b00526a50fed6aa5b532ab3f54edfe489d2eb7c25b3a7a857d49a9b351f0e2b2

Analysis

max time kernel
150s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
15/05/2024, 09:47 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

45993ea84b62dafd441f2930cf354513_JaffaCakes118.html
Size

31KB
MD5

45993ea84b62dafd441f2930cf354513
SHA1

0f98164b9d02a3942c196ad8ca5588ccbcdb717b
SHA256

b00526a50fed6aa5b532ab3f54edfe489d2eb7c25b3a7a857d49a9b351f0e2b2
SHA512

c00d37a66d6b16e58f0019fd503909f17e582b08dddde10eb6c43422402b261e9f9ccb5bcaef791d4bd070c79bcc56c24a3cc0afdaea373072b3980ac80a7f46
SSDEEP

768:GJ6hq891Kzcljw4jGikKeQauY3VEsermNjIVw26ZladbhjKMt5zD+vB:iKqYw4jGceQAVEVKMt5k

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe

Suspicious behavior: EnumeratesProcesses 10 IoCs

pid	Process
2276	msedge.exe
2276	msedge.exe
4644	msedge.exe
4644	msedge.exe
1048	identity_helper.exe
1048	identity_helper.exe
2136	msedge.exe
2136	msedge.exe
2136	msedge.exe
2136	msedge.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe

Suspicious use of FindShellTrayWindow 25 IoCs

pid	Process
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe
4644	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4644 wrote to memory of 3256	4644	msedge.exe	84
PID 4644 wrote to memory of 3256	4644	msedge.exe	84
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 1668	4644	msedge.exe	85
PID 4644 wrote to memory of 2276	4644	msedge.exe	86
PID 4644 wrote to memory of 2276	4644	msedge.exe	86
PID 4644 wrote to memory of 6092	4644	msedge.exe	87
PID 4644 wrote to memory of 6092	4644	msedge.exe	87
PID 4644 wrote to memory of 6092	4644	msedge.exe	87
PID 4644 wrote to memory of 6092	4644	msedge.exe	87
PID 4644 wrote to memory of 6092	4644	msedge.exe	87
PID 4644 wrote to memory of 6092	4644	msedge.exe	87
PID 4644 wrote to memory of 6092	4644	msedge.exe	87
PID 4644 wrote to memory of 6092	4644	msedge.exe	87
PID 4644 wrote to memory of 6092	4644	msedge.exe	87
PID 4644 wrote to memory of 6092	4644	msedge.exe	87
PID 4644 wrote to memory of 6092	4644	msedge.exe	87
PID 4644 wrote to memory of 6092	4644	msedge.exe	87
PID 4644 wrote to memory of 6092	4644	msedge.exe	87
PID 4644 wrote to memory of 6092	4644	msedge.exe	87
PID 4644 wrote to memory of 6092	4644	msedge.exe	87
PID 4644 wrote to memory of 6092	4644	msedge.exe	87
PID 4644 wrote to memory of 6092	4644	msedge.exe	87
PID 4644 wrote to memory of 6092	4644	msedge.exe	87
PID 4644 wrote to memory of 6092	4644	msedge.exe	87
PID 4644 wrote to memory of 6092	4644	msedge.exe	87

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\45993ea84b62dafd441f2930cf354513_JaffaCakes118.html
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4644
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9a06c46f8,0x7ff9a06c4708,0x7ff9a06c4718
  2⤵
  PID:3256
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,8863697603086938967,5623268249637772562,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2
  2⤵
  PID:1668
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,8863697603086938967,5623268249637772562,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2464 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2120,8863697603086938967,5623268249637772562,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2092 /prefetch:8
  2⤵
  PID:6092
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,8863697603086938967,5623268249637772562,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1
  2⤵
  PID:4584
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,8863697603086938967,5623268249637772562,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1
  2⤵
  PID:5192
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,8863697603086938967,5623268249637772562,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4864 /prefetch:1
  2⤵
  PID:5744
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,8863697603086938967,5623268249637772562,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
  2⤵
  PID:3864
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,8863697603086938967,5623268249637772562,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5288 /prefetch:1
  2⤵
  PID:5656
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,8863697603086938967,5623268249637772562,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5444 /prefetch:8
  2⤵
  PID:552
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2120,8863697603086938967,5623268249637772562,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5444 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1048
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,8863697603086938967,5623268249637772562,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1
  2⤵
  PID:3096
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,8863697603086938967,5623268249637772562,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1
  2⤵
  PID:5304
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,8863697603086938967,5623268249637772562,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4160 /prefetch:1
  2⤵
  PID:5392
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2120,8863697603086938967,5623268249637772562,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5560 /prefetch:1
  2⤵
  PID:6100
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,8863697603086938967,5623268249637772562,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5696 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2136

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:1064

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:2236

Network

DNS

connect.facebook.net

msedge.exe

Remote address:

8.8.8.8:53

Request

connect.facebook.net

IN A

Response

connect.facebook.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

163.70.151.21
DNS

code.jquery.com

msedge.exe

Remote address:

8.8.8.8:53

Request

code.jquery.com

IN A

Response

code.jquery.com

IN A

151.101.66.137

code.jquery.com

IN A

151.101.194.137

code.jquery.com

IN A

151.101.2.137

code.jquery.com

IN A

151.101.130.137
DNS

www.blogger.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.blogger.com

IN A

Response

www.blogger.com

IN CNAME

blogger.l.google.com

blogger.l.google.com

IN A

142.250.201.169
DNS

dl.dropbox.com

msedge.exe

Remote address:

8.8.8.8:53

Request

dl.dropbox.com

IN A

Response

dl.dropbox.com

IN CNAME

edge-block-www-env.dropbox-dns.com

edge-block-www-env.dropbox-dns.com

IN A

162.125.64.15
DNS

apis.google.com

msedge.exe

Remote address:

8.8.8.8:53

Request

apis.google.com

IN A

Response

apis.google.com

IN CNAME

plus.l.google.com

plus.l.google.com

IN A

142.250.75.238
DNS

1.bp.blogspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

1.bp.blogspot.com

IN A

Response

1.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.179.97
DNS

i.imgur.com

msedge.exe

Remote address:

8.8.8.8:53

Request

i.imgur.com

IN A

Response

i.imgur.com

IN CNAME

ipv4.imgur.map.fastly.net

ipv4.imgur.map.fastly.net

IN A

199.232.192.193

ipv4.imgur.map.fastly.net

IN A

199.232.196.193
DNS

resources.blogblog.com

msedge.exe

Remote address:

8.8.8.8:53

Request

resources.blogblog.com

IN A

Response

resources.blogblog.com

IN CNAME

blogger.l.google.com

blogger.l.google.com

IN A

142.250.201.169
GET

http://fonts.googleapis.com/css?family=Quantico:400con,700

msedge.exe

Remote address:

142.250.178.138:80

Request

GET /css?family=Quantico:400con,700 HTTP/1.1
Host: fonts.googleapis.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 15 May 2024 09:48:03 GMT
Date: Wed, 15 May 2024 09:48:03 GMT
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Last-Modified: Wed, 15 May 2024 09:48:03 GMT
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://fonts.googleapis.com/css?family=Jenna+Sue:400,700

msedge.exe

Remote address:

