5863b45f7b58df0022d1dcb82685aca268def140ef24007034c0b69626619fee

Analysis

max time kernel
145s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
14/05/2024, 16:26 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4228c49c0aa889c39c63230318144da0_JaffaCakes118.html
Size

108KB
MD5

4228c49c0aa889c39c63230318144da0
SHA1

676daf77b1bb275fe13652c245db29510622d0e6
SHA256

5863b45f7b58df0022d1dcb82685aca268def140ef24007034c0b69626619fee
SHA512

08d0a793f444e92bf0ba6010c86f780918b4b5b594eff082c4abd7e101ddfdc5f1bfeb6b01aec1c911c79aad16f79c83b7e6d84b7f7080c4fd7949d9692387ff
SSDEEP

1536:OYFejHH2kY5NKx38kgf4ligfpcHsGJWDBW5rzATjMDtFp1HV5k8pj:OYFy2Kx3pgfQfGSki411HV28pj

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
4004	msedge.exe
4004	msedge.exe
4260	msedge.exe
4260	msedge.exe
4560	identity_helper.exe
4560	identity_helper.exe
5448	msedge.exe
5448	msedge.exe
5448	msedge.exe
5448	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe
4260	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4260 wrote to memory of 224	4260	msedge.exe	83
PID 4260 wrote to memory of 224	4260	msedge.exe	83
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 2544	4260	msedge.exe	84
PID 4260 wrote to memory of 4004	4260	msedge.exe	85
PID 4260 wrote to memory of 4004	4260	msedge.exe	85
PID 4260 wrote to memory of 1204	4260	msedge.exe	86
PID 4260 wrote to memory of 1204	4260	msedge.exe	86
PID 4260 wrote to memory of 1204	4260	msedge.exe	86
PID 4260 wrote to memory of 1204	4260	msedge.exe	86
PID 4260 wrote to memory of 1204	4260	msedge.exe	86
PID 4260 wrote to memory of 1204	4260	msedge.exe	86
PID 4260 wrote to memory of 1204	4260	msedge.exe	86
PID 4260 wrote to memory of 1204	4260	msedge.exe	86
PID 4260 wrote to memory of 1204	4260	msedge.exe	86
PID 4260 wrote to memory of 1204	4260	msedge.exe	86
PID 4260 wrote to memory of 1204	4260	msedge.exe	86
PID 4260 wrote to memory of 1204	4260	msedge.exe	86
PID 4260 wrote to memory of 1204	4260	msedge.exe	86
PID 4260 wrote to memory of 1204	4260	msedge.exe	86
PID 4260 wrote to memory of 1204	4260	msedge.exe	86
PID 4260 wrote to memory of 1204	4260	msedge.exe	86
PID 4260 wrote to memory of 1204	4260	msedge.exe	86
PID 4260 wrote to memory of 1204	4260	msedge.exe	86
PID 4260 wrote to memory of 1204	4260	msedge.exe	86
PID 4260 wrote to memory of 1204	4260	msedge.exe	86

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\4228c49c0aa889c39c63230318144da0_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4260
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff16cc46f8,0x7fff16cc4708,0x7fff16cc4718
  2⤵
  PID:224
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1972,2446211730047977508,16916059818191204,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2024 /prefetch:2
  2⤵
  PID:2544
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1972,2446211730047977508,16916059818191204,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4004
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1972,2446211730047977508,16916059818191204,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2780 /prefetch:8
  2⤵
  PID:1204
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,2446211730047977508,16916059818191204,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
  2⤵
  PID:4596
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,2446211730047977508,16916059818191204,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
  2⤵
  PID:4896
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,2446211730047977508,16916059818191204,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
  2⤵
  PID:4308
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,2446211730047977508,16916059818191204,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1
  2⤵
  PID:4524
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,2446211730047977508,16916059818191204,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2008 /prefetch:1
  2⤵
  PID:760
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1972,2446211730047977508,16916059818191204,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5132 /prefetch:8
  2⤵
  PID:2836
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1972,2446211730047977508,16916059818191204,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5132 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4560
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,2446211730047977508,16916059818191204,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
  2⤵
  PID:2668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,2446211730047977508,16916059818191204,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
  2⤵
  PID:3612
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,2446211730047977508,16916059818191204,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4128 /prefetch:1
  2⤵
  PID:2760
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1972,2446211730047977508,16916059818191204,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4716 /prefetch:1
  2⤵
  PID:2012
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1972,2446211730047977508,16916059818191204,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4856 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5448

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1496

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4516

Network

DNS

googledrive.com

msedge.exe

Remote address:

8.8.8.8:53

Request

googledrive.com

IN A

Response

googledrive.com

IN A

142.250.179.65
DNS

www.blogger.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.blogger.com

IN A

Response

www.blogger.com

IN CNAME

blogger.l.google.com

blogger.l.google.com

IN A

142.250.201.169
DNS

ajax.googleapis.com

msedge.exe

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

142.250.75.234
DNS

maxcdn.bootstrapcdn.com

Remote address:

8.8.8.8:53

Request

maxcdn.bootstrapcdn.com

IN A

Response

maxcdn.bootstrapcdn.com

IN A

104.18.10.207

maxcdn.bootstrapcdn.com

IN A

104.18.11.207
GET

https://www.blogger.com/static/v1/widgets/2549344219-widget_css_bundle.css

msedge.exe

Remote address:

142.250.201.169:443

Request

GET /static/v1/widgets/2549344219-widget_css_bundle.css HTTP/2.0
host: www.blogger.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.blogger.com/static/v1/jsbin/457480341-comment_from_post_iframe.js

msedge.exe

Remote address:

142.250.201.169:443

Request

GET /static/v1/jsbin/457480341-comment_from_post_iframe.js HTTP/2.0
host: www.blogger.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.blogger.com/static/v1/widgets/513541589-widgets.js

msedge.exe

Remote address:

142.250.201.169:443

Request

GET /static/v1/widgets/513541589-widgets.js HTTP/2.0
host: www.blogger.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

msedge.exe

Remote address:

142.250.75.234:443

Request

GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/2.0
host: ajax.googleapis.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js

msedge.exe

Remote address:

142.250.75.234:443

Request

GET /ajax/libs/jquery/1.7/jquery.min.js HTTP/2.0
host: ajax.googleapis.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://googledrive.com/host/0BzhmjN6UOoj5ejQ0bDU2OE4tYms

msedge.exe

Remote address:

142.250.179.65:443

Request

GET /host/0BzhmjN6UOoj5ejQ0bDU2OE4tYms HTTP/2.0
host: googledrive.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

58.55.71.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

58.55.71.13.in-addr.arpa

IN PTR

Response
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

169.201.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

169.201.250.142.in-addr.arpa

IN PTR

Response

169.201.250.142.in-addr.arpa

IN PTR

par21s23-in-f91e100net
DNS

0.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

0.159.190.20.in-addr.arpa

IN PTR

Response
DNS

138.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

138.178.250.142.in-addr.arpa

IN PTR

Response

138.178.250.142.in-addr.arpa

IN PTR

par21s22-in-f101e100net
DNS

234.75.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.75.250.142.in-addr.arpa

IN PTR

Response

234.75.250.142.in-addr.arpa

IN PTR

par10s41-in-f101e100net
DNS

65.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

65.179.250.142.in-addr.arpa

IN PTR

Response

65.179.250.142.in-addr.arpa

IN PTR

par21s19-in-f11e100net
DNS

3.bp.blogspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

3.bp.blogspot.com

IN A

Response

3.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.179.97
GET

https://3.bp.blogspot.com/-YSzW8Hz8ucg/WeND8vyA_lI/AAAAAAAAAMU/_KyO09u-Wksv12sTYzGhhTm2FiTi_iBEwCLcBGAs/s640/woman-in-sunglasses-lying-on-bed.jpg

msedge.exe

Remote address:

142.250.179.97:443

Request

GET /-YSzW8Hz8ucg/WeND8vyA_lI/AAAAAAAAAMU/_KyO09u-Wksv12sTYzGhhTm2FiTi_iBEwCLcBGAs/s640/woman-in-sunglasses-lying-on-bed.jpg HTTP/2.0
host: 3.bp.blogspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://4.bp.blogspot.com/-QvdUn3t9LkY/WcsuwX2r0jI/AAAAAAAAAKs/nNgisRMmMiUMJDLAwB5N4VkCY7S3rtivwCLcBGAs/s200/shobi%2Bimran.png

msedge.exe

Remote address:

142.250.179.97:443

Request

GET /-QvdUn3t9LkY/WcsuwX2r0jI/AAAAAAAAAKs/nNgisRMmMiUMJDLAwB5N4VkCY7S3rtivwCLcBGAs/s200/shobi%2Bimran.png HTTP/2.0
host: 4.bp.blogspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://1.bp.blogspot.com/-QdWa8x1_Vzk/WcH44VM-saI/AAAAAAAAAG0/KfDs_TN9wRwpQ7NJPwLtZww9Df6BSxYUQCEwYBhgL/s72-c/lookatsun.jpg

msedge.exe

Remote address:

