                            a2-17-251-14deploystaticakamaitechnologiescom
                          • flag-us
                            DNS
                            11.227.111.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            11.227.111.52.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            tse1.mm.bing.net
                            Remote address:
                            8.8.8.8:53
                            Request
                            tse1.mm.bing.net
                            IN A
                            Response
                            tse1.mm.bing.net
                            IN CNAME
                            mm-mm.bing.net.trafficmanager.net
                            mm-mm.bing.net.trafficmanager.net
                            IN CNAME
                            dual-a-0001.a-msedge.net
                            dual-a-0001.a-msedge.net
                            IN A
                            204.79.197.200
                            dual-a-0001.a-msedge.net
                            IN A
                            13.107.21.200
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239351692210_1AKNUXTAY2T0XUMCR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                            Remote address:
                            204.79.197.200:443
                            Request
                            GET /th?id=OADD2.10239351692210_1AKNUXTAY2T0XUMCR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 449656
                            content-type: image/jpeg
                            x-cache: TCP_HIT
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 9677AD2BA4574F19B91A25D218E31EC8 Ref B: LON04EDGE1216 Ref C: 2024-05-08T08:19:52Z
                            date: Wed, 08 May 2024 08:19:51 GMT
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239351692215_1UJ4FAL91XLA7HB15&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                            Remote address:
                            204.79.197.200:443
                            Request
                            GET /th?id=OADD2.10239351692215_1UJ4FAL91XLA7HB15&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 468637
                            content-type: image/jpeg
                            x-cache: TCP_HIT
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}&ndcParam=QUZE
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: FD4F260DB1B24AD988C9A16B61981851 Ref B: LON04EDGE1216 Ref C: 2024-05-08T08:19:52Z
                            date: Wed, 08 May 2024 08:19:51 GMT
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/css/dist/block-library/style_min_css&ver=5.2.2
                            http
                            msedge.exe
                            720 B
                            639 B
                            7
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/css/dist/block-library/style_min_css&ver=5.2.2

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/contact-form-7/includes/css/styles_css&ver=5.1.3
                            http
                            msedge.exe
                            729 B
                            639 B
                            7
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/contact-form-7/includes/css/styles_css&ver=5.1.3

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/css/components_css&ver=1.0
                            http
                            msedge.exe
                            723 B
                            639 B
                            7
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/css/components_css&ver=1.0

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/css/animations_css&ver=1.0
                            http
                            msedge.exe
                            625 B
                            554 B
                            5
                            4

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/css/animations_css&ver=1.0

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/style_css&ver=1.0
                            http
                            msedge.exe
                            616 B
                            554 B
                            5
                            4

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/style_css&ver=1.0

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/bootstrap/css/bootstrap_css&ver=1.0
                            http
                            msedge.exe
                            786 B
                            639 B
                            8
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/bootstrap/css/bootstrap_css&ver=1.0

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/iconsmind/line-icons_min_css&ver=1.0
                            http
                            msedge.exe
                            741 B
                            639 B
                            7
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/iconsmind/line-icons_min_css&ver=1.0

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/jquery/jquery_js&ver=1.12.4-wp
                            http
                            msedge.exe
                            692 B
                            639 B
                            7
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/jquery/jquery_js&ver=1.12.4-wp

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/css/settings_css&ver=5.4.6.4
                            http
                            msedge.exe
                            733 B
                            639 B
                            7
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/css/settings_css&ver=5.4.6.4

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/themes/techline/skin_css&ver=1.0
                            http
                            msedge.exe
                            843 B
                            8.1kB
                            10
                            10

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/themes/techline/skin_css&ver=1.0

                            HTTP Response

                            200
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/jquery/jquery-migrate_min_js&ver=1.4.1
                            http
                            msedge.exe
                            602 B
                            554 B
                            5
                            4

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/jquery/jquery-migrate_min_js&ver=1.4.1

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/js/jquery_themepunch_tools_min_js&ver=5.4.6.4
                            http
                            msedge.exe
                            775 B
                            639 B
                            8
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/js/jquery_themepunch_tools_min_js&ver=5.4.6.4

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/js/jquery_themepunch_revolution_min_js&ver=5.4.6.4
                            http
                            msedge.exe
                            740 B
                            639 B
                            7
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/js/jquery_themepunch_revolution_min_js&ver=5.4.6.4

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/jquery/jquery-migrate_min_js&ver=1.4.1
                            http
                            msedge.exe
                            700 B
                            639 B
                            7
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/jquery/jquery-migrate_min_js&ver=1.4.1

