Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/05/2024, 14:49 UTC

General

  • Target

    811d204b0634bda2fa2c72055f021354_JaffaCakes118.html

  • Size

    55KB

  • MD5

    811d204b0634bda2fa2c72055f021354

  • SHA1

    bb6942eca34a9193d2b752738e9047f90985cf98

  • SHA256

    12bf9a365c812341ba7f781330eebb1485cc58f121e4bf384db8e1842110da30

  • SHA512

    9f488b2f3be9863914619dad87826eb839dca70054412557e4f49f0c4f812ff07b382a009bb246e94448ce6c9a671d76452b18ad868c280a6939314c491cf824

  • SSDEEP

    1536:SBdH4v3ts+GDirVqGifurs5T9Psnt0aVvlNrCJj/Jikiy+jTlTHfNZ72vJ:SCa+BrliqkJikiy+jTlTHfNZ7KJ

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\811d204b0634bda2fa2c72055f021354_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2268
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffee5d646f8,0x7ffee5d64708,0x7ffee5d64718
      2⤵
        PID:3612
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,13553814751361520079,2820015966599863328,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2044 /prefetch:2
        2⤵
          PID:3540
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2032,13553814751361520079,2820015966599863328,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2360 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:4268
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2032,13553814751361520079,2820015966599863328,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:8
          2⤵
            PID:3640
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,13553814751361520079,2820015966599863328,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1
            2⤵
              PID:2744
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,13553814751361520079,2820015966599863328,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3244 /prefetch:1
              2⤵
                PID:508
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,13553814751361520079,2820015966599863328,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4240 /prefetch:1
                2⤵
                  PID:2800
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,13553814751361520079,2820015966599863328,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5124 /prefetch:1
                  2⤵
                    PID:4180
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,13553814751361520079,2820015966599863328,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5344 /prefetch:1
                    2⤵
                      PID:2236
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2032,13553814751361520079,2820015966599863328,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5136 /prefetch:8
                      2⤵
                        PID:4352
                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2032,13553814751361520079,2820015966599863328,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5136 /prefetch:8
                        2⤵
                        • Suspicious behavior: EnumeratesProcesses
                        PID:3420
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,13553814751361520079,2820015966599863328,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4852 /prefetch:1
                        2⤵
                          PID:4248
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,13553814751361520079,2820015966599863328,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4184 /prefetch:1
                          2⤵
                            PID:528
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,13553814751361520079,2820015966599863328,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5688 /prefetch:1
                            2⤵
                              PID:2156
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,13553814751361520079,2820015966599863328,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2656 /prefetch:1
                              2⤵
                                PID:4924
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,13553814751361520079,2820015966599863328,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5972 /prefetch:2
                                2⤵
                                • Suspicious behavior: EnumeratesProcesses
                                PID:2768
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,13553814751361520079,2820015966599863328,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1
                                2⤵
                                  PID:4444
                              • C:\Windows\System32\CompPkgSrv.exe
                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                1⤵
                                  PID:2396
                                • C:\Windows\System32\CompPkgSrv.exe
                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                  1⤵
                                    PID:1128