142.250.179.97:443

Request

GET /-QdWa8x1_Vzk/WcH44VM-saI/AAAAAAAAAG0/KfDs_TN9wRwpQ7NJPwLtZww9Df6BSxYUQCEwYBhgL/s72-c/lookatsun.jpg HTTP/2.0
host: 1.bp.blogspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

2.bp.blogspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

2.bp.blogspot.com

IN A

Response

2.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.179.97
GET

https://2.bp.blogspot.com/-Kg_fEcs1uoM/Wbpbq5i6jTI/AAAAAAAAAFI/J-4RTAiGQBYZOm_QPYdtA2LiaXCwKtbTACLcBGAs/s400/stress%2Bfree.png

msedge.exe

Remote address:

142.250.179.97:443

Request

GET /-Kg_fEcs1uoM/Wbpbq5i6jTI/AAAAAAAAAFI/J-4RTAiGQBYZOm_QPYdtA2LiaXCwKtbTACLcBGAs/s400/stress%2Bfree.png HTTP/2.0
host: 2.bp.blogspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

4.bp.blogspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

4.bp.blogspot.com

IN A

Response

4.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.179.97
DNS

maxcdn.bootstrapcdn.com

Remote address:

8.8.8.8:53

Request

maxcdn.bootstrapcdn.com

IN A

Response

maxcdn.bootstrapcdn.com

IN A

104.18.10.207

maxcdn.bootstrapcdn.com

IN A

104.18.11.207
DNS

resources.blogblog.com

msedge.exe

Remote address:

8.8.8.8:53

Request

resources.blogblog.com

IN A

Response

resources.blogblog.com

IN CNAME

blogger.l.google.com

blogger.l.google.com

IN A

142.250.201.169
DNS

feedburner.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

feedburner.google.com

IN A

Response

feedburner.google.com

IN CNAME

www3.l.google.com

www3.l.google.com

IN A

142.250.201.174
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

163.20.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

163.20.217.172.in-addr.arpa

IN PTR

Response

163.20.217.172.in-addr.arpa

IN PTR

waw02s07-in-f31e100net

163.20.217.172.in-addr.arpa

IN PTR

par10s49-in-f3�H

163.20.217.172.in-addr.arpa

IN PTR

waw02s07-in-f163�H
DNS

67.213.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

67.213.58.216.in-addr.arpa

IN PTR

Response

67.213.58.216.in-addr.arpa

IN PTR

lhr25s01-in-f31e100net

67.213.58.216.in-addr.arpa

IN PTR

par21s18-in-f3�G

67.213.58.216.in-addr.arpa

IN PTR

lhr25s01-in-f67�G
DNS

97.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.179.250.142.in-addr.arpa

IN PTR

Response

97.179.250.142.in-addr.arpa

IN PTR

par21s20-in-f11e100net
GET

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

msedge.exe

Remote address:

142.250.201.169:443

Request

GET /img/icon18_wrench_allbkg.png HTTP/2.0
host: resources.blogblog.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://feedburner.google.com/fb/images/pub/feed-icon32x32.png

msedge.exe

Remote address:

142.250.201.174:443

Request

GET /fb/images/pub/feed-icon32x32.png HTTP/2.0
host: feedburner.google.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

platform.twitter.com

msedge.exe

Remote address:

8.8.8.8:53

Request

platform.twitter.com

IN A

Response

platform.twitter.com

IN CNAME

cs472.wac.edgecastcdn.net

cs472.wac.edgecastcdn.net

IN CNAME

cs1-apr-8315.wac.edgecastcdn.net

cs1-apr-8315.wac.edgecastcdn.net

IN CNAME

wac.apr-8315.edgecastdns.net

wac.apr-8315.edgecastdns.net

IN CNAME

cs1-lb-eu.8315.ecdns.net

cs1-lb-eu.8315.ecdns.net

IN CNAME

cs41.wac.edgecastcdn.net

cs41.wac.edgecastcdn.net

IN A

93.184.220.66
DNS

g.bing.com

Remote address:

8.8.8.8:53

Request

g.bing.com

IN A

Response

g.bing.com

IN CNAME

g-bing-com.dual-a-0034.a-msedge.net

g-bing-com.dual-a-0034.a-msedge.net

IN CNAME

dual-a-0034.a-msedge.net

dual-a-0034.a-msedge.net

IN A

204.79.197.237

dual-a-0034.a-msedge.net

IN A

13.107.21.237
GET

https://platform.twitter.com/widgets.js

msedge.exe

Remote address:

93.184.220.66:443

Request

GET /widgets.js HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 837
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Tue, 14 May 2024 16:26:48 GMT
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67E2)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 27597
GET

https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js

msedge.exe

Remote address:

93.184.220.66:443

Request

GET /js/button.856debeac157d9669cf51e73a08fbc93.js HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4371666
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 14 May 2024 16:27:09 GMT
Etag: "fdf02dd038ed38dbf3c240d56262af0c+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67E2)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2620
GET

https://platform.twitter.com/js/timeline.e108540dddc96e4b707f5cf259a582d7.js

msedge.exe

Remote address:

93.184.220.66:443

Request

GET /js/timeline.e108540dddc96e4b707f5cf259a582d7.js HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4371651
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 14 May 2024 16:27:09 GMT
Etag: "e1b37e9fee06488be9c4cff0558f4e37+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67E2)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2965
GET

https://platform.twitter.com/widgets/follow_button.2f70fb173b9000da126c79afe2098f02.en.html

msedge.exe

Remote address:

93.184.220.66:443

Request

GET /widgets/follow_button.2f70fb173b9000da126c79afe2098f02.en.html HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
DNT: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4371652
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 14 May 2024 16:27:09 GMT
Etag: "bf4801052efb5f8f12057c849e9b590f+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67E2)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13712
GET

https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js

msedge.exe

Remote address:

93.184.220.66:443

Request

GET /_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://syndication.twitter.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4371672
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 14 May 2024 16:27:10 GMT
Etag: "4e8885e68df79c40c3a7aeda8d14bb81+gzip"
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/675D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2232
GET

https://platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js

msedge.exe

Remote address:

93.184.220.66:443

Request

GET /_next/static/chunks/modules.20f98d7498a59035a762.js HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://syndication.twitter.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4371671
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 14 May 2024 16:27:10 GMT
Etag: "1c54378254eefb52fea75b3c31dfe51d+gzip"
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6727)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 95842
GET

https://platform.twitter.com/_next/static/chunks/16.f331e94703acc65738d5.js

msedge.exe

Remote address:

93.184.220.66:443

Request

GET /_next/static/chunks/16.f331e94703acc65738d5.js HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://syndication.twitter.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4371669
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 14 May 2024 16:27:10 GMT
Etag: "5c87233703fee60cd3de98c5812d90de+gzip"
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BE)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12161
GET

https://platform.twitter.com/_next/static/chunks/0.9098e7e4385bbbc1cefe.js

msedge.exe

Remote address:

93.184.220.66:443

Request

GET /_next/static/chunks/0.9098e7e4385bbbc1cefe.js HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://syndication.twitter.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4371575
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 14 May 2024 16:27:10 GMT
Etag: "7d7fd30a3c04f91bb6e42719e657c333+gzip"
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 77945
GET

https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De80ydgclGCA02PaeRDLid-xDVUCUyZO_GkXx3JUma5QKTDzpGGaEpuJMn7jYk-aMoqP9jEZZIMpOU94w297qd5EOBpXhLz6Vk_SvqZt3FZZSYEpXVBxwuQjUi6mY_0YZ57sK5PUSkyBWrHs3rTX_xINCQWHzS2bRU0yPdIYgTvSiwYCcwI%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D8be18068810d1e9e1426e64331032712&TIME=20240426T134647Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4

Remote address:

204.79.197.237:443

Request

GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De80ydgclGCA02PaeRDLid-xDVUCUyZO_GkXx3JUma5QKTDzpGGaEpuJMn7jYk-aMoqP9jEZZIMpOU94w297qd5EOBpXhLz6Vk_SvqZt3FZZSYEpXVBxwuQjUi6mY_0YZ57sK5PUSkyBWrHs3rTX_xINCQWHzS2bRU0yPdIYgTvSiwYCcwI%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D8be18068810d1e9e1426e64331032712&TIME=20240426T134647Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4 HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=00AA7CD074526DC80A5E68AF75E96CF7; domain=.bing.com; expires=Sun, 08-Jun-2025 16:26:48 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8A2BB68B17024A90ADBC7FAC7613B5A7 Ref B: LON04EDGE0917 Ref C: 2024-05-14T16:26:48Z
date: Tue, 14 May 2024 16:26:48 GMT
GET

https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De80ydgclGCA02PaeRDLid-xDVUCUyZO_GkXx3JUma5QKTDzpGGaEpuJMn7jYk-aMoqP9jEZZIMpOU94w297qd5EOBpXhLz6Vk_SvqZt3FZZSYEpXVBxwuQjUi6mY_0YZ57sK5PUSkyBWrHs3rTX_xINCQWHzS2bRU0yPdIYgTvSiwYCcwI%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D8be18068810d1e9e1426e64331032712&TIME=20240426T134647Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4

Remote address:

204.79.197.237:443

Request

GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De80ydgclGCA02PaeRDLid-xDVUCUyZO_GkXx3JUma5QKTDzpGGaEpuJMn7jYk-aMoqP9jEZZIMpOU94w297qd5EOBpXhLz6Vk_SvqZt3FZZSYEpXVBxwuQjUi6mY_0YZ57sK5PUSkyBWrHs3rTX_xINCQWHzS2bRU0yPdIYgTvSiwYCcwI%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D8be18068810d1e9e1426e64331032712&TIME=20240426T134647Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4 HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=00AA7CD074526DC80A5E68AF75E96CF7; _EDGE_S=SID=24E4A0FA8DF064CA26FCB4858C5A656C

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MSPTC=CelaRzJJSKmLotrF69jTsbhol8AwaiWn2xeG0WJeIAs; domain=.bing.com; expires=Sun, 08-Jun-2025 16:26:49 GMT; path=/; Partitioned; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C724A2BD6B11486FA6C8431FA2792312 Ref B: LON04EDGE0917 Ref C: 2024-05-14T16:26:49Z
date: Tue, 14 May 2024 16:26:49 GMT
DNS

platform.linkedin.com

msedge.exe

Remote address:

8.8.8.8:53

Request

platform.linkedin.com

IN A

Response

platform.linkedin.com

IN CNAME

2-01-2c3e-0055.cdx.cedexis.net

2-01-2c3e-0055.cdx.cedexis.net

IN CNAME

cs767.wpc.epsiloncdn.net

cs767.wpc.epsiloncdn.net

IN A

152.199.22.144
GET

https://platform.linkedin.com/badges/js/profile.js

msedge.exe

Remote address:

152.199.22.144:443

Request

GET /badges/js/profile.js HTTP/2.0
host: platform.linkedin.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-encoding: gzip
accept-ranges: bytes
age: 3338
cache-control: public, max-age=3600
content-type: application/javascript; charset=utf-8
date: Tue, 14 May 2024 16:26:48 GMT
last-modified: Fri, 01 Feb 1980 00:00:00 GMT
server: ECAcc (frb/6729)
vary: Accept-Encoding
x-cache: HIT
x-cdn: ECST
x-cdn-client-ip-version: IPV4
x-cdn-proto: HTTP2
x-content-type-options: nosniff
x-fs-uuid: 0006186bb0fd11150bd6977f1691c45d
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
x-li-uuid: AAYYa7D9ERUL1pd/FpHEXQ==
content-length: 2657
DNS

1.bp.blogspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

1.bp.blogspot.com

IN A

Response

1.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.179.97
GET

https://www.bing.com/aes/c.gif?RG=38ccf3c3534247f1bc41d63a16b4717e&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T134647Z&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644

Remote address:

23.62.61.72:443

Request

GET /aes/c.gif?RG=38ccf3c3534247f1bc41d63a16b4717e&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T134647Z&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644 HTTP/2.0
host: www.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=00AA7CD074526DC80A5E68AF75E96CF7

Response

HTTP/2.0 200

cache-control: private,no-store
pragma: no-cache
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 68FCAB594EC14A20A903141A5AB51EDE Ref B: DUS30EDGE0820 Ref C: 2024-05-14T16:26:49Z
content-length: 0
date: Tue, 14 May 2024 16:26:49 GMT
set-cookie: _EDGE_S=SID=24E4A0FA8DF064CA26FCB4858C5A656C; path=/; httponly; domain=bing.com
set-cookie: MUIDB=00AA7CD074526DC80A5E68AF75E96CF7; path=/; httponly; expires=Sun, 08-Jun-2025 16:26:49 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.443d3e17.1715704009.7b4d6de
DNS

196.249.167.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

196.249.167.52.in-addr.arpa

IN PTR

Response
DNS

174.201.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

174.201.250.142.in-addr.arpa

IN PTR

Response

174.201.250.142.in-addr.arpa

IN PTR

par21s23-in-f141e100net
DNS

66.220.184.93.in-addr.arpa

Remote address:

8.8.8.8:53

Request

66.220.184.93.in-addr.arpa

IN PTR

Response
DNS

237.197.79.204.in-addr.arpa

Remote address:

8.8.8.8:53

Request

237.197.79.204.in-addr.arpa

IN PTR

Response
DNS

144.22.199.152.in-addr.arpa

Remote address:

8.8.8.8:53

Request

144.22.199.152.in-addr.arpa

IN PTR

Response
DNS

72.61.62.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

72.61.62.23.in-addr.arpa

IN PTR

Response

72.61.62.23.in-addr.arpa

IN PTR

a23-62-61-72deploystaticakamaitechnologiescom
GET

https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

Remote address:

23.62.61.72:443

Request

GET /th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
host: www.bing.com
accept: */*
cookie: MUID=00AA7CD074526DC80A5E68AF75E96CF7; _EDGE_S=SID=24E4A0FA8DF064CA26FCB4858C5A656C; MSPTC=CelaRzJJSKmLotrF69jTsbhol8AwaiWn2xeG0WJeIAs; MUIDB=00AA7CD074526DC80A5E68AF75E96CF7
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 1107
date: Tue, 14 May 2024 16:26:50 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.443d3e17.1715704010.7b4dc6f
DNS

58.99.105.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

58.99.105.20.in-addr.arpa

IN PTR

Response
DNS

ws-na.amazon-adsystem.com

Remote address:

8.8.8.8:53

Request

ws-na.amazon-adsystem.com

IN A

Response

ws-na.amazon-adsystem.com

IN CNAME

ws-na.assoc-amazon.com
DNS

ir-na.amazon-adsystem.com

Remote address:

8.8.8.8:53

Request

ir-na.amazon-adsystem.com

IN A

Response

ir-na.amazon-adsystem.com

IN CNAME

www.assoc-amazon.com

www.assoc-amazon.com

IN A

52.46.128.194
DNS

connect.facebook.net

msedge.exe

Remote address:

8.8.8.8:53

Request

connect.facebook.net

IN A

Response

connect.facebook.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

163.70.151.21
GET

https://platform.twitter.com/_next/static/pc7SXdI2p34p0Y95uXWdA/_buildManifest.js

msedge.exe

Remote address:

93.184.220.66:443

Request

GET /_next/static/pc7SXdI2p34p0Y95uXWdA/_buildManifest.js HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://syndication.twitter.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4371660
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 14 May 2024 16:27:10 GMT
Etag: "bd9a3afe8a64146469f036be13628170+gzip"
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/668B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 451
GET

https://platform.twitter.com/_next/static/chunks/main-fd9ef5eb169057cda26d.js

msedge.exe

Remote address:

93.184.220.66:443

Request

GET /_next/static/chunks/main-fd9ef5eb169057cda26d.js HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://syndication.twitter.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4371673
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 14 May 2024 16:27:10 GMT
Etag: "1d1fa0644a94523711b2bb99a8d652bc"
Last-Modified: Sun, 04 Feb 2024 16:41:19 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6796)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 90
GET

https://platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js

msedge.exe

Remote address:

93.184.220.66:443

Request

GET /_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://syndication.twitter.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4371676
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 14 May 2024 16:27:10 GMT
Etag: "e78034c651c8a81b2acd83dc7e7ad407+gzip"
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67D4)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1290
GET

https://platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js

msedge.exe

Remote address:

93.184.220.66:443

Request

GET /_next/static/chunks/2.691622e4391d1973cb65.js HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://syndication.twitter.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4371670
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 14 May 2024 16:27:10 GMT
Etag: "942b5b928a24465d1906b4716131d896+gzip"
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/669E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 7674
GET

https://platform.twitter.com/_next/static/chunks/4.1579d566fe7ef23f99dd.js

msedge.exe

Remote address:

93.184.220.66:443

Request

GET /_next/static/chunks/4.1579d566fe7ef23f99dd.js HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://syndication.twitter.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4371671
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 14 May 2024 16:27:10 GMT
Etag: "b19ad66a33044952a2778e4e1de5b11f+gzip"
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67D5)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 63766
GET

https://platform.twitter.com/_next/static/pc7SXdI2p34p0Y95uXWdA/_ssgManifest.js

msedge.exe

Remote address:

93.184.220.66:443

Request

GET /_next/static/pc7SXdI2p34p0Y95uXWdA/_ssgManifest.js HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://syndication.twitter.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4371672
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 14 May 2024 16:27:10 GMT
Etag: "abee47769bf307639ace4945f9cfd4ff"
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6760)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 76
GET

https://platform.twitter.com/_next/static/chunks/pages/_app-88bf420a57d49e33be53.js

msedge.exe

Remote address:

93.184.220.66:443

Request

GET /_next/static/chunks/pages/_app-88bf420a57d49e33be53.js HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://syndication.twitter.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4371690
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 14 May 2024 16:27:10 GMT
Etag: "2856f57c62c238a564ef576bbc50ca4a+gzip"
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6752)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 668
GET

https://platform.twitter.com/_next/static/chunks/1.2a1457a8c568f1533384.js

msedge.exe

Remote address:

93.184.220.66:443

Request

GET /_next/static/chunks/1.2a1457a8c568f1533384.js HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://syndication.twitter.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4371674
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 14 May 2024 16:27:10 GMT
Etag: "207cde851cb385975ed7fa54f14a46d9+gzip"
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6711)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 49719
DNS

syndication.twitter.com

msedge.exe

Remote address:

8.8.8.8:53

Request

syndication.twitter.com

IN A

Response

syndication.twitter.com

IN A

104.244.42.72
GET

https://syndication.twitter.com/srv/timeline-profile/screen-name/ShobiImran?dnt=false&embedId=twitter-widget-1&features=e30%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=430px&origin=file%3A%2F%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Ffile%3A%2F%2F%2FC%3A%2F&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=2615f7e52b7e0%3A1702314776716

msedge.exe

Remote address:

104.244.42.72:443

Request

GET /srv/timeline-profile/screen-name/ShobiImran?dnt=false&embedId=twitter-widget-1&features=e30%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=430px&origin=file%3A%2F%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Ffile%3A%2F%2F%2FC%3A%2F&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=2615f7e52b7e0%3A1702314776716 HTTP/2.0
host: syndication.twitter.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 May 2024 16:27:09 GMT
perf: 7402827104
vary: Origin
server: tsa_f
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Tue, 14 May 2024 16:27:09 GMT
content-length: 43
x-transaction-id: 197fc0cabbd73c1f
strict-transport-security: max-age=631138519
x-response-time: 107
x-connection-hash: 406c18ecd4ed959d0ee35242fb643f1a3d70121d3520f19ccae1c3c2ad8eb767
GET

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22file%3A%2F%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Ffile%3A%2F%2F%2FC%3A%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1715704028371%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D

msedge.exe

Remote address:

104.244.42.72:443

Request

GET /i/jot/embeds?l=%7B%22widget_origin%22%3A%22file%3A%2F%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Ffile%3A%2F%2F%2FC%3A%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1715704028371%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D HTTP/2.0
host: syndication.twitter.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 May 2024 16:27:10 GMT
etag: "cfc-IeTAebtSgdlF8Z1qcdDfdnjgzik"
perf: 7402827104
server: tsa_f
content-type: text/html; charset=utf-8
cache-control: must-revalidate, max-age=60
x-transaction-id: 3e53ab4a401d07a7
x-xss-protection: 0
strict-transport-security: max-age=631138519
content-encoding: gzip
content-length: 1083
x-response-time: 255
x-connection-hash: 406c18ecd4ed959d0ee35242fb643f1a3d70121d3520f19ccae1c3c2ad8eb767
GET

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1715704030162%2C%22event_namespace%22%3A%7B%22action%22%3A%22no-results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22file%3A%2F%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Ffile%3A%2F%2F%2FC%3A%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22d2b21d1%3A1693532938118%22%2C%22widget_data_source%22%3A%22screen-name%3AShobiImran%22%7D

msedge.exe

Remote address:

104.244.42.72:443

Request

GET /i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1715704030162%2C%22event_namespace%22%3A%7B%22action%22%3A%22no-results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22file%3A%2F%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Ffile%3A%2F%2F%2FC%3A%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22d2b21d1%3A1693532938118%22%2C%22widget_data_source%22%3A%22screen-name%3AShobiImran%22%7D HTTP/2.0
host: syndication.twitter.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://syndication.twitter.com/srv/timeline-profile/screen-name/ShobiImran?dnt=false&embedId=twitter-widget-1&features=e30%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=430px&origin=file%3A%2F%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Ffile%3A%2F%2F%2FC%3A%2F&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=2615f7e52b7e0%3A1702314776716
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 May 2024 16:27:11 GMT
perf: 7402827104
vary: Origin
server: tsa_f
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Tue, 14 May 2024 16:27:11 GMT
content-length: 43
x-transaction-id: 8f7cf7b72bfe8311
strict-transport-security: max-age=631138519
x-response-time: 115
x-connection-hash: 406c18ecd4ed959d0ee35242fb643f1a3d70121d3520f19ccae1c3c2ad8eb767
DNS

accounts.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

173.194.69.84
GET

https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D465924003174355710%26postID%3D5223149393669671757%26blogspotRpcToken%3D8954618%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D465924003174355710%26postID%3D5223149393669671757%26blogspotRpcToken%3D8954618%26bpli%3D1&go=true

msedge.exe

Remote address:

173.194.69.84:443

Request

GET /ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D465924003174355710%26postID%3D5223149393669671757%26blogspotRpcToken%3D8954618%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D465924003174355710%26postID%3D5223149393669671757%26blogspotRpcToken%3D8954618%26bpli%3D1&go=true HTTP/2.0
host: accounts.google.com
upgrade-insecure-requests: 1
dnt: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

twitter.com

msedge.exe

Remote address:

8.8.8.8:53

Request

twitter.com

IN A

Response

twitter.com

IN A

104.244.42.193
DNS

ir-na.amazon-adsystem.com

Remote address:

8.8.8.8:53

Request

ir-na.amazon-adsystem.com

IN A

Response

ir-na.amazon-adsystem.com

IN CNAME

www.assoc-amazon.com

www.assoc-amazon.com

IN A

52.94.240.125
GET

https://platform.twitter.com/_next/static/chunks/3.623849758c2a16a878a7.js

msedge.exe

Remote address:

93.184.220.66:443

Request

GET /_next/static/chunks/3.623849758c2a16a878a7.js HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://syndication.twitter.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4371681
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 14 May 2024 16:27:10 GMT
Etag: "618712ac658424673c59e506a6c7d1d8+gzip"
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67C1)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 164147
GET

https://platform.twitter.com/_next/static/chunks/ondemand.Dropdown.0890ced0fe3b29a4c947.js

msedge.exe

Remote address:

93.184.220.66:443

Request

GET /_next/static/chunks/ondemand.Dropdown.0890ced0fe3b29a4c947.js HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://syndication.twitter.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4371609
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 14 May 2024 16:27:11 GMT
Etag: "ee85bb78f0eb1080fd5fc8c4d4cddbb8+gzip"
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67DF)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2822
GET

https://platform.twitter.com/_next/static/chunks/6.902e7a204f7eea980629.js

msedge.exe

Remote address:

93.184.220.66:443

Request

GET /_next/static/chunks/6.902e7a204f7eea980629.js HTTP/1.1
Host: platform.twitter.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://syndication.twitter.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4371670
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 14 May 2024 16:27:10 GMT
Etag: "0e9ca787dfdcbf5ffeb7df678ec8f6df+gzip"
Last-Modified: Tue, 24 Oct 2023 00:27:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/674C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1276
DNS

www.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.178.132
GET

https://www.google.com/js/bg/wzW03wSMKGadcZM3w2SLC_Xpa1daedvy2LBHVDfiSZI.js

msedge.exe

Remote address:

142.250.178.132:443

Request

GET /js/bg/wzW03wSMKGadcZM3w2SLC_Xpa1daedvy2LBHVDfiSZI.js HTTP/2.0
host: www.google.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.blogger.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

21.151.70.163.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.151.70.163.in-addr.arpa

IN PTR

Response

21.151.70.163.in-addr.arpa

IN PTR

xx-fbcdn-shv-02-lhr6fbcdnnet
DNS

72.42.244.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

72.42.244.104.in-addr.arpa

IN PTR

Response
DNS

84.69.194.173.in-addr.arpa

Remote address:

8.8.8.8:53

Request

84.69.194.173.in-addr.arpa

IN PTR

Response

84.69.194.173.in-addr.arpa

IN PTR

ef-in-f841e100net
DNS

132.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

132.178.250.142.in-addr.arpa

IN PTR

Response

132.178.250.142.in-addr.arpa

IN PTR

par21s22-in-f41e100net
DNS

157.123.68.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

157.123.68.40.in-addr.arpa

IN PTR

Response
DNS

198.187.3.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.187.3.20.in-addr.arpa

IN PTR

Response
DNS

31.121.18.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

31.121.18.2.in-addr.arpa

IN PTR

Response

31.121.18.2.in-addr.arpa

IN PTR

a2-18-121-31deploystaticakamaitechnologiescom
DNS

www.facebook.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN A

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN A

163.70.151.35
DNS

badges.linkedin.com

msedge.exe

Remote address:

8.8.8.8:53

Request

badges.linkedin.com

IN A

Response

badges.linkedin.com

IN CNAME

mix.linkedin.com

mix.linkedin.com

IN CNAME

pop-lva1-lx.mix.linkedin.com

pop-lva1-lx.mix.linkedin.com

IN A

144.2.12.25
GET

https://badges.linkedin.com/profile?locale=en_US&badgetype=horizontal&badgetheme=dark&uid=378255&version=v1&maxsize=medium&trk=profile-badge&vanityname=shobi-imran

msedge.exe

Remote address:

144.2.12.25:443

Request

GET /profile?locale=en_US&badgetype=horizontal&badgetheme=dark&uid=378255&version=v1&maxsize=medium&trk=profile-badge&vanityname=shobi-imran HTTP/1.1
Host: badges.linkedin.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
DNT: 1
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Server: Play
content-length: 0
Date: Tue, 14 May 2024 16:27:35 GMT
X-FS-UUID: 0006186c7ac252aca086dda8bb51fba4
Connection: keep-alive
Cache-Control: no-transform
X-Li-Fabric: prod-lva1
X-Content-Type-Options: nosniff
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
NEL: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-Li-Pop: prod-lva1-x
X-LI-Proto: http/1.1
X-LI-UUID: AAYYbHrCUqyght2ou1H7pA==
DNS

static.xx.fbcdn.net

msedge.exe

Remote address:

8.8.8.8:53

Request

static.xx.fbcdn.net

IN A

Response

static.xx.fbcdn.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

163.70.151.21
DNS

www.linkedin.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.linkedin.com

IN A

Response

www.linkedin.com

IN CNAME

www-linkedin-com.l-0005.l-msedge.net

www-linkedin-com.l-0005.l-msedge.net

IN CNAME

l-0005.l-msedge.net

l-0005.l-msedge.net

IN A

13.107.42.14
DNS

scontent.xx.fbcdn.net

msedge.exe

Remote address:

8.8.8.8:53

Request

scontent.xx.fbcdn.net

IN A

Response

scontent.xx.fbcdn.net

IN A

163.70.151.21
OPTIONS

https://www.linkedin.com/li/rep

msedge.exe

Remote address:

13.107.42.14:443

Request

OPTIONS /li/rep HTTP/2.0
host: www.linkedin.com
origin: https://badges.linkedin.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: no-cache, no-store
pragma: no-cache
content-length: 30
content-type: text/plain; charset=utf-8
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=linkedin.com; Secure
set-cookie: lidc="b=VGST08:s=V:r=V:a=V:p=V:g=2909:u=1:x=1:i=1715704055:t=1715790455:v=2:sig=AQFrjWj9J6acBmU1Omw6SENRmSdctWyj"; Expires=Wed, 15 May 2024 16:27:35 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
access-control-allow-origin: https://badges.linkedin.com
access-control-allow-headers: Content-Encoding, Content-Type, Csrf-Token, X-Requested-With, X-LI-Retry-Context
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: frame-ancestors 'self'
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAYYbHrHT0/+P+hp3eiV1Q==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 19D837D0EEEB462BB6189C4E6A43ECFE Ref B: DUS30EDGE0806 Ref C: 2024-05-14T16:27:35Z
date: Tue, 14 May 2024 16:27:35 GMT
POST

https://www.linkedin.com/li/rep

msedge.exe

Remote address:

13.107.42.14:443

Request

POST /li/rep HTTP/2.0
host: www.linkedin.com
content-length: 542
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
set-cookie: bcookie="v=2&74cc7fe6-31d8-4b13-87c2-e58ec0da9d97"; Domain=.linkedin.com; Expires=Wed, 14-May-2025 16:27:35 GMT; Path=/; Secure; SameSite=None
set-cookie: bscookie="v=1&20240514162735fc598469-dc0e-492a-84f7-315a698e5866AQGKU5_MlDRaYuKz52L1rU5AdyIn-wZc"; Domain=.www.linkedin.com; Expires=Wed, 14-May-2025 16:27:35 GMT; Path=/; HttpOnly; Secure; SameSite=None
set-cookie: li_gc=MTswOzE3MTU3MDQwNTU7MjswMjHr9RgJgxCWln2SXyz6ptpVtB0ZCcgbl3e3UBAXaHsBzA==; Domain=.linkedin.com; Expires=Sun, 10 Nov 2024 16:27:35 GMT; Path=/; Secure; SameSite=None
set-cookie: lidc="b=OGST08:s=O:r=O:a=O:p=O:g=2866:u=1:x=1:i=1715704055:t=1715790455:v=2:sig=AQEC4S-_sAVCq7d4P2YiYSfPSwE-rYAm"; Expires=Wed, 15 May 2024 16:27:35 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: frame-ancestors 'self'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYYbHrKY8Nor6IGe0pzUw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 59B0B11BF8E14EFE99FC53FE7DBAA509 Ref B: DUS30EDGE0806 Ref C: 2024-05-14T16:27:35Z
date: Tue, 14 May 2024 16:27:35 GMT
content-length: 0
DNS

learningkeepsusalive.blogspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

learningkeepsusalive.blogspot.com

IN A

Response

learningkeepsusalive.blogspot.com

IN CNAME

blogspot.l.googleusercontent.com

blogspot.l.googleusercontent.com

IN A

142.250.75.225
GET

https://learningkeepsusalive.blogspot.com/favicon.ico

msedge.exe

Remote address:

142.250.75.225:443

Request

GET /favicon.ico HTTP/2.0
host: learningkeepsusalive.blogspot.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

35.151.70.163.in-addr.arpa

Remote address:

8.8.8.8:53

Request

35.151.70.163.in-addr.arpa

IN PTR

Response

35.151.70.163.in-addr.arpa

IN PTR

edge-star-mini-shv-02-lhr6facebookcom
DNS

25.12.2.144.in-addr.arpa

Remote address:

8.8.8.8:53

Request

25.12.2.144.in-addr.arpa

IN PTR

Response
DNS

14.42.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.42.107.13.in-addr.arpa

IN PTR

Response
DNS

225.75.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

225.75.250.142.in-addr.arpa

IN PTR

Response

225.75.250.142.in-addr.arpa

IN PTR

par10s41-in-f11e100net
DNS

241.197.17.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

241.197.17.2.in-addr.arpa

IN PTR

Response

241.197.17.2.in-addr.arpa

IN PTR

a2-17-197-241deploystaticakamaitechnologiescom
DNS

26.35.223.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

26.35.223.20.in-addr.arpa

IN PTR

Response
DNS

19.229.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

19.229.111.52.in-addr.arpa

IN PTR

Response
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A

Response

tse1.mm.bing.net

IN CNAME

mm-mm.bing.net.trafficmanager.net

mm-mm.bing.net.trafficmanager.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
GET

https://tse1.mm.bing.net/th?id=OADD2.10239360931611_1SOG5TNNJKE1WH1R0&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239360931611_1SOG5TNNJKE1WH1R0&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 659775
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B8C98360444E40F28EA9709A3B753198 Ref B: LON04EDGE1118 Ref C: 2024-05-14T16:28:28Z
date: Tue, 14 May 2024 16:28:28 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239340783932_1JCHO8JLBZ4TPAX49&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239340783932_1JCHO8JLBZ4TPAX49&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 621794
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 34FA5AA1A4824C3BB105878D6D66027F Ref B: LON04EDGE1118 Ref C: 2024-05-14T16:28:28Z
date: Tue, 14 May 2024 16:28:28 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239360931612_153L2SVWUYAQUME4E&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239360931612_153L2SVWUYAQUME4E&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 555746
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 187F461020FF44368A26F52BBFEFFB81 Ref B: LON04EDGE1118 Ref C: 2024-05-14T16:28:28Z
date: Tue, 14 May 2024 16:28:28 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239340783933_1QOIM48UV8MGOV4SU&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239340783933_1QOIM48UV8MGOV4SU&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 638730
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2450B3C549684358987B2883CE823C36 Ref B: LON04EDGE1118 Ref C: 2024-05-14T16:28:28Z
date: Tue, 14 May 2024 16:28:28 GMT

142.250.201.169:443

https://www.blogger.com/static/v1/widgets/513541589-widgets.js

tls, http2

msedge.exe

4.2kB
102.1kB
63
89

HTTP Request

GET https://www.blogger.com/static/v1/widgets/2549344219-widget_css_bundle.css

HTTP Request

GET https://www.blogger.com/static/v1/jsbin/457480341-comment_from_post_iframe.js

HTTP Request

GET https://www.blogger.com/static/v1/widgets/513541589-widgets.js
142.250.75.234:443

ajax.googleapis.com

tls, http2

msedge.exe

999 B
6.1kB
9
8
142.250.75.234:443

https://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js

tls, http2

msedge.exe

5.9kB
204.9kB
103
156

HTTP Request

GET https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

HTTP Request

GET https://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js
142.250.179.65:443

https://googledrive.com/host/0BzhmjN6UOoj5ejQ0bDU2OE4tYms

tls, http2

msedge.exe

1.9kB
12.9kB
17
19

HTTP Request

GET https://googledrive.com/host/0BzhmjN6UOoj5ejQ0bDU2OE4tYms
104.18.10.207:445

maxcdn.bootstrapcdn.com

260 B
5
142.250.179.97:443

https://1.bp.blogspot.com/-QdWa8x1_Vzk/WcH44VM-saI/AAAAAAAAAG0/KfDs_TN9wRwpQ7NJPwLtZww9Df6BSxYUQCEwYBhgL/s72-c/lookatsun.jpg

tls, http2

msedge.exe

4.6kB
104.6kB
66
92

HTTP Request

GET https://3.bp.blogspot.com/-YSzW8Hz8ucg/WeND8vyA_lI/AAAAAAAAAMU/_KyO09u-Wksv12sTYzGhhTm2FiTi_iBEwCLcBGAs/s640/woman-in-sunglasses-lying-on-bed.jpg

HTTP Request

GET https://4.bp.blogspot.com/-QvdUn3t9LkY/WcsuwX2r0jI/AAAAAAAAAKs/nNgisRMmMiUMJDLAwB5N4VkCY7S3rtivwCLcBGAs/s200/shobi%2Bimran.png