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/3cx-live-chat-talk/includes/js/callus_js&ver=1.4.0
                            http
                            msedge.exe
                            618 B
                            554 B
                            5
                            4

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/3cx-live-chat-talk/includes/js/callus_js&ver=1.4.0

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/contact-form-7/includes/js/scripts_js&ver=5.1.3
                            http
                            msedge.exe
                            753 B
                            639 B
                            8
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/contact-form-7/includes/js/scripts_js&ver=5.1.3

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/js/jquery_themepunch_tools_min_js&ver=5.4.6.4
                            http
                            msedge.exe
                            735 B
                            639 B
                            7
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/js/jquery_themepunch_tools_min_js&ver=5.4.6.4

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/js/jquery_themepunch_revolution_min_js&ver=5.4.6.4
                            http
                            msedge.exe
                            780 B
                            639 B
                            8
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/revslider/public/assets/js/jquery_themepunch_revolution_min_js&ver=5.4.6.4

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/script_js&ver=1.0
                            http
                            msedge.exe
                            707 B
                            639 B
                            7
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/script_js&ver=1.0

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/bootstrap/js/bootstrap_min_js&ver=1.0
                            http
                            msedge.exe
                            629 B
                            554 B
                            5
                            4

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/bootstrap/js/bootstrap_min_js&ver=1.0

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/imagesloaded_min_js&ver=3.2.0
                            http
                            msedge.exe
                            691 B
                            639 B
                            7
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/imagesloaded_min_js&ver=3.2.0

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/wp-emoji-release.min.js?ver=5.2.2
                            http
                            msedge.exe
                            597 B
                            554 B
                            5
                            4

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/wp-emoji-release.min.js?ver=5.2.2

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/wp-embed_min_js&ver=5.2.2
                            http
                            msedge.exe
                            687 B
                            639 B
                            7
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/wp-embed_min_js&ver=5.2.2

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/custom/custom_js&ver=1.0
                            http
                            msedge.exe
                            706 B
                            639 B
                            7
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/custom/custom_js&ver=1.0

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/3cx-live-chat-talk/includes/js/callus_js&ver=1.4.0
                            http
                            msedge.exe
                            618 B
                            554 B
                            5
                            4

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/3cx-live-chat-talk/includes/js/callus_js&ver=1.4.0

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/contact-form-7/includes/js/scripts_js&ver=5.1.3
                            http
                            msedge.exe
                            753 B
                            639 B
                            8
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/contact-form-7/includes/js/scripts_js&ver=5.1.3

                            HTTP Response

                            403
                          • 172.67.189.47:443
                            https://www.atg.com.do/wp-content/uploads/2016/12/logo-atg-black.jpg
                            tls, http2
                            msedge.exe
                            3.0kB
                            7.0kB
                            18
                            18

                            HTTP Request

                            GET https://www.atg.com.do/2/wp-content/uploads/2016/12/logo-atg.png

                            HTTP Request

                            GET https://www.atg.com.do/wp-content/uploads/2016/12/logo-atg-min.png

                            HTTP Request

                            GET https://www.atg.com.do/wp-content/uploads/2016/12/logo-atg-black.jpg

                            HTTP Response

                            404

                            HTTP Response

                            404

                            HTTP Response

                            404
                          • 172.67.189.47:443
                            www.atg.com.do
                            tls
                            msedge.exe
                            2.0kB
                            4.2kB
                            10
                            7
                          • 172.67.189.47:443
                            www.atg.com.do
                            tls, http2
                            msedge.exe
                            2.0kB
                            4.7kB
                            10
                            7
                          • 2.18.190.81:80
                            http://apps.identrust.com/roots/dstrootcax3.p7c
                            http
                            msedge.exe
                            468 B
                            1.7kB
                            7
                            6

                            HTTP Request

                            GET http://apps.identrust.com/roots/dstrootcax3.p7c

                            HTTP Response

                            200
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/script_js&ver=1.0
                            http
                            msedge.exe
                            701 B
                            599 B
                            7
                            5

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/script_js&ver=1.0

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/bootstrap/js/bootstrap_min_js&ver=1.0
                            http
                            msedge.exe
                            727 B
                            639 B
                            7
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/scripts/bootstrap/js/bootstrap_min_js&ver=1.0

                            HTTP Response

                            403
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/imagesloaded_min_js&ver=3.2.0
                            http
                            msedge.exe
                            691 B
                            639 B
                            7
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/imagesloaded_min_js&ver=3.2.0