142.250.178.138:80

Request

GET /css?family=Jenna+Sue:400,700 HTTP/1.1
Host: fonts.googleapis.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 400 Bad Request

Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Wed, 15 May 2024 09:48:03 GMT
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://fonts.googleapis.com/css?family=Syncopate:400,700

msedge.exe

Remote address:

142.250.178.138:80

Request

GET /css?family=Syncopate:400,700 HTTP/1.1
Host: fonts.googleapis.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 15 May 2024 09:48:03 GMT
Date: Wed, 15 May 2024 09:48:03 GMT
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Last-Modified: Wed, 15 May 2024 09:48:03 GMT
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://fonts.googleapis.com/css?family=Jenna+Sue:400,700

msedge.exe

Remote address:

142.250.178.138:80

Request

GET /css?family=Jenna+Sue:400,700 HTTP/1.1
Host: fonts.googleapis.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 400 Bad Request

Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Wed, 15 May 2024 09:48:03 GMT
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://fonts.googleapis.com/css?family=Raleway:400,300,200,100,500,600,700,800,900

msedge.exe

Remote address:

142.250.178.138:80

Request

GET /css?family=Raleway:400,300,200,100,500,600,700,800,900 HTTP/1.1
Host: fonts.googleapis.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 15 May 2024 09:48:03 GMT
Date: Wed, 15 May 2024 09:48:03 GMT
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Last-Modified: Wed, 15 May 2024 09:48:03 GMT
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://fonts.googleapis.com/css?family=Simonetta:400,700,800,900

msedge.exe

Remote address:

142.250.178.138:80

Request

GET /css?family=Simonetta:400,700,800,900 HTTP/1.1
Host: fonts.googleapis.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 15 May 2024 09:48:03 GMT
Date: Wed, 15 May 2024 09:48:03 GMT
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Last-Modified: Wed, 15 May 2024 09:48:03 GMT
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://fonts.googleapis.com/css?family=Nunito:400,700

msedge.exe

Remote address:

142.250.178.138:80

Request

GET /css?family=Nunito:400,700 HTTP/1.1
Host: fonts.googleapis.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 15 May 2024 09:48:03 GMT
Date: Wed, 15 May 2024 09:48:03 GMT
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Last-Modified: Wed, 15 May 2024 09:48:03 GMT
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
GET

http://i.imgur.com/lG1Tbhs.png

msedge.exe

Remote address:

199.232.192.193:80

Request

GET /lG1Tbhs.png HTTP/1.1
Host: i.imgur.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: close
Content-Length: 0
Retry-After: 0
Location: https://i.imgur.com/lG1Tbhs.png
Accept-Ranges: bytes
Date: Wed, 15 May 2024 09:48:03 GMT
X-Served-By: cache-lcy-eglc8600078-LCY
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1715766483.243852,VS0,VE0
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0
GET

https://www.blogger.com/static/v1/widgets/124887373-widget_css_bundle.css

msedge.exe

Remote address:

142.250.201.169:443

Request

GET /static/v1/widgets/124887373-widget_css_bundle.css HTTP/2.0
host: www.blogger.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4738640989457898900&zx=fd47caa5-3b25-4ed0-b947-c56a50c471d3

msedge.exe

Remote address:

142.250.201.169:443

Request

GET /dyn-css/authorization.css?targetBlogID=4738640989457898900&zx=fd47caa5-3b25-4ed0-b947-c56a50c471d3 HTTP/2.0
host: www.blogger.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.blogger.com/static/v1/widgets/916259663-widgets.js

msedge.exe

Remote address:

142.250.201.169:443

Request

GET /static/v1/widgets/916259663-widgets.js HTTP/2.0
host: www.blogger.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

http://code.jquery.com/jquery-latest.js

msedge.exe

Remote address:

151.101.66.137:80

Request

GET /jquery-latest.js HTTP/1.1
Host: code.jquery.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Connection: keep-alive
Content-Length: 83875
Server: nginx
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
ETag: W/"28feccc0-4508e"
Cache-Control: public, max-age=31536000, stale-while-revalidate=604800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 15 May 2024 09:48:03 GMT
Age: 20964276
X-Served-By: cache-lga21958-LGA, cache-lcy-eglc8600045-LCY
X-Cache: HIT, HIT
X-Cache-Hits: 742, 11587
X-Timer: S1715766483.247551,VS0,VE0
Vary: Accept-Encoding
GET

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

msedge.exe

Remote address:

142.250.201.169:443

Request

GET /img/icon18_wrench_allbkg.png HTTP/2.0
host: resources.blogblog.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

http://connect.facebook.net/pt_BR/all.js

msedge.exe

Remote address:

163.70.151.21:80

Request

GET /pt_BR/all.js HTTP/1.1
Host: connect.facebook.net
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Location: https://connect.facebook.net/pt_BR/all.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Wed, 15 May 2024 09:48:03 GMT
Connection: keep-alive
Content-Length: 0
GET

http://1.bp.blogspot.com/-AShcsnUxL9o/UDZYMmMsxMI/AAAAAAAAF40/dcKGrzDAVN4/s1600/INICIO.png

msedge.exe

Remote address:

142.250.179.97:80

Request

GET /-AShcsnUxL9o/UDZYMmMsxMI/AAAAAAAAF40/dcKGrzDAVN4/s1600/INICIO.png HTTP/1.1
Host: 1.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 15 May 2024 09:48:03 GMT
Server: fife
Content-Length: 915
X-XSS-Protection: 0
GET

https://apis.google.com/js/plusone.js

msedge.exe

Remote address:

142.250.75.238:443

Request

GET /js/plusone.js HTTP/2.0
host: apis.google.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

msedge.exe

Remote address:

142.250.75.238:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs HTTP/2.0
host: apis.google.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs

msedge.exe

Remote address:

142.250.75.238:443

Request

GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs HTTP/2.0
host: apis.google.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
dnt: 1
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

http://dl.dropbox.com/u/44914301/codigos/PageNavi.js

msedge.exe

Remote address:

162.125.64.15:80

Request

GET /u/44914301/codigos/PageNavi.js HTTP/1.1
Host: dl.dropbox.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

location: https://dl.dropbox.com/u/44914301/codigos/PageNavi.js
date: Wed, 15 May 2024 09:48:02 GMT
server: envoy
x-dropbox-request-id: 3789b960668a4005a96843b7e6ebb51c
content-length: 0
GET

https://i.imgur.com/lG1Tbhs.png

msedge.exe

Remote address:

199.232.192.193:443

Request

GET /lG1Tbhs.png HTTP/2.0
host: i.imgur.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
last-modified: Mon, 21 Jan 2013 15:17:37 GMT
etag: "183431330f53e7e937828d832bd023c3"
x-amz-cf-pop: IAD12-P2
x-amz-cf-id: zYGgp1frxD7s2kOVTs0cjHuZzhexIJEmoKoK1_yQQ__6oNLLHU1K1w==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 15 May 2024 09:48:03 GMT
age: 1881435
x-served-by: cache-iad-kjyo7100127-IAD, cache-lcy-eglc8600051-LCY
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 17, 1
x-timer: S1715766484.618143,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 728
GET

https://i.imgur.com/tY6WdWW.png

msedge.exe

Remote address:

199.232.192.193:443

Request

GET /tY6WdWW.png HTTP/2.0
host: i.imgur.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
last-modified: Sun, 20 Jan 2013 22:49:08 GMT
etag: "ad7db4eba4fd40828c27837588374d49"
x-amz-cf-pop: IAD61-P2
x-amz-cf-id: u421lUL_jL6LKL-tSLE_0ErbMxcKgZlhfPHxt23_2tus39sMNwEBig==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 15 May 2024 09:48:03 GMT
age: 2445056
x-served-by: cache-iad-kiad7000162-IAD, cache-lcy-eglc8600051-LCY
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 31, 1
x-timer: S1715766484.629840,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 458
GET

https://i.imgur.com/z6vU9p0.png

msedge.exe

Remote address:

199.232.192.193:443

Request

GET /z6vU9p0.png HTTP/2.0
host: i.imgur.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
last-modified: Sun, 20 Jan 2013 21:30:01 GMT
etag: "73c482b3ce7fa4bef04c95705ae47a17"
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: MmkHYu8ytf-4H4E_Egw13xmtfi0jv8AcZ9k4tKCRuXXlZID-qeuAhg==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 15 May 2024 09:48:03 GMT
age: 1827968
x-served-by: cache-iad-kcgs7200087-IAD, cache-lcy-eglc8600051-LCY
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 14, 1
x-timer: S1715766484.630048,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 48994
GET

https://i.imgur.com/PBGhSJP.jpg

msedge.exe

Remote address:

199.232.192.193:443

Request

GET /PBGhSJP.jpg HTTP/2.0
host: i.imgur.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/jpeg
last-modified: Sun, 20 Jan 2013 15:14:01 GMT
etag: "2023921e2a9dd2608cb9e142dd935287"
x-amz-storage-class: STANDARD_IA
x-amz-cf-pop: IAD12-P2
x-amz-cf-id: TXyolbxa5iuBg2sHBW6C6I4AjVQmFJEQHlL4zd4zWuCHqghYGNf9xw==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 15 May 2024 09:48:03 GMT
age: 257537
x-served-by: cache-iad-kiad7000052-IAD, cache-lcy-eglc8600051-LCY
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 8, 1
x-timer: S1715766484.630379,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 522857
GET

https://i.imgur.com/0lBGWIy.png

msedge.exe

Remote address:

199.232.192.193:443

Request

GET /0lBGWIy.png HTTP/2.0
host: i.imgur.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/jpeg
last-modified: Sun, 20 Jan 2013 23:13:33 GMT
etag: "48a8ec36ee695f38c0f1483d3ea4e1f5"
x-amz-cf-pop: IAD89-P1
x-amz-cf-id: Z8K5m-mltOOFNvxrmMoRFWcp4NcXSX0AYWlRvgtL27r4JYD7pLo1oQ==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 15 May 2024 09:48:03 GMT
age: 1295232
x-served-by: cache-iad-kcgs7200132-IAD, cache-lcy-eglc8600051-LCY
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 12, 1
x-timer: S1715766484.633544,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 17749
GET

https://i.imgur.com/VRcWXnc.jpg

msedge.exe

Remote address:

199.232.192.193:443

Request

GET /VRcWXnc.jpg HTTP/2.0
host: i.imgur.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
last-modified: Fri, 19 Apr 2013 21:17:22 GMT
etag: "7e55f9017004f72b2c50425e3e97c9f0"
x-amz-storage-class: STANDARD_IA
x-amz-cf-pop: IAD12-P2
x-amz-cf-id: 44djXFrrN29DCYKn_REe6hL7FF126a_XR2VCTEgOyyKrzTtw9q1zlA==
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 15 May 2024 09:48:03 GMT
age: 0
x-served-by: cache-iad-kiad7000088-IAD, cache-lcy-eglc8600051-LCY
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 3, 1
x-timer: S1715766484.633279,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 360996
GET

https://dl.dropbox.com/u/44914301/codigos/PageNavi.js

msedge.exe

Remote address:

162.125.64.15:443

Request

GET /u/44914301/codigos/PageNavi.js HTTP/2.0
host: dl.dropbox.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
dnt: 1
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 404

content-type: text/html
date: Wed, 15 May 2024 09:48:03 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-robots-tag: noindex, nofollow, noimageindex
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: remote
x-dropbox-request-id: 1c01219fae934f4eb81440ead31c807e
GET

http://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

msedge.exe

Remote address:

172.217.20.163:80

Request

GET /s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
Connection: keep-alive
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Referer: http://fonts.googleapis.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 39124
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 09 May 2024 10:01:33 GMT
Expires: Fri, 09 May 2025 10:01:33 GMT
Cache-Control: public, max-age=31536000
Age: 517590
Last-Modified: Thu, 14 Sep 2023 00:02:20 GMT
Content-Type: font/woff2
DNS

connect.facebook.net

msedge.exe

Remote address:

8.8.8.8:53

Request

connect.facebook.net

IN A

Response

connect.facebook.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

163.70.151.21
GET

http://i.imgur.com/PBGhSJP.jpg

msedge.exe

Remote address:

199.232.192.193:80

Request

GET /PBGhSJP.jpg HTTP/1.1
Host: i.imgur.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: close
Content-Length: 0
Retry-After: 0
Location: https://i.imgur.com/PBGhSJP.jpg
Accept-Ranges: bytes
Date: Wed, 15 May 2024 09:48:03 GMT
X-Served-By: cache-lcy-eglc8600050-LCY
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1715766484.556324,VS0,VE0
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0
GET

http://i.imgur.com/z6vU9p0.png

msedge.exe

Remote address:

199.232.192.193:80

Request

GET /z6vU9p0.png HTTP/1.1
Host: i.imgur.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: close
Content-Length: 0
Retry-After: 0
Location: https://i.imgur.com/z6vU9p0.png
Accept-Ranges: bytes
Date: Wed, 15 May 2024 09:48:03 GMT
X-Served-By: cache-lcy-eglc8600069-LCY
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1715766484.557077,VS0,VE0
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0
GET

http://i.imgur.com/tY6WdWW.png

msedge.exe

Remote address:

199.232.192.193:80

Request

GET /tY6WdWW.png HTTP/1.1
Host: i.imgur.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: close
Content-Length: 0
Retry-After: 0
Location: https://i.imgur.com/tY6WdWW.png
Accept-Ranges: bytes
Date: Wed, 15 May 2024 09:48:03 GMT
X-Served-By: cache-lcy-eglc8600060-LCY
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1715766484.558095,VS0,VE0
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0
GET

http://i.imgur.com/0lBGWIy.png

msedge.exe

Remote address:

199.232.192.193:80

Request

GET /0lBGWIy.png HTTP/1.1
Host: i.imgur.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: close
Content-Length: 0
Retry-After: 0
Location: https://i.imgur.com/0lBGWIy.png
Accept-Ranges: bytes
Date: Wed, 15 May 2024 09:48:03 GMT
X-Served-By: cache-lcy-eglc8600068-LCY
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1715766484.558177,VS0,VE0
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0
GET

http://i.imgur.com/VRcWXnc.jpg

msedge.exe

Remote address:

199.232.192.193:80

Request

GET /VRcWXnc.jpg HTTP/1.1
Host: i.imgur.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Connection: close
Content-Length: 0
Retry-After: 0
Location: https://i.imgur.com/VRcWXnc.jpg
Accept-Ranges: bytes
Date: Wed, 15 May 2024 09:48:03 GMT
X-Served-By: cache-lcy-eglc8600049-LCY
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1715766484.559031,VS0,VE0
Strict-Transport-Security: max-age=300
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Server: cat factory 1.0
DNS