HTTP Request

GET https://1.bp.blogspot.com/-QdWa8x1_Vzk/WcH44VM-saI/AAAAAAAAAG0/KfDs_TN9wRwpQ7NJPwLtZww9Df6BSxYUQCEwYBhgL/s72-c/lookatsun.jpg
142.250.179.97:443

https://2.bp.blogspot.com/-Kg_fEcs1uoM/Wbpbq5i6jTI/AAAAAAAAAFI/J-4RTAiGQBYZOm_QPYdtA2LiaXCwKtbTACLcBGAs/s400/stress%2Bfree.png

tls, http2

msedge.exe

12.8kB
277.2kB
207
209

HTTP Request

GET https://2.bp.blogspot.com/-Kg_fEcs1uoM/Wbpbq5i6jTI/AAAAAAAAAFI/J-4RTAiGQBYZOm_QPYdtA2LiaXCwKtbTACLcBGAs/s400/stress%2Bfree.png
104.18.11.207:445

maxcdn.bootstrapcdn.com

260 B
5
104.18.10.207:139

maxcdn.bootstrapcdn.com

260 B
5
142.250.201.169:443

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

tls, http2

msedge.exe

2.0kB
7.1kB
18
15

HTTP Request

GET https://resources.blogblog.com/img/icon18_wrench_allbkg.png
142.250.201.174:443

feedburner.google.com

tls, http2

msedge.exe

1.2kB
1.7kB
8
7
142.250.201.174:443

https://feedburner.google.com/fb/images/pub/feed-icon32x32.png

tls, http2

msedge.exe

2.0kB
10.8kB
19
18

HTTP Request

GET https://feedburner.google.com/fb/images/pub/feed-icon32x32.png
93.184.220.66:443

https://platform.twitter.com/_next/static/chunks/0.9098e7e4385bbbc1cefe.js

tls, http

msedge.exe

10.8kB
253.3kB
109
194

HTTP Request

GET https://platform.twitter.com/widgets.js

HTTP Response

200

HTTP Request

GET https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js

HTTP Response

200

HTTP Request

GET https://platform.twitter.com/js/timeline.e108540dddc96e4b707f5cf259a582d7.js

HTTP Response

200

HTTP Request

GET https://platform.twitter.com/widgets/follow_button.2f70fb173b9000da126c79afe2098f02.en.html

HTTP Response

200

HTTP Request

GET https://platform.twitter.com/_next/static/chunks/runtime-a697c5a1ae32bd7e4d42.js

HTTP Response

200

HTTP Request

GET https://platform.twitter.com/_next/static/chunks/modules.20f98d7498a59035a762.js

HTTP Response

200

HTTP Request

GET https://platform.twitter.com/_next/static/chunks/16.f331e94703acc65738d5.js

HTTP Response

200

HTTP Request

GET https://platform.twitter.com/_next/static/chunks/0.9098e7e4385bbbc1cefe.js

HTTP Response

200
204.79.197.237:443

https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De80ydgclGCA02PaeRDLid-xDVUCUyZO_GkXx3JUma5QKTDzpGGaEpuJMn7jYk-aMoqP9jEZZIMpOU94w297qd5EOBpXhLz6Vk_SvqZt3FZZSYEpXVBxwuQjUi6mY_0YZ57sK5PUSkyBWrHs3rTX_xINCQWHzS2bRU0yPdIYgTvSiwYCcwI%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D8be18068810d1e9e1426e64331032712&TIME=20240426T134647Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4

tls, http2

2.5kB
9.0kB
20
17

HTTP Request

GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De80ydgclGCA02PaeRDLid-xDVUCUyZO_GkXx3JUma5QKTDzpGGaEpuJMn7jYk-aMoqP9jEZZIMpOU94w297qd5EOBpXhLz6Vk_SvqZt3FZZSYEpXVBxwuQjUi6mY_0YZ57sK5PUSkyBWrHs3rTX_xINCQWHzS2bRU0yPdIYgTvSiwYCcwI%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D8be18068810d1e9e1426e64331032712&TIME=20240426T134647Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4

HTTP Response

204

HTTP Request

GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De80ydgclGCA02PaeRDLid-xDVUCUyZO_GkXx3JUma5QKTDzpGGaEpuJMn7jYk-aMoqP9jEZZIMpOU94w297qd5EOBpXhLz6Vk_SvqZt3FZZSYEpXVBxwuQjUi6mY_0YZ57sK5PUSkyBWrHs3rTX_xINCQWHzS2bRU0yPdIYgTvSiwYCcwI%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D8be18068810d1e9e1426e64331032712&TIME=20240426T134647Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644&muid=3EBA0D95A4930C635584F13F751694E4

HTTP Response

204
152.199.22.144:443

https://platform.linkedin.com/badges/js/profile.js

tls, http2

msedge.exe

2.3kB
9.6kB
17
18

HTTP Request

GET https://platform.linkedin.com/badges/js/profile.js

HTTP Response

200
23.62.61.72:443

https://www.bing.com/aes/c.gif?RG=38ccf3c3534247f1bc41d63a16b4717e&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T134647Z&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644

tls, http2

1.5kB
5.4kB
16
12

HTTP Request

GET https://www.bing.com/aes/c.gif?RG=38ccf3c3534247f1bc41d63a16b4717e&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T134647Z&adUnitId=11730597&localId=w:3EBA0D95-A493-0C63-5584-F13F751694E4&deviceId=6966564702259644

HTTP Response

200
23.62.61.72:443

https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

tls, http2

1.6kB
6.4kB
17
13

HTTP Request

GET https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

HTTP Response

200
163.70.151.21:443

connect.facebook.net

tls

msedge.exe

9.5kB
295.2kB
151
252
93.184.220.66:443

https://platform.twitter.com/_next/static/chunks/4.1579d566fe7ef23f99dd.js

tls, http

msedge.exe

7.1kB
84.3kB
58
71

HTTP Request

GET https://platform.twitter.com/_next/static/pc7SXdI2p34p0Y95uXWdA/_buildManifest.js

HTTP Response

200

HTTP Request

GET https://platform.twitter.com/_next/static/chunks/main-fd9ef5eb169057cda26d.js

HTTP Response

200

HTTP Request

GET https://platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c33f0b02841cffc3e9b4.js

HTTP Response

200

HTTP Request

GET https://platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js

HTTP Response

200

HTTP Request

GET https://platform.twitter.com/_next/static/chunks/4.1579d566fe7ef23f99dd.js

HTTP Response

200
93.184.220.66:443

https://platform.twitter.com/_next/static/chunks/1.2a1457a8c568f1533384.js

tls, http

msedge.exe

5.1kB
59.4kB
43
52

HTTP Request

GET https://platform.twitter.com/_next/static/pc7SXdI2p34p0Y95uXWdA/_ssgManifest.js

HTTP Response

200

HTTP Request

GET https://platform.twitter.com/_next/static/chunks/pages/_app-88bf420a57d49e33be53.js

HTTP Response

200

HTTP Request

GET https://platform.twitter.com/_next/static/chunks/1.2a1457a8c568f1533384.js

HTTP Response

200
52.46.128.194:445

ir-na.amazon-adsystem.com

260 B
5
104.244.42.72:443

https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1715704030162%2C%22event_namespace%22%3A%7B%22action%22%3A%22no-results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22file%3A%2F%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Ffile%3A%2F%2F%2FC%3A%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22d2b21d1%3A1693532938118%22%2C%22widget_data_source%22%3A%22screen-name%3AShobiImran%22%7D

tls, http2

msedge.exe

3.6kB
6.2kB
15
15

HTTP Request

GET https://syndication.twitter.com/srv/timeline-profile/screen-name/ShobiImran?dnt=false&embedId=twitter-widget-1&features=e30%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=430px&origin=file%3A%2F%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Ffile%3A%2F%2F%2FC%3A%2F&showHeader=true&showReplies=false&theme=light&transparent=false&widgetsVersion=2615f7e52b7e0%3A1702314776716

HTTP Request

GET https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22file%3A%2F%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Ffile%3A%2F%2F%2FC%3A%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1715704028371%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1715704030162%2C%22event_namespace%22%3A%7B%22action%22%3A%22no-results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22file%3A%2F%2F%2F%2FC%3A%2FUsers%2FAdmin%2FAppData%2FLocal%2FTemp%2Ffile%3A%2F%2F%2FC%3A%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22d2b21d1%3A1693532938118%22%2C%22widget_data_source%22%3A%22screen-name%3AShobiImran%22%7D

HTTP Response

200
104.244.42.72:443

syndication.twitter.com

tls

msedge.exe

943 B
4.0kB
8
7
173.194.69.84:443

https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D465924003174355710%26postID%3D5223149393669671757%26blogspotRpcToken%3D8954618%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D465924003174355710%26postID%3D5223149393669671757%26blogspotRpcToken%3D8954618%26bpli%3D1&go=true

tls, http2

msedge.exe

2.1kB
7.5kB
14
16

HTTP Request

GET https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/comment-iframe.g?blogID%3D465924003174355710%26postID%3D5223149393669671757%26blogspotRpcToken%3D8954618%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D465924003174355710%26postID%3D5223149393669671757%26blogspotRpcToken%3D8954618%26bpli%3D1&go=true
93.184.220.66:443

https://platform.twitter.com/_next/static/chunks/ondemand.Dropdown.0890ced0fe3b29a4c947.js

tls, http

msedge.exe

7.4kB
179.0kB
95
144

HTTP Request

GET https://platform.twitter.com/_next/static/chunks/3.623849758c2a16a878a7.js

HTTP Response

200

HTTP Request

GET https://platform.twitter.com/_next/static/chunks/ondemand.Dropdown.0890ced0fe3b29a4c947.js