                            HTTP Response

                            403
                          • 35.190.80.1:443
                            a.nel.cloudflare.com
                            tls, http2
                            msedge.exe
                            1.0kB
                            1.1kB
                            8
                            6
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/custom/custom_js&ver=1.0
                            http
                            msedge.exe
                            608 B
                            554 B
                            5
                            4

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-content/plugins/hybrid-composer/custom/custom_js&ver=1.0

                            HTTP Response

                            403
                          • 35.190.80.1:443
                            https://a.nel.cloudflare.com/report/v4?s=1AlTXw5BikRghmy8oCilTB0ppHB7XHeRcmboe04HPVrGSGYzOiJyOzjSzjFEnEinYj8aFWu4ubZ8qNp1jP3n4hd4axF5ZMM4RPG1GM8b%2FQ4yLUO6DMt0MmrpFn7kz6Xxnw%3D%3D
                            tls, http2
                            msedge.exe
                            2.7kB
                            4.9kB
                            18
                            20

                            HTTP Request

                            OPTIONS https://a.nel.cloudflare.com/report/v4?s=1AlTXw5BikRghmy8oCilTB0ppHB7XHeRcmboe04HPVrGSGYzOiJyOzjSzjFEnEinYj8aFWu4ubZ8qNp1jP3n4hd4axF5ZMM4RPG1GM8b%2FQ4yLUO6DMt0MmrpFn7kz6Xxnw%3D%3D

                            HTTP Request

                            POST https://a.nel.cloudflare.com/report/v4?s=1AlTXw5BikRghmy8oCilTB0ppHB7XHeRcmboe04HPVrGSGYzOiJyOzjSzjFEnEinYj8aFWu4ubZ8qNp1jP3n4hd4axF5ZMM4RPG1GM8b%2FQ4yLUO6DMt0MmrpFn7kz6Xxnw%3D%3D
                          • 75.2.115.196:80
                            http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/wp-embed_min_js&ver=5.2.2
                            http
                            msedge.exe
                            687 B
                            639 B
                            7
                            6

                            HTTP Request

                            GET http://cls.balantfromsun.com/ddb/rend.js?l=1&/wp-includes/js/wp-embed_min_js&ver=5.2.2

                            HTTP Response

                            403
                          • 75.2.115.196:443
                            cls.balantfromsun.com
                            msedge.exe
                            260 B
                            5
                          • 75.2.115.196:443
                            cls.balantfromsun.com
                            msedge.exe
                            260 B
                            5
                          • 204.79.197.237:443
                            https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=72d11eb8cf3d4af1a97bfdaf999e2afd&localId=w:D3F44B69-51EC-77F5-ABEE-EFD974F351D8&deviceId=6755467847604707&anid=
                            tls, http2
                            2.0kB
                            9.2kB
                            22
                            18

                            HTTP Request

                            GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=72d11eb8cf3d4af1a97bfdaf999e2afd&localId=w:D3F44B69-51EC-77F5-ABEE-EFD974F351D8&deviceId=6755467847604707&anid=

                            HTTP Response

                            204

                            HTTP Request

                            GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=72d11eb8cf3d4af1a97bfdaf999e2afd&localId=w:D3F44B69-51EC-77F5-ABEE-EFD974F351D8&deviceId=6755467847604707&anid=

                            HTTP Response

                            204

                            HTTP Request

                            GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=72d11eb8cf3d4af1a97bfdaf999e2afd&localId=w:D3F44B69-51EC-77F5-ABEE-EFD974F351D8&deviceId=6755467847604707&anid=

                            HTTP Response

                            204
                          • 75.2.115.196:443
                            cls.balantfromsun.com
                            msedge.exe
                            260 B
                            5
                          • 204.79.197.200:443
                            tse1.mm.bing.net
                            tls, http2
                            1.2kB
                            8.1kB
                            16
                            14
                          • 204.79.197.200:443
                            https://tse1.mm.bing.net/th?id=OADD2.10239351692215_1UJ4FAL91XLA7HB15&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                            tls, http2
                            33.0kB
                            957.7kB
                            699
                            697

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239351692210_1AKNUXTAY2T0XUMCR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239351692215_1UJ4FAL91XLA7HB15&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                            HTTP Response

                            200

                            HTTP Response

                            200
                          • 8.8.8.8:53
                            209.205.72.20.in-addr.arpa
                            dns
                            72 B
                            158 B
                            1
                            1

                            DNS Request

                            209.205.72.20.in-addr.arpa

                          • 8.8.8.8:53
                            s.w.org
                            dns
                            msedge.exe
                            53 B
                            69 B
                            1
                            1