3.bp.blogspot.com

msedge.exe

Remote address:

8.8.8.8:53

Request

3.bp.blogspot.com

IN A

Response

3.bp.blogspot.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.179.97
GET

http://3.bp.blogspot.com/-NKOq4ksFM38/UDaHrOZSD2I/AAAAAAAAF6E/lS36TCJNAJI/s1600/body.png

msedge.exe

Remote address:

142.250.179.97:80

Request

GET /-NKOq4ksFM38/UDaHrOZSD2I/AAAAAAAAF6E/lS36TCJNAJI/s1600/body.png HTTP/1.1
Host: 3.bp.blogspot.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 404 Not Found

Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Type: image/png
X-Content-Type-Options: nosniff
Date: Wed, 15 May 2024 09:48:03 GMT
Server: fife
Content-Length: 915
X-XSS-Protection: 0
GET

http://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

msedge.exe

Remote address:

172.217.20.163:80

Request

GET /s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
Connection: keep-alive
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
DNT: 1
Accept: */*
Referer: http://fonts.googleapis.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 48336
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 09 May 2024 22:40:46 GMT
Expires: Fri, 09 May 2025 22:40:46 GMT
Cache-Control: public, max-age=31536000
Age: 472037
Last-Modified: Wed, 01 May 2024 20:31:48 GMT
Content-Type: font/woff2
DNS

134.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

134.32.126.40.in-addr.arpa

IN PTR

Response
DNS

193.192.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

193.192.232.199.in-addr.arpa

IN PTR

Response
DNS

137.66.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

137.66.101.151.in-addr.arpa

IN PTR

Response
DNS

21.151.70.163.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.151.70.163.in-addr.arpa

IN PTR

Response

21.151.70.163.in-addr.arpa

IN PTR

xx-fbcdn-shv-02-lhr6fbcdnnet
DNS

138.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

138.178.250.142.in-addr.arpa

IN PTR

Response

138.178.250.142.in-addr.arpa

IN PTR

par21s22-in-f101e100net
DNS

169.201.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

169.201.250.142.in-addr.arpa

IN PTR

Response

169.201.250.142.in-addr.arpa

IN PTR

par21s23-in-f91e100net
DNS

15.64.125.162.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.64.125.162.in-addr.arpa

IN PTR

Response
DNS

97.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.179.250.142.in-addr.arpa

IN PTR

Response

97.179.250.142.in-addr.arpa

IN PTR

par21s20-in-f11e100net
DNS

238.75.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

238.75.250.142.in-addr.arpa

IN PTR

Response

238.75.250.142.in-addr.arpa

IN PTR

par10s41-in-f141e100net
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

self.events.data.microsoft.com

Remote address:

8.8.8.8:53

Request

self.events.data.microsoft.com

IN A

Response

self.events.data.microsoft.com

IN CNAME

self-events-data.trafficmanager.net

self-events-data.trafficmanager.net

IN CNAME

onedscolprduks00.uksouth.cloudapp.azure.com

onedscolprduks00.uksouth.cloudapp.azure.com

IN A

51.105.71.136
DNS

self.events.data.microsoft.com

Remote address:

8.8.8.8:53

Request

self.events.data.microsoft.com

IN A

Response

self.events.data.microsoft.com

IN CNAME

self-events-data.trafficmanager.net

self-events-data.trafficmanager.net

IN CNAME

onedscolprdwus16.westus.cloudapp.azure.com

onedscolprdwus16.westus.cloudapp.azure.com

IN A

20.189.173.23
DNS

163.20.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

163.20.217.172.in-addr.arpa

IN PTR

Response

163.20.217.172.in-addr.arpa

IN PTR

waw02s07-in-f1631e100net

163.20.217.172.in-addr.arpa

IN PTR

par10s49-in-f3�J

163.20.217.172.in-addr.arpa

IN PTR

waw02s07-in-f3�J
DNS

58.55.71.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

58.55.71.13.in-addr.arpa

IN PTR

Response
DNS

0.204.248.87.in-addr.arpa

Remote address:

8.8.8.8:53

Request

0.204.248.87.in-addr.arpa

IN PTR

Response

0.204.248.87.in-addr.arpa

IN PTR

https-87-248-204-0lhrllnwnet
DNS

g.bing.com

Remote address:

8.8.8.8:53

Request

g.bing.com

IN A

Response

g.bing.com

IN CNAME

g-bing-com.dual-a-0034.a-msedge.net

g-bing-com.dual-a-0034.a-msedge.net

IN CNAME

dual-a-0034.dc-msedge.net

dual-a-0034.dc-msedge.net

IN A

131.253.33.237

dual-a-0034.dc-msedge.net

IN A

13.107.22.237
GET

https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8ARZcYVFm8IxwrA1yY2U4pDVUCUxkM7rMAPs_T6eJisZs29O7cPZB2AUOFWiif1JBqSdUH2xYIo7Nopa6i3BZ31edK4iDU9Ep7MhfcWTHNNiFiABu6XDpURB_lP-WpB8sSOuCBlti0DZIvaOacQLiuSkUgAepXZVPHg2Ic4LXbzZpGvyI%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D157e39b7d4d11de59bb05f9c7bb7d410&TIME=20240426T134332Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893&muid=465F5D2AB0629966D2D4950980DD8E0E

Remote address:

131.253.33.237:443

Request

GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8ARZcYVFm8IxwrA1yY2U4pDVUCUxkM7rMAPs_T6eJisZs29O7cPZB2AUOFWiif1JBqSdUH2xYIo7Nopa6i3BZ31edK4iDU9Ep7MhfcWTHNNiFiABu6XDpURB_lP-WpB8sSOuCBlti0DZIvaOacQLiuSkUgAepXZVPHg2Ic4LXbzZpGvyI%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D157e39b7d4d11de59bb05f9c7bb7d410&TIME=20240426T134332Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893&muid=465F5D2AB0629966D2D4950980DD8E0E HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2AA07704303B60343066638431426107; domain=.bing.com; expires=Mon, 09-Jun-2025 09:48:05 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 18A89F8F2E2B41809F6F703FF54D52C3 Ref B: LON212050705011 Ref C: 2024-05-15T09:48:05Z
date: Wed, 15 May 2024 09:48:05 GMT
GET

https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8ARZcYVFm8IxwrA1yY2U4pDVUCUxkM7rMAPs_T6eJisZs29O7cPZB2AUOFWiif1JBqSdUH2xYIo7Nopa6i3BZ31edK4iDU9Ep7MhfcWTHNNiFiABu6XDpURB_lP-WpB8sSOuCBlti0DZIvaOacQLiuSkUgAepXZVPHg2Ic4LXbzZpGvyI%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D157e39b7d4d11de59bb05f9c7bb7d410&TIME=20240426T134332Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893&muid=465F5D2AB0629966D2D4950980DD8E0E

Remote address:

131.253.33.237:443

Request

GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8ARZcYVFm8IxwrA1yY2U4pDVUCUxkM7rMAPs_T6eJisZs29O7cPZB2AUOFWiif1JBqSdUH2xYIo7Nopa6i3BZ31edK4iDU9Ep7MhfcWTHNNiFiABu6XDpURB_lP-WpB8sSOuCBlti0DZIvaOacQLiuSkUgAepXZVPHg2Ic4LXbzZpGvyI%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D157e39b7d4d11de59bb05f9c7bb7d410&TIME=20240426T134332Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893&muid=465F5D2AB0629966D2D4950980DD8E0E HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=2AA07704303B60343066638431426107; _EDGE_S=SID=193930CC96E363472D5A244C978F624D

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MSPTC=NZX1NrRUyU1z0mAn5zFbTQS4dIkLh3Bk4gv7W5wVgbk; domain=.bing.com; expires=Mon, 09-Jun-2025 09:48:06 GMT; path=/; Partitioned; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B4409BD8C5DB486BB4501AF5A07C5338 Ref B: LON212050705011 Ref C: 2024-05-15T09:48:06Z
date: Wed, 15 May 2024 09:48:06 GMT
DNS

237.33.253.131.in-addr.arpa

Remote address:

8.8.8.8:53

Request

237.33.253.131.in-addr.arpa

IN PTR

Response
GET

https://www.bing.com/aes/c.gif?RG=c524645740b140d79ce6096bfcdd5470&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T134332Z&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893

Remote address:

2.17.107.129:443

Request

GET /aes/c.gif?RG=c524645740b140d79ce6096bfcdd5470&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T134332Z&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893 HTTP/2.0
host: www.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=2AA07704303B60343066638431426107

Response

HTTP/2.0 200

cache-control: private,no-store
pragma: no-cache
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6CFC38DF350A40D58EA463DBC2960D5C Ref B: BRU30EDGE0517 Ref C: 2024-05-15T09:48:06Z
content-length: 0
date: Wed, 15 May 2024 09:48:06 GMT
set-cookie: _EDGE_S=SID=193930CC96E363472D5A244C978F624D; path=/; httponly; domain=bing.com
set-cookie: MUIDB=2AA07704303B60343066638431426107; path=/; httponly; expires=Mon, 09-Jun-2025 09:48:06 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.7d6b1102.1715766486.2f257d38
DNS

129.107.17.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

129.107.17.2.in-addr.arpa

IN PTR

Response

129.107.17.2.in-addr.arpa

IN PTR

a2-17-107-129deploystaticakamaitechnologiescom
GET

https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

Remote address:

2.17.107.129:443

Request

GET /th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90 HTTP/2.0
host: www.bing.com
accept: */*
cookie: MUID=2AA07704303B60343066638431426107; _EDGE_S=SID=193930CC96E363472D5A244C978F624D; MSPTC=NZX1NrRUyU1z0mAn5zFbTQS4dIkLh3Bk4gv7W5wVgbk; MUIDB=2AA07704303B60343066638431426107
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
DNS

43.58.199.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

43.58.199.20.in-addr.arpa

IN PTR

Response
DNS

13.86.106.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.86.106.20.in-addr.arpa

IN PTR

Response
DNS

103.169.127.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

103.169.127.40.in-addr.arpa

IN PTR

Response
DNS

56.126.166.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.126.166.20.in-addr.arpa

IN PTR

Response
DNS

28.143.109.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

28.143.109.104.in-addr.arpa

IN PTR

Response

28.143.109.104.in-addr.arpa

IN PTR

a104-109-143-28deploystaticakamaitechnologiescom
DNS

www.facebook.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN A

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN A

163.70.151.35
DNS

www.facebook.com

msedge.exe

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN A
DNS

static.xx.fbcdn.net

msedge.exe

Remote address:

8.8.8.8:53

Request

static.xx.fbcdn.net

IN A

Response

static.xx.fbcdn.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

163.70.151.21
DNS

static.xx.fbcdn.net

msedge.exe

Remote address:

8.8.8.8:53

Request

static.xx.fbcdn.net

IN A

Response

static.xx.fbcdn.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

163.70.151.21
DNS

35.151.70.163.in-addr.arpa

Remote address:

8.8.8.8:53

Request

35.151.70.163.in-addr.arpa

IN PTR

Response

35.151.70.163.in-addr.arpa

IN PTR

edge-star-mini-shv-02-lhr6facebookcom
DNS

35.151.70.163.in-addr.arpa

Remote address:

8.8.8.8:53

Request

35.151.70.163.in-addr.arpa

IN PTR

Response

35.151.70.163.in-addr.arpa

IN PTR

edge-star-mini-shv-02-lhr6facebookcom
DNS

88.156.103.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

88.156.103.20.in-addr.arpa

IN PTR

Response
DNS

88.156.103.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

88.156.103.20.in-addr.arpa

IN PTR

Response
DNS

11.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.227.111.52.in-addr.arpa

IN PTR

Response
DNS

11.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.227.111.52.in-addr.arpa

IN PTR

Response
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A

Response

tse1.mm.bing.net

IN CNAME

mm-mm.bing.net.trafficmanager.net

mm-mm.bing.net.trafficmanager.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
DNS

tse1.mm.bing.net

Remote address:

8.8.8.8:53

Request

tse1.mm.bing.net

IN A

Response

tse1.mm.bing.net

IN CNAME

mm-mm.bing.net.trafficmanager.net

mm-mm.bing.net.trafficmanager.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
GET

https://tse1.mm.bing.net/th?id=OADD2.10239370639606_1UY6VCV79VNDR5KH5&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239370639606_1UY6VCV79VNDR5KH5&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 792794
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3C3D4062DF7B471BA6CA8824F2F2F20E Ref B: LON04EDGE1207 Ref C: 2024-05-15T09:49:45Z
date: Wed, 15 May 2024 09:49:45 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239340783939_14IT4JGOWRFC6CMW9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239340783939_14IT4JGOWRFC6CMW9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 612524
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7A80614887FB47E08849D55FBE0108DC Ref B: LON04EDGE1207 Ref C: 2024-05-15T09:49:45Z
date: Wed, 15 May 2024 09:49:45 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239370639595_1MX6CE6U5QJ1LNKB2&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239370639595_1MX6CE6U5QJ1LNKB2&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 664170
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A7C749FBD4A744BD8BA809A3DA1C9394 Ref B: LON04EDGE1207 Ref C: 2024-05-15T09:49:45Z
date: Wed, 15 May 2024 09:49:45 GMT
GET

https://tse1.mm.bing.net/th?id=OADD2.10239340783938_154JBSOQL12JS43YR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

Remote address:

204.79.197.200:443

Request

GET /th?id=OADD2.10239340783938_154JBSOQL12JS43YR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
host: tse1.mm.bing.net
accept: */*
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041

Response

HTTP/2.0 200

cache-control: public, max-age=2592000
content-length: 627437
content-type: image/jpeg
x-cache: TCP_HIT
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FF06512F5E514CBF9850237728373D8E Ref B: LON04EDGE1207 Ref C: 2024-05-15T09:49:45Z
date: Wed, 15 May 2024 09:49:45 GMT