HTTP Response

200
93.184.220.66:443

https://platform.twitter.com/_next/static/chunks/6.902e7a204f7eea980629.js

tls, http

msedge.exe

2.5kB
7.3kB
13
14

HTTP Request

GET https://platform.twitter.com/_next/static/chunks/6.902e7a204f7eea980629.js

HTTP Response

200
93.184.220.66:443

platform.twitter.com

tls

msedge.exe

1.6kB
5.3kB
11
14
142.250.178.132:443

https://www.google.com/js/bg/wzW03wSMKGadcZM3w2SLC_Xpa1daedvy2LBHVDfiSZI.js

tls, http2

msedge.exe

2.5kB
28.0kB
29
30

HTTP Request

GET https://www.google.com/js/bg/wzW03wSMKGadcZM3w2SLC_Xpa1daedvy2LBHVDfiSZI.js
52.94.240.125:139

ir-na.amazon-adsystem.com

260 B
5
163.70.151.35:443

www.facebook.com

tls

msedge.exe

2.3kB
20.0kB
18
25
144.2.12.25:443

https://badges.linkedin.com/profile?locale=en_US&badgetype=horizontal&badgetheme=dark&uid=378255&version=v1&maxsize=medium&trk=profile-badge&vanityname=shobi-imran

tls, http

msedge.exe

1.7kB
5.8kB
11
13

HTTP Request

GET https://badges.linkedin.com/profile?locale=en_US&badgetype=horizontal&badgetheme=dark&uid=378255&version=v1&maxsize=medium&trk=profile-badge&vanityname=shobi-imran

HTTP Response

404
13.107.42.14:443

https://www.linkedin.com/li/rep

tls, http2

msedge.exe

2.6kB
7.7kB
18
22

HTTP Request

OPTIONS https://www.linkedin.com/li/rep

HTTP Response

200

HTTP Request

POST https://www.linkedin.com/li/rep

HTTP Response

200
142.250.75.225:443

https://learningkeepsusalive.blogspot.com/favicon.ico

tls, http2

msedge.exe

1.8kB
9.4kB
15
18

HTTP Request

GET https://learningkeepsusalive.blogspot.com/favicon.ico
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.1kB
16
14
204.79.197.200:443

https://tse1.mm.bing.net/th?id=OADD2.10239340783933_1QOIM48UV8MGOV4SU&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

tls, http2

93.1kB
2.6MB
1865
1860

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239360931611_1SOG5TNNJKE1WH1R0&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239340783932_1JCHO8JLBZ4TPAX49&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239360931612_153L2SVWUYAQUME4E&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239340783933_1QOIM48UV8MGOV4SU&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.1kB
16
14
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.1kB
16
14

8.8.8.8:53

googledrive.com

dns

msedge.exe

61 B
77 B
1
1

DNS Request

googledrive.com

DNS Response

142.250.179.65
8.8.8.8:53

www.blogger.com

dns

msedge.exe

61 B
108 B
1
1

DNS Request

www.blogger.com

DNS Response

142.250.201.169
8.8.8.8:53

ajax.googleapis.com

dns

msedge.exe

65 B
81 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

142.250.75.234
8.8.8.8:53

maxcdn.bootstrapcdn.com

dns

69 B
101 B
1
1

DNS Request

maxcdn.bootstrapcdn.com

DNS Response

104.18.10.207

104.18.11.207
8.8.8.8:53

58.55.71.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

58.55.71.13.in-addr.arpa
8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.210.232.199.in-addr.arpa
8.8.8.8:53

169.201.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

169.201.250.142.in-addr.arpa
8.8.8.8:53

0.159.190.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

0.159.190.20.in-addr.arpa
8.8.8.8:53

138.178.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

138.178.250.142.in-addr.arpa
8.8.8.8:53

234.75.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

234.75.250.142.in-addr.arpa
8.8.8.8:53

65.179.250.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

65.179.250.142.in-addr.arpa
142.250.201.169:443

www.blogger.com

https

msedge.exe

7.4kB
78.8kB
56
84
8.8.8.8:53

3.bp.blogspot.com

dns

msedge.exe

63 B
124 B
1
1

DNS Request

3.bp.blogspot.com

DNS Response

142.250.179.97
8.8.8.8:53

2.bp.blogspot.com

dns

msedge.exe

63 B
124 B
1
1

DNS Request

2.bp.blogspot.com

DNS Response

142.250.179.97
8.8.8.8:53

4.bp.blogspot.com

dns

msedge.exe

63 B
124 B
1
1

DNS Request

4.bp.blogspot.com

DNS Response

142.250.179.97
8.8.8.8:53

maxcdn.bootstrapcdn.com

dns

69 B
101 B
1
1

DNS Request

maxcdn.bootstrapcdn.com

DNS Response

104.18.10.207

104.18.11.207
8.8.8.8:53

resources.blogblog.com

dns

msedge.exe

68 B
115 B
1
1

DNS Request

resources.blogblog.com

DNS Response

142.250.201.169
8.8.8.8:53

feedburner.google.com

dns

msedge.exe

67 B
104 B
1
1

DNS Request

feedburner.google.com

DNS Response

142.250.201.174
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

163.20.217.172.in-addr.arpa

dns

73 B
171 B
1
1

DNS Request

163.20.217.172.in-addr.arpa
8.8.8.8:53

67.213.58.216.in-addr.arpa

dns

72 B
169 B
1
1

DNS Request

67.213.58.216.in-addr.arpa
8.8.8.8:53

97.179.250.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

97.179.250.142.in-addr.arpa
8.8.8.8:53

platform.twitter.com

dns

msedge.exe

66 B
241 B
1
1

DNS Request

platform.twitter.com

DNS Response

93.184.220.66
8.8.8.8:53

g.bing.com

dns

56 B
151 B
1
1

DNS Request

g.bing.com

DNS Response

204.79.197.237

13.107.21.237
8.8.8.8:53

platform.linkedin.com

dns

msedge.exe

67 B
162 B
1
1

DNS Request

platform.linkedin.com

DNS Response

152.199.22.144
142.250.179.97:443

4.bp.blogspot.com

https

msedge.exe

4.6kB
18.1kB
19
23
8.8.8.8:53

1.bp.blogspot.com

dns

msedge.exe

63 B
124 B
1
1

DNS Request

1.bp.blogspot.com

DNS Response

142.250.179.97
8.8.8.8:53

196.249.167.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

196.249.167.52.in-addr.arpa
8.8.8.8:53

174.201.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

174.201.250.142.in-addr.arpa
8.8.8.8:53

66.220.184.93.in-addr.arpa

dns

72 B
143 B
1
1

DNS Request

66.220.184.93.in-addr.arpa
8.8.8.8:53

237.197.79.204.in-addr.arpa

dns

73 B
143 B
1
1

DNS Request

237.197.79.204.in-addr.arpa
8.8.8.8:53

144.22.199.152.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

144.22.199.152.in-addr.arpa
8.8.8.8:53

72.61.62.23.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

72.61.62.23.in-addr.arpa
8.8.8.8:53

58.99.105.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

58.99.105.20.in-addr.arpa
224.0.0.251:5353

msedge.exe

514 B
8
8.8.8.8:53

ws-na.amazon-adsystem.com

dns

71 B
188 B
1
1

DNS Request

ws-na.amazon-adsystem.com
142.250.179.65:443

googledrive.com

https

msedge.exe

3.7kB
9.3kB
10
11
8.8.8.8:53

ir-na.amazon-adsystem.com

dns

71 B
118 B
1
1

DNS Request

ir-na.amazon-adsystem.com

DNS Response

52.46.128.194
8.8.8.8:53

connect.facebook.net

dns

msedge.exe

66 B
114 B
1
1

DNS Request

connect.facebook.net

DNS Response

163.70.151.21
8.8.8.8:53

syndication.twitter.com

dns

msedge.exe

69 B
85 B
1
1

DNS Request

syndication.twitter.com

DNS Response

104.244.42.72
8.8.8.8:53

accounts.google.com

dns

msedge.exe

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

173.194.69.84
8.8.8.8:53

twitter.com

dns

msedge.exe

57 B
73 B
1
1

DNS Request

twitter.com

DNS Response

104.244.42.193
8.8.8.8:53

ir-na.amazon-adsystem.com

dns

71 B
118 B
1
1

DNS Request

ir-na.amazon-adsystem.com

DNS Response

52.94.240.125
8.8.8.8:53

www.google.com

dns

msedge.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.178.132
142.250.201.169:443