                            DNS Request

                            s.w.org

                            DNS Response

                            192.0.77.48

                          • 8.8.8.8:53
                            cls.balantfromsun.com
                            dns
                            msedge.exe
                            67 B
                            83 B
                            1
                            1

                            DNS Request

                            cls.balantfromsun.com

                            DNS Response

                            75.2.115.196

                          • 8.8.8.8:53
                            74.204.58.216.in-addr.arpa
                            dns
                            72 B
                            171 B
                            1
                            1

                            DNS Request

                            74.204.58.216.in-addr.arpa

                          • 8.8.8.8:53
                            196.115.2.75.in-addr.arpa
                            dns
                            71 B
                            127 B
                            1
                            1

                            DNS Request

                            196.115.2.75.in-addr.arpa

                          • 8.8.8.8:53
                            www.atg.com.do
                            dns
                            msedge.exe
                            60 B
                            92 B
                            1
                            1

                            DNS Request

                            www.atg.com.do

                            DNS Response

                            172.67.189.47
                            104.21.9.80

                          • 8.8.8.8:53
                            apps.identrust.com
                            dns
                            msedge.exe
                            64 B
                            165 B
                            1
                            1

                            DNS Request

                            apps.identrust.com

                            DNS Response

                            2.18.190.81
                            2.18.190.80

                          • 8.8.8.8:53
                            a.nel.cloudflare.com
                            dns
                            msedge.exe
                            66 B
                            82 B
                            1
                            1

                            DNS Request

                            a.nel.cloudflare.com

                            DNS Response

                            35.190.80.1

                          • 8.8.8.8:53
                            227.212.58.216.in-addr.arpa
                            dns
                            73 B
                            171 B
                            1
                            1

                            DNS Request

                            227.212.58.216.in-addr.arpa

                          • 8.8.8.8:53
                            75.159.190.20.in-addr.arpa
                            dns
                            144 B
                            158 B
                            2
                            1

                            DNS Request

                            75.159.190.20.in-addr.arpa

                            DNS Request

                            75.159.190.20.in-addr.arpa

                          • 8.8.8.8:53
                            47.189.67.172.in-addr.arpa
                            dns
                            72 B
                            134 B
                            1
                            1

                            DNS Request

                            47.189.67.172.in-addr.arpa

                          • 8.8.8.8:53
                            81.190.18.2.in-addr.arpa
                            dns
                            140 B
                            133 B
                            2
                            1

                            DNS Request

                            81.190.18.2.in-addr.arpa

                            DNS Request

                            81.190.18.2.in-addr.arpa

                          • 35.190.80.1:443
                            a.nel.cloudflare.com
                            https
                            msedge.exe
                            3.1kB
                            3.9kB
                            5
                            6
                          • 8.8.8.8:53
                            g.bing.com
                            dns
                            56 B
                            151 B
                            1
                            1

                            DNS Request

                            g.bing.com

                            DNS Response

                            204.79.197.237
                            13.107.21.237

                          • 8.8.8.8:53
                            1.80.190.35.in-addr.arpa
                            dns
                            70 B
                            120 B
                            1
                            1

                            DNS Request

                            1.80.190.35.in-addr.arpa

                          • 8.8.8.8:53
                            237.197.79.204.in-addr.arpa
                            dns
                            73 B
                            143 B
                            1
                            1

                            DNS Request

                            237.197.79.204.in-addr.arpa

                          • 224.0.0.251:5353
                            448 B
                            7
                          • 8.8.8.8:53
                            104.219.191.52.in-addr.arpa
                            dns
                            73 B
                            147 B
                            1
                            1

                            DNS Request

                            104.219.191.52.in-addr.arpa

                          • 8.8.8.8:53
                            157.123.68.40.in-addr.arpa
                            dns
                            72 B
                            146 B
                            1
                            1

                            DNS Request

                            157.123.68.40.in-addr.arpa

                          • 8.8.8.8:53
                            198.187.3.20.in-addr.arpa
                            dns
                            71 B
                            157 B
                            1
                            1

                            DNS Request

                            198.187.3.20.in-addr.arpa

                          • 8.8.8.8:53
                            142.53.16.96.in-addr.arpa
                            dns
                            71 B
                            135 B
                            1
                            1

                            DNS Request

                            142.53.16.96.in-addr.arpa

                          • 8.8.8.8:53
                            79.190.18.2.in-addr.arpa
                            dns
                            70 B
                            133 B
                            1
                            1