142.250.178.138:80

http://fonts.googleapis.com/css?family=Jenna+Sue:400,700

http

msedge.exe

1.1kB
2.5kB
8
8

HTTP Request

GET http://fonts.googleapis.com/css?family=Quantico:400con,700

HTTP Response

200

HTTP Request

GET http://fonts.googleapis.com/css?family=Jenna+Sue:400,700

HTTP Response

400
142.250.178.138:80

http://fonts.googleapis.com/css?family=Syncopate:400,700

http

msedge.exe

666 B
1.3kB
7
7

HTTP Request

GET http://fonts.googleapis.com/css?family=Syncopate:400,700

HTTP Response

200
142.250.178.138:80

http://fonts.googleapis.com/css?family=Jenna+Sue:400,700

http

msedge.exe

620 B
1.5kB
6
5

HTTP Request

GET http://fonts.googleapis.com/css?family=Jenna+Sue:400,700

HTTP Response

400
142.250.178.138:80

http://fonts.googleapis.com/css?family=Raleway:400,300,200,100,500,600,700,800,900

http

msedge.exe

692 B
1.7kB
7
7

HTTP Request

GET http://fonts.googleapis.com/css?family=Raleway:400,300,200,100,500,600,700,800,900

HTTP Response

200
142.250.178.138:80

http://fonts.googleapis.com/css?family=Simonetta:400,700,800,900

http

msedge.exe

674 B
1.4kB
7
7

HTTP Request

GET http://fonts.googleapis.com/css?family=Simonetta:400,700,800,900

HTTP Response

200
142.250.178.138:80

http://fonts.googleapis.com/css?family=Nunito:400,700

http

msedge.exe

663 B
1.5kB
7
7

HTTP Request

GET http://fonts.googleapis.com/css?family=Nunito:400,700

HTTP Response

200
199.232.192.193:80

http://i.imgur.com/lG1Tbhs.png

http

msedge.exe

583 B
651 B
5
5

HTTP Request

GET http://i.imgur.com/lG1Tbhs.png

HTTP Response

301
142.250.201.169:443

https://www.blogger.com/static/v1/widgets/916259663-widgets.js

tls, http2

msedge.exe

5.9kB
148.2kB
99
115

HTTP Request

GET https://www.blogger.com/static/v1/widgets/124887373-widget_css_bundle.css

HTTP Request

GET https://www.blogger.com/dyn-css/authorization.css?targetBlogID=4738640989457898900&zx=fd47caa5-3b25-4ed0-b947-c56a50c471d3

HTTP Request

GET https://www.blogger.com/static/v1/widgets/916259663-widgets.js
142.250.201.169:443

www.blogger.com

tls, http2

msedge.exe

999 B
5.8kB
9
8
142.250.201.169:443

www.blogger.com

tls, http2

msedge.exe

999 B
5.8kB
9
8
151.101.66.137:80

http://code.jquery.com/jquery-latest.js

http

msedge.exe

2.1kB
87.2kB
38
68

HTTP Request

GET http://code.jquery.com/jquery-latest.js

HTTP Response

200
142.250.201.169:443

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

tls, http2

msedge.exe

1.8kB
7.1kB
15
15

HTTP Request

GET https://resources.blogblog.com/img/icon18_wrench_allbkg.png
163.70.151.21:80

http://connect.facebook.net/pt_BR/all.js

http

msedge.exe

635 B
504 B
7
6

HTTP Request

GET http://connect.facebook.net/pt_BR/all.js

HTTP Response

301
142.250.179.97:80

http://1.bp.blogspot.com/-AShcsnUxL9o/UDZYMmMsxMI/AAAAAAAAF40/dcKGrzDAVN4/s1600/INICIO.png

http

msedge.exe

735 B
1.4kB
7
6

HTTP Request

GET http://1.bp.blogspot.com/-AShcsnUxL9o/UDZYMmMsxMI/AAAAAAAAF40/dcKGrzDAVN4/s1600/INICIO.png

HTTP Response

404
142.250.75.238:443

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs

tls, http2

msedge.exe

5.1kB
138.9kB
79
113

HTTP Request

GET https://apis.google.com/js/plusone.js

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs
162.125.64.15:80

http://dl.dropbox.com/u/44914301/codigos/PageNavi.js

http

msedge.exe

647 B
490 B
7
6

HTTP Request

GET http://dl.dropbox.com/u/44914301/codigos/PageNavi.js

HTTP Response

301
199.232.192.193:443

https://i.imgur.com/VRcWXnc.jpg

tls, http2

msedge.exe

19.4kB
992.2kB
392
735

HTTP Request

GET https://i.imgur.com/lG1Tbhs.png

HTTP Request

GET https://i.imgur.com/tY6WdWW.png

HTTP Request

GET https://i.imgur.com/z6vU9p0.png

HTTP Request

GET https://i.imgur.com/PBGhSJP.jpg

HTTP Request

GET https://i.imgur.com/0lBGWIy.png

HTTP Request

GET https://i.imgur.com/VRcWXnc.jpg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
163.70.151.21:443

connect.facebook.net

tls

msedge.exe

3.9kB
106.4kB
57
96
162.125.64.15:443

https://dl.dropbox.com/u/44914301/codigos/PageNavi.js

tls, http2

msedge.exe

1.7kB
5.9kB
15
14

HTTP Request

GET https://dl.dropbox.com/u/44914301/codigos/PageNavi.js

HTTP Response

404
172.217.20.163:80

http://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

http

msedge.exe

1.4kB
41.3kB
21
35

HTTP Request

GET http://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

HTTP Response

200
199.232.192.193:80

http://i.imgur.com/PBGhSJP.jpg

http

msedge.exe

583 B
651 B
5
5

HTTP Request

GET http://i.imgur.com/PBGhSJP.jpg

HTTP Response

301
199.232.192.193:80

http://i.imgur.com/z6vU9p0.png

http

msedge.exe

583 B
651 B
5
5

HTTP Request

GET http://i.imgur.com/z6vU9p0.png

HTTP Response

301
199.232.192.193:80

http://i.imgur.com/tY6WdWW.png

http

msedge.exe

583 B
651 B
5
5

HTTP Request

GET http://i.imgur.com/tY6WdWW.png

HTTP Response

301
199.232.192.193:80

http://i.imgur.com/0lBGWIy.png

http

msedge.exe

583 B
651 B
5
5

HTTP Request

GET http://i.imgur.com/0lBGWIy.png

HTTP Response

301
199.232.192.193:80

http://i.imgur.com/VRcWXnc.jpg

http

msedge.exe

583 B
651 B
5
5

HTTP Request

GET http://i.imgur.com/VRcWXnc.jpg

HTTP Response

301
163.70.151.21:445

connect.facebook.net

260 B
5
142.250.179.97:80

http://3.bp.blogspot.com/-NKOq4ksFM38/UDaHrOZSD2I/AAAAAAAAF6E/lS36TCJNAJI/s1600/body.png

http

msedge.exe

733 B
1.4kB
7
6

HTTP Request

GET http://3.bp.blogspot.com/-NKOq4ksFM38/UDaHrOZSD2I/AAAAAAAAF6E/lS36TCJNAJI/s1600/body.png