resources.blogblog.com

https

msedge.exe

3.8kB
8.9kB
10
12
8.8.8.8:53

21.151.70.163.in-addr.arpa

dns

72 B
116 B
1
1

DNS Request

21.151.70.163.in-addr.arpa
8.8.8.8:53

72.42.244.104.in-addr.arpa

dns

72 B
72 B
1
1

DNS Request

72.42.244.104.in-addr.arpa
8.8.8.8:53

84.69.194.173.in-addr.arpa

dns

72 B
105 B
1
1

DNS Request

84.69.194.173.in-addr.arpa
8.8.8.8:53

132.178.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

132.178.250.142.in-addr.arpa
8.8.8.8:53

157.123.68.40.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

157.123.68.40.in-addr.arpa
8.8.8.8:53

198.187.3.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

198.187.3.20.in-addr.arpa
8.8.8.8:53

31.121.18.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

31.121.18.2.in-addr.arpa
8.8.8.8:53

www.facebook.com

dns

msedge.exe

62 B
107 B
1
1

DNS Request

www.facebook.com

DNS Response

163.70.151.35
8.8.8.8:53

badges.linkedin.com

dns

msedge.exe

65 B
125 B
1
1

DNS Request

badges.linkedin.com

DNS Response

144.2.12.25
8.8.8.8:53

static.xx.fbcdn.net

dns

msedge.exe

65 B
104 B
1
1

DNS Request

static.xx.fbcdn.net

DNS Response

163.70.151.21
8.8.8.8:53

www.linkedin.com

dns

msedge.exe

62 B
142 B
1
1

DNS Request

www.linkedin.com

DNS Response

13.107.42.14
8.8.8.8:53

scontent.xx.fbcdn.net

dns

msedge.exe

67 B
83 B
1
1

DNS Request

scontent.xx.fbcdn.net

DNS Response

163.70.151.21
8.8.8.8:53

learningkeepsusalive.blogspot.com

dns

msedge.exe

79 B
138 B
1
1

DNS Request

learningkeepsusalive.blogspot.com

DNS Response

142.250.75.225
8.8.8.8:53

35.151.70.163.in-addr.arpa

dns

72 B
125 B
1
1

DNS Request

35.151.70.163.in-addr.arpa
8.8.8.8:53

25.12.2.144.in-addr.arpa

dns

70 B
124 B
1
1

DNS Request

25.12.2.144.in-addr.arpa
8.8.8.8:53

14.42.107.13.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

14.42.107.13.in-addr.arpa
8.8.8.8:53

225.75.250.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

225.75.250.142.in-addr.arpa
8.8.8.8:53

241.197.17.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

241.197.17.2.in-addr.arpa
8.8.8.8:53

26.35.223.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

26.35.223.20.in-addr.arpa
8.8.8.8:53

19.229.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

19.229.111.52.in-addr.arpa
8.8.8.8:53

tse1.mm.bing.net

dns

62 B
173 B
1
1

DNS Request

tse1.mm.bing.net

DNS Response

204.79.197.200

13.107.21.200

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
c9c4c494f8fba32d95ba2125f00586a3

SHA1
8a600205528aef7953144f1cf6f7a5115e3611de

SHA256
a0ca609205813c307df9122c0c5b0967c5472755700f615b0033129cf7d6b35b

SHA512
9d30cea6cfc259e97b0305f8b5cd19774044fb78feedfcef2014b2947f2e6a101273bc4ad30db9cc1724e62eb441266d7df376e28ac58693f128b9cce2c7d20d

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
4dc6fc5e708279a3310fe55d9c44743d

SHA1
a42e8bdf9d1c25ef3e223d59f6b1d16b095f46d2

SHA256
a1c5f48659d4b3af960971b3a0f433a95fee5bfafe5680a34110c68b342377d8

SHA512
5874b2310187f242b852fa6dcded244cc860abb2be4f6f5a6a1db8322e12e1fef8f825edc0aae75adbb7284a2cd64730650d0643b1e2bb7ead9350e50e1d8c13

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
552B

MD5
345d5f19b7e2a1a4162e003ad4a1311e

SHA1
a1e6e1eb50fbcd681f3ce80a018cbf1d3e7cb9ed

SHA256
ef701e90905a3059640702960071365b9d262fceee53e19cfba1c09b02de59a2

SHA512
6d13ef2584192b92b05e8a0de027f6d8fa4ae6bc82a808280c70deaa4a6c829c0fe292987e67889bb1edad49e8383c4d110ae5a92f5d85c98cc850d9b383463b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
408B

MD5
5d066f5e146b6930c3fcf60b1e5fbaa7

SHA1
89364962ffc83cbc70b1372beeb3eacf1e66c098

SHA256
12e4ef2b50cbf23d386df5d9e4943aefd1b5931c03669f008be69cf3467d4e6a

SHA512
029d9bc6fe494cf680d39b4cfa07ebced22b6e12f3270ed43d671690b2e0d5fc3eff3385bdde56e827dd0ffa1b600623134b3fa116d0130aa6c869716f825294

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
3KB

MD5
6801687d250b253763ca6f69fe544599

SHA1
018a6dc7fc6529fa2d9f41fd40583587084b46a7

SHA256
729ed4c3ce4036324db9066c30bc5764b254d15a88a9527886bb58904b1f0bc6

SHA512
044e7481798e66191eced82f81954263937b8f04008550e8517c7a0aa17a2dd9b178b4f229c93a47a0ccdd50631d2772da5764295618b11160b7278fa36f00d4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
b019512f4df67809d9ef9bdb29b35015

SHA1
86cd821bce5c913e9de9ff2280f39ff17791cd06

SHA256
61fbc8c237520a441bf6887d200114e889542fa9fedd1e7ee790d6e452f96c3a

SHA512
d2eee84771f9ec7e86ddf199622b3de07f06df65526441d15938477cbfb665d63552d9fa3ce62fb9ef34788e57c83e829cbbeef31ee442ec65d3b4281106a74c

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
62109bd518687efd460464aac5e6012d

SHA1
942f4641036232ec4940302adba6c9fcfb7f4703

SHA256
18bda9ecef631299224659b9d9a6bb7dd956e5e7885f042d83766ecfed07cdc1

SHA512
6c8f7c5b5821aa1b86e365948338f375dc64708ca9d64ff9de8167555c6e6e80c6a211ca60a31bd861bed77596cc447b27c4871f2e7f3a922fe8b2f64742510f

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
7KB

MD5
4c8e9dee6c0b9f0a7f19887aff2853bb

SHA1
c3bfab6b208b44f803254a7107fe35febd51d5a7

SHA256
f8eeb1412a2ed7eb34c22f90dc520cb7981f6c63e245b64ffbe1667f0ea5dedc

SHA512
d8f79666f973961d136ea4f3b2531d0ef7448d6aca56c83f5e18b23c28baa723f068092a6689def56aebb7d965a2aa2337b93bc1a5319ff7d7fcd136888f37ae

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
828ed1fe252ef467b37d60906f2a0f61

SHA1
a210bc3b51328d7c7c6105be2fae227d4e92dfc9

SHA256
9f09d0a0d90369f160728774d312f88888cbc414fb5875471a5d8d2bd7815fd4

SHA512
ad287c7f87e720f694fc74c0e07d90283b88e196dfd755531a766b4b7092c2df1357ad5b5d25516323ead71b16be97311e8c9ff2a15f4fe3c6e1dd1d6c1a3a10

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
1KB

MD5
e92d84cf04bb90c5df02807e9af267b7

SHA1
c526cc00a16e6beea8e75b21eff1ba521374a425

SHA256
af289c46c9f7354b9ede22d908b8beaa8d0f0a4c5d3c3942b562a7d275018653

SHA512
4ac5c2cc44b1fb18f29360b5ade9321ede144bf3970e2eab062b813fddc00a59667a8bd381bc84ab86f082b640d49bb806c19020a660c4f1485bc3222131c178

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
7f04579b195999f8be2cbdcfa07ddad1

SHA1
c217cdc5fa6467fc708b306cec2c57e10099e938

SHA256
763d414bb81df8ee901d8ff401fe08b9ea20f6ffcf62b3a84e825e957ce49293

SHA512
57edfff7488307b3574adb1f673481765e24b56cd54df0a826372dca7b34cf9e462bea6e51acd9aabe78afe2ad934a7ba761ac6be8e33bcc2df767572db98fa0

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57d1f6.TMP

Filesize
204B

MD5
75e35290ed9980f4c07257b6558b8c06

SHA1
3a0a0f7ddfdf5454b7307f4135ff5d2f798587b9

SHA256
8d45734c8098e04b8c340bc587870c0724a26e3df62179836fc4a4e36f1c2cb2

SHA512
a5941b200bd39c2f65cfe86293bdb1373fb8fbe7c496351a668fcdb286027861e4f140b97154dabf4a91165808e85ab3e3033c781df43d5a2c116b4a560337df

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
206702161f94c5cd39fadd03f4014d98

SHA1
bd8bfc144fb5326d21bd1531523d9fb50e1b600a

SHA256
1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

SHA512
0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
13a3e0b3743919523cef4a967907fc17

SHA1
b8b455db0c179c0b0d9e7459ee355b4a7cdaf119

SHA256
451622d716e25051b5b50d665452fbb81e130c473ef0e0a612a9c2f8022f13ef

SHA512
d8df1738a67f46bf2724fd394bef76381a3032e3fd11e999af46b50d423c8589b91243f74add63839000e2c022deecf6e75b967fcb12dc871ed8e256bdd39fcb

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request