                            DNS Request

                            79.190.18.2.in-addr.arpa

                          • 35.190.80.1:443
                            a.nel.cloudflare.com
                            https
                            msedge.exe
                            3.3kB
                            2.5kB
                            9
                            8
                          • 8.8.8.8:53
                            14.251.17.2.in-addr.arpa
                            dns
                            70 B
                            133 B
                            1
                            1

                            DNS Request

                            14.251.17.2.in-addr.arpa

                          • 8.8.8.8:53
                            11.227.111.52.in-addr.arpa
                            dns
                            72 B
                            158 B
                            1
                            1

                            DNS Request

                            11.227.111.52.in-addr.arpa

                          • 8.8.8.8:53
                            tse1.mm.bing.net
                            dns
                            62 B
                            173 B
                            1
                            1

                            DNS Request

                            tse1.mm.bing.net

                            DNS Response

                            204.79.197.200
                            13.107.21.200

                          MITRE ATT&CK Enterprise v15

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                            Filesize

                            152B

                            MD5

                            dbac49e66219979194c79f1cf1cb3dd1

                            SHA1

                            4ef87804a04d51ae1fac358f92382548b27f62f2

                            SHA256

                            f24ed6c5bf4b734a9af4d64e14a80a160bea569f50849f70bf7b7277c4f48562

                            SHA512

                            bb314d61f53cf7774f6dfb6b772c72f5daf386bc3d27d2bb7a14c65848ee86e6c48e9c5696693ded31846b69b9372a530175df48494e3d61a228e49d43401ad1

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                            Filesize

                            152B

                            MD5

                            a9e55f5864d6e2afd2fd84e25a3bc228

                            SHA1

                            a5efcff9e3df6252c7fe8535d505235f82aab276

                            SHA256

                            0f4df3120e4620555916be8e51c29be8d600d68ae5244efad6a0268aabc8c452

                            SHA512

                            12f45fa73a6de6dfe17acc8b52b60f2d79008da130730b74cc138c1dcd73ccc99487165e3c8c90dc247359fde272f1ec6b3cf2c5fcb04e5093936144d0558b75

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                            Filesize

                            670B

                            MD5

                            0c0839d63c389934dd7d552149430482

                            SHA1

                            59c3f32f31e862dd4e5e62728f3d62ad3e386a7c

                            SHA256

                            bf28118f88886e8a2773081a5100f0ae21d40c6d118bd402487bcbe406b42d9c

                            SHA512

                            bffa77348f0d2c1237ed383af5a0353224af768c873da836dba35f40192f18bc73a2da7207b62be1f263ca577c03049ce2194865845bee6ea7ac1f96d86e0988

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                            Filesize

                            5KB

                            MD5

                            f06d9c3d83278e6a618db89f9638df60

                            SHA1

                            760e90abc7d489a790140ead0e4ad202b55b5cc5

                            SHA256

                            72feaaff315582bd3dbfb433affeca610255daa83594ba57f5824d0cd04e495a

                            SHA512

                            920aa609f5a01f51413b81bb412368cd49996f8c60521689f1a10cb452303d3e96e8a4ac2acf6b5520e528b0d671f8611474b373c306ca2add63fd76be41b5fe

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                            Filesize

                            6KB

                            MD5

                            0dd14d12a1ac7f6edd039753e1ffa0bf

                            SHA1

                            9f74851903dfd0ffae423a43fe33dc5f84ab03df

                            SHA256

                            df7951e599eeb7cdee3010ace9537103681291a9a97cc356686f0d133d009d21

                            SHA512

                            f8000a2e3d7b55de3ae2954228c6b598856839f9778187388b71f793493a4f20df9fb9401d97733aae1030105083d5c30d0e3dac75e21921ab2c72ac7f45e556

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                            Filesize

                            16B

                            MD5

                            6752a1d65b201c13b62ea44016eb221f

                            SHA1

                            58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                            SHA256

                            0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                            SHA512

                            9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                          • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                            Filesize

                            11KB

                            MD5

                            55413f12bb3dc2e93b49c1a2fa9fc272

                            SHA1

                            2593af58868d59481b8df05742023f125e506486

                            SHA256

                            abe1f00c98a7390b263f837816aba786fbb9e05097d2c18ea25d0af651350b2a

                            SHA512

                            80d0ee1b47200f437796fdc9fc1bfad0f8aad0a7184a9a0fe49fbe42cee2a031a9955972a509ced480bf585a02ca69857b47dd35a8b42d76ab2900e09804a1ae

                          We care about your privacy.

                          This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.