HTTP Response

404
172.217.20.163:80

http://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

http

msedge.exe

1.5kB
50.8kB
25
42

HTTP Request

GET http://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

HTTP Response

200
163.70.151.21:139

connect.facebook.net

260 B
5
131.253.33.237:443

https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8ARZcYVFm8IxwrA1yY2U4pDVUCUxkM7rMAPs_T6eJisZs29O7cPZB2AUOFWiif1JBqSdUH2xYIo7Nopa6i3BZ31edK4iDU9Ep7MhfcWTHNNiFiABu6XDpURB_lP-WpB8sSOuCBlti0DZIvaOacQLiuSkUgAepXZVPHg2Ic4LXbzZpGvyI%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D157e39b7d4d11de59bb05f9c7bb7d410&TIME=20240426T134332Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893&muid=465F5D2AB0629966D2D4950980DD8E0E

tls, http2

2.5kB
9.0kB
19
17

HTTP Request

GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8ARZcYVFm8IxwrA1yY2U4pDVUCUxkM7rMAPs_T6eJisZs29O7cPZB2AUOFWiif1JBqSdUH2xYIo7Nopa6i3BZ31edK4iDU9Ep7MhfcWTHNNiFiABu6XDpURB_lP-WpB8sSOuCBlti0DZIvaOacQLiuSkUgAepXZVPHg2Ic4LXbzZpGvyI%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D157e39b7d4d11de59bb05f9c7bb7d410&TIME=20240426T134332Z&CID=530628298&EID=530628298&tids=15000&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893&muid=465F5D2AB0629966D2D4950980DD8E0E

HTTP Response

204

HTTP Request

GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8ARZcYVFm8IxwrA1yY2U4pDVUCUxkM7rMAPs_T6eJisZs29O7cPZB2AUOFWiif1JBqSdUH2xYIo7Nopa6i3BZ31edK4iDU9Ep7MhfcWTHNNiFiABu6XDpURB_lP-WpB8sSOuCBlti0DZIvaOacQLiuSkUgAepXZVPHg2Ic4LXbzZpGvyI%26u%3DbXN4Ym94JTNhJTJmJTJmZ2FtZSUyZiUzZnByb2R1Y3RJZCUzZDlOMEg2MktaM0JYViUyNm9jaWQlM2RpbnBfcm1jX3hib19zdGFydF9UUHRpdGxlX2VuZ2FnZQ%26rlid%3D157e39b7d4d11de59bb05f9c7bb7d410&TIME=20240426T134332Z&CID=530628298&EID=&tids=15000&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893&muid=465F5D2AB0629966D2D4950980DD8E0E

HTTP Response

204
2.17.107.129:443

https://www.bing.com/aes/c.gif?RG=c524645740b140d79ce6096bfcdd5470&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T134332Z&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893

tls, http2

1.4kB
5.3kB
16
10

HTTP Request

GET https://www.bing.com/aes/c.gif?RG=c524645740b140d79ce6096bfcdd5470&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240426T134332Z&adUnitId=11730597&localId=w:465F5D2A-B062-9966-D2D4-950980DD8E0E&deviceId=6966564702272893

HTTP Response

200
2.17.107.129:443

https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90

tls, http2

1.6kB
6.3kB
17
11

HTTP Request

GET https://www.bing.com/th?id=OADD2.10239359720591_10PHTLBML42K6TRZO&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=24&h=24&dynsize=1&qlt=90
142.250.179.98:445

pagead2.googlesyndication.com

260 B
5
142.250.178.130:139

pagead2.googlesyndication.com

260 B
5
163.70.151.35:443

www.facebook.com

tls

msedge.exe

2.8kB
22.6kB
22
28
204.79.197.200:443

https://tse1.mm.bing.net/th?id=OADD2.10239340783938_154JBSOQL12JS43YR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

tls, http2

109.0kB
2.8MB
2048
2043

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239370639606_1UY6VCV79VNDR5KH5&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239340783939_14IT4JGOWRFC6CMW9&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239370639595_1MX6CE6U5QJ1LNKB2&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

HTTP Request

GET https://tse1.mm.bing.net/th?id=OADD2.10239340783938_154JBSOQL12JS43YR&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.1kB
16
14
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.1kB
16
14
204.79.197.200:443

tse1.mm.bing.net

tls, http2

1.2kB
8.1kB
16
14

8.8.8.8:53

connect.facebook.net

dns

msedge.exe

66 B
114 B
1
1

DNS Request

connect.facebook.net

DNS Response

163.70.151.21
8.8.8.8:53

code.jquery.com

dns

msedge.exe

61 B
125 B
1
1

DNS Request

code.jquery.com

DNS Response

151.101.66.137

151.101.194.137

151.101.2.137

151.101.130.137
8.8.8.8:53

www.blogger.com

dns

msedge.exe

61 B
108 B
1
1

DNS Request

www.blogger.com

DNS Response

142.250.201.169
8.8.8.8:53

dl.dropbox.com

dns

msedge.exe

60 B
121 B
1
1

DNS Request

dl.dropbox.com

DNS Response

162.125.64.15
8.8.8.8:53

apis.google.com

dns

msedge.exe

61 B
98 B
1
1

DNS Request

apis.google.com

DNS Response

142.250.75.238
8.8.8.8:53

1.bp.blogspot.com

dns

msedge.exe

63 B
124 B
1
1

DNS Request

1.bp.blogspot.com

DNS Response

142.250.179.97
8.8.8.8:53

i.imgur.com

dns

msedge.exe

57 B
128 B
1
1

DNS Request

i.imgur.com

DNS Response

199.232.192.193

199.232.196.193
8.8.8.8:53

resources.blogblog.com

dns

msedge.exe

68 B
115 B
1
1

DNS Request

resources.blogblog.com

DNS Response

142.250.201.169
142.250.75.238:443

apis.google.com

https

msedge.exe

6.9kB
173.1kB
60
133
8.8.8.8:53

connect.facebook.net

dns

msedge.exe

66 B
114 B
1
1

DNS Request

connect.facebook.net

DNS Response

163.70.151.21
8.8.8.8:53

3.bp.blogspot.com

dns

msedge.exe

63 B
124 B
1
1

DNS Request

3.bp.blogspot.com

DNS Response

142.250.179.97
142.250.201.169:443

resources.blogblog.com

https

msedge.exe

2.7kB
10.1kB
9
12
8.8.8.8:53

134.32.126.40.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

134.32.126.40.in-addr.arpa
8.8.8.8:53

193.192.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

193.192.232.199.in-addr.arpa
8.8.8.8:53

137.66.101.151.in-addr.arpa

dns

73 B
133 B
1
1

DNS Request

137.66.101.151.in-addr.arpa
8.8.8.8:53

21.151.70.163.in-addr.arpa

dns

72 B
116 B
1
1

DNS Request

21.151.70.163.in-addr.arpa
8.8.8.8:53

138.178.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

138.178.250.142.in-addr.arpa
8.8.8.8:53

169.201.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

169.201.250.142.in-addr.arpa
8.8.8.8:53

15.64.125.162.in-addr.arpa

dns

72 B
122 B
1
1

DNS Request

15.64.125.162.in-addr.arpa
8.8.8.8:53

97.179.250.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

97.179.250.142.in-addr.arpa
8.8.8.8:53

238.75.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

238.75.250.142.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

225 B
533 B
3
3

DNS Request

95.221.229.192.in-addr.arpa

DNS Request

self.events.data.microsoft.com

DNS Request

self.events.data.microsoft.com

DNS Response

51.105.71.136

DNS Response

20.189.173.23
8.8.8.8:53

163.20.217.172.in-addr.arpa

dns

73 B
171 B
1
1

DNS Request

163.20.217.172.in-addr.arpa
8.8.8.8:53

58.55.71.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

58.55.71.13.in-addr.arpa
8.8.8.8:53

0.204.248.87.in-addr.arpa

dns

71 B
116 B
1
1

DNS Request

0.204.248.87.in-addr.arpa
8.8.8.8:53

g.bing.com

dns

56 B
173 B
1
1

DNS Request

g.bing.com

DNS Response

131.253.33.237

13.107.22.237
8.8.8.8:53

237.33.253.131.in-addr.arpa

dns

73 B
143 B
1
1

DNS Request

237.33.253.131.in-addr.arpa
8.8.8.8:53

129.107.17.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

129.107.17.2.in-addr.arpa
8.8.8.8:53

43.58.199.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

43.58.199.20.in-addr.arpa
224.0.0.251:5353

msedge.exe

453 B
7
8.8.8.8:53

13.86.106.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

13.86.106.20.in-addr.arpa
8.8.8.8:53

103.169.127.40.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

103.169.127.40.in-addr.arpa
8.8.8.8:53

56.126.166.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

56.126.166.20.in-addr.arpa
8.8.8.8:53

28.143.109.104.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

28.143.109.104.in-addr.arpa
8.8.8.8:53

www.facebook.com

dns

msedge.exe

124 B
107 B
2
1

DNS Request

www.facebook.com

DNS Request

www.facebook.com

DNS Response

163.70.151.35
8.8.8.8:53

static.xx.fbcdn.net

dns

msedge.exe

130 B
208 B
2
2

DNS Request

static.xx.fbcdn.net

DNS Request

static.xx.fbcdn.net

DNS Response

163.70.151.21

DNS Response

163.70.151.21
8.8.8.8:53

35.151.70.163.in-addr.arpa

dns

144 B
250 B
2
2

DNS Request

35.151.70.163.in-addr.arpa

DNS Request

35.151.70.163.in-addr.arpa
8.8.8.8:53

88.156.103.20.in-addr.arpa

dns

144 B
316 B
2
2

DNS Request

88.156.103.20.in-addr.arpa

DNS Request

88.156.103.20.in-addr.arpa
8.8.8.8:53

11.227.111.52.in-addr.arpa

dns

144 B
316 B
2
2

DNS Request

11.227.111.52.in-addr.arpa

DNS Request

11.227.111.52.in-addr.arpa
8.8.8.8:53

tse1.mm.bing.net

dns

124 B
346 B
2
2

DNS Request

tse1.mm.bing.net

DNS Request

tse1.mm.bing.net

DNS Response

204.79.197.200

13.107.21.200

DNS Response

204.79.197.200

13.107.21.200
8.8.8.8:53

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ae54e9db2e89f2c54da8cc0bfcbd26bd

SHA1
a88af6c673609ecbc51a1a60dfbc8577830d2b5d

SHA256
5009d3c953de63cfd14a7d911156c514e179ff07d2b94382d9caac6040cb72af

SHA512
e3b70e5eb7321b9deca6f6a17424a15b9fd5c4008bd3789bd01099fd13cb2f4a2f37fe4b920fb51c50517745b576c1f94df83efd1a7e75949551163985599998

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
f53207a5ca2ef5c7e976cbb3cb26d870

SHA1
49a8cc44f53da77bb3dfb36fc7676ed54675db43

SHA256
19ab4e3c9da6d9cedda7461efdba9a2085e743513ab89f1dd0fd5a8f9486ad23

SHA512
be734c7e8afda19f445912aef0d78f9941add29baebd4a812bff27f10a1d78b52aeb11c551468c8644443c86e1a2a6b2e4aead3d7f81d39925e3c20406ac1499

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
96B

MD5
7548b1227dbac79576efdfc10605a29f

SHA1
79ec366b8549860256702610167a51a01b0e2b9e

SHA256
1bca8c5d2dffb8331a5631d54a0e6e351964b1085504d47b4298504269723a8f

SHA512
e14a9746e193569e577d10d5276d55db1e6bb1db4c01565f1689d4d306589617817c2209964545b7875432050cd616852a046e9c408aa4aae1d4aa23367f7370

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

Filesize
1KB

MD5
19c6c0c046104afeb1eff8ef49f33a4a

SHA1
9d208b7b714701ab04539518139e1f63e79c8329

SHA256
0957c1de33e910d90a2b1eac036c6ab086a28130c6f0a6e799e13cc5ec1a7f96

SHA512
deb40bd08c628b0c2ac555360382266e0eebbe78155de56a2848c69254ced9ebe3afa9c484d6be42a3ced590736a8ad78bed7effe5b470e0a10575e75e44dd01

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
5KB

MD5
92f4665d9b25b0a6745591e55221f197

SHA1
8b8e76d216124ab203c6c3fd55efe97952d96a46

SHA256
5cbec17d833e84ec11dd9a7432adbb22fbf0320e7090f11cd0da50b5e32c319d

SHA512
0ddbdda14a184ea08498c57838730f0f82e98b1e35902d8a85b3f369672845b3b3eaeb6ffd76841f774c50c8d45ed87ec491d6ed1f95d3bf77833e220a3acef6

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
b31f679dffda88a12bf955a51accaf1c

SHA1
48ed768f2f4c385f61cb47c75f61fe40fab55f1f

SHA256
08f05ed5891929e7c205517bf55a3a3e7358070cb496d7aa52b2fb01b1788630

SHA512
baee6e4eef4825f714375f1f5f9743561f283776eb7432384a0f5ad0a2434c9bba2e9225c17332bdbfd4147813866f3caf191cded1e32826c9dc57d9873868b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

Filesize
706B

MD5
5da18954f1b104c7f522d3b979fb7aa4

SHA1
99bd6fec0c4a863c76c65d77aa5b601c983109f0

SHA256
ff1ae61eab626a167a4bf9bd9e92a0d9807ff6c90741abaa26f063ddf7e8584c

SHA512
741f5768b583eadfcbc497007e54349085d8ec57958e0afbf53c4159ef652a2d49f05cb0e8d3cc3db153ff5a7dfaabacd25952808d58810ae5469e22fa51d1b9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe580ccc.TMP

Filesize
538B

MD5
0cb24c9185e4b035f56132a136220708

SHA1
52047c60a1c8a16ef2d6271411e3235635911e7b

SHA256
81c89fd6823ffb4c21eddff341c05793b3ab633da1cfd589b708ef6d08b1f65e

SHA512
1d4a2086552432740607b42e9ccaa03cba57bcd9267b9ca8aa7b24b31e06de988c493e741484c5bc5d9f78ae9fab257e9502fcbfef492de02129a630fa055f9e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

Filesize
16B

MD5
6752a1d65b201c13b62ea44016eb221f

SHA1
58ecf154d01a62233ed7fb494ace3c3d4ffce08b

SHA256
0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

SHA512
9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
11KB

MD5
ef8ed8e66e834c19585a629a4cc9a96f

SHA1
cd5327e0bcf480a1dad32033f65dc9b96d6426cf

SHA256
75ab00548926c30469b2e010928d56a215f48a5443ea637dcb37ed60ecec79c8

SHA512
bc09efd017dc66fadeaa120c59a3fab164082fa8f8173862429f85ac673f3240916116358323f9c8333e26b50938a0253867f2216d95b1df23e6ffc42a61a6b4

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response