                                  Network

                                  • flag-us
                                    DNS
                                    www.provkusnyashki.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    www.provkusnyashki.com
                                    IN A
                                    Response
                                    www.provkusnyashki.com
                                    IN A
                                    91.200.40.64
                                  • flag-us
                                    DNS
                                    s.w.org
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    s.w.org
                                    IN A
                                    Response
                                    s.w.org
                                    IN A
                                    192.0.77.48
                                  • flag-us
                                    DNS
                                    s0.wp.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    s0.wp.com
                                    IN A
                                    Response
                                    s0.wp.com
                                    IN A
                                    192.0.77.32
                                  • flag-ua
                                    GET
                                    http://www.provkusnyashki.com/wp-content/plugins/xmasb-quotes/xmasbquotes.css?ver=4.9.8
                                    msedge.exe
                                    Remote address:
                                    91.200.40.64:80
                                    Request
                                    GET /wp-content/plugins/xmasb-quotes/xmasbquotes.css?ver=4.9.8 HTTP/1.1
                                    Host: www.provkusnyashki.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: text/css,*/*;q=0.1
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Date: Wed, 29 May 2024 14:49:14 GMT
                                    Server: Apache/2.4.38 (Debian)
                                    Upgrade: h2,h2c
                                    Connection: Upgrade, Keep-Alive
                                    Last-Modified: Thu, 09 Nov 2023 07:08:28 GMT
                                    ETag: "265-609b2dee70b39-gzip"
                                    Accept-Ranges: bytes
                                    Vary: Accept-Encoding
                                    Content-Encoding: gzip
                                    Content-Length: 213
                                    Keep-Alive: timeout=15, max=100
                                    Content-Type: text/css
                                  • flag-ua
                                    GET
                                    http://www.provkusnyashki.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
                                    msedge.exe
                                    Remote address:
                                    91.200.40.64:80
                                    Request
                                    GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
                                    Host: www.provkusnyashki.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: */*
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Date: Wed, 29 May 2024 14:49:14 GMT
                                    Server: Apache/2.4.38 (Debian)
                                    Last-Modified: Thu, 09 Nov 2023 06:08:40 GMT
                                    ETag: "3509-609b2090853bd-gzip"
                                    Accept-Ranges: bytes
                                    Vary: Accept-Encoding
                                    Content-Encoding: gzip
                                    Content-Length: 4872
                                    Keep-Alive: timeout=15, max=99
                                    Connection: Keep-Alive
                                    Content-Type: application/javascript
                                  • flag-ua
                                    GET
                                    http://www.provkusnyashki.com/images/yt.jpg
                                    msedge.exe
                                    Remote address:
                                    91.200.40.64:80
                                    Request
                                    GET /images/yt.jpg HTTP/1.1
                                    Host: www.provkusnyashki.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 404 Not Found
                                    Date: Wed, 29 May 2024 14:49:14 GMT
                                    Server: Apache/2.4.38 (Debian)
                                    Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                    Cache-Control: no-cache, must-revalidate, max-age=0
                                    Link: <https://www.provkusnyashki.com/wp-json/>; rel="https://api.w.org/"
                                    Keep-Alive: timeout=15, max=98
                                    Connection: Keep-Alive
                                    Transfer-Encoding: chunked
                                    Content-Type: text/html; charset=UTF-8
                                  • flag-ua
                                    GET
                                    http://www.provkusnyashki.com/wp-content/themes/peppers/style.css
                                    msedge.exe
                                    Remote address:
                                    91.200.40.64:80
                                    Request
                                    GET /wp-content/themes/peppers/style.css HTTP/1.1
                                    Host: www.provkusnyashki.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: text/css,*/*;q=0.1
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 404 Not Found
                                    Date: Wed, 29 May 2024 14:49:14 GMT
                                    Server: Apache/2.4.38 (Debian)
                                    Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                    Cache-Control: no-cache, must-revalidate, max-age=0
                                    Link: <https://www.provkusnyashki.com/wp-json/>; rel="https://api.w.org/"
                                    Upgrade: h2,h2c
                                    Connection: Upgrade, Keep-Alive
                                    Keep-Alive: timeout=15, max=100
                                    Transfer-Encoding: chunked
                                    Content-Type: text/html; charset=UTF-8
                                  • flag-ua
                                    GET
                                    http://www.provkusnyashki.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=1
                                    msedge.exe
                                    Remote address:
                                    91.200.40.64:80
                                    Request
                                    GET /wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=1 HTTP/1.1
                                    Host: www.provkusnyashki.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: text/css,*/*;q=0.1
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Date: Wed, 29 May 2024 14:49:14 GMT
                                    Server: Apache/2.4.38 (Debian)
                                    Upgrade: h2,h2c
                                    Connection: Upgrade, Keep-Alive
                                    Last-Modified: Sun, 28 Jan 2024 15:20:33 GMT
                                    Accept-Ranges: none
                                    Vary: Accept-Encoding
                                    Content-Encoding: gzip
                                    Content-Length: 8347
                                    Keep-Alive: timeout=15, max=100
                                    Content-Type: text/css
                                  • flag-ua
                                    GET
                                    http://www.provkusnyashki.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
                                    msedge.exe
                                    Remote address:
                                    91.200.40.64:80
                                    Request
                                    GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
                                    Host: www.provkusnyashki.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: */*
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Date: Wed, 29 May 2024 14:49:14 GMT
                                    Server: Apache/2.4.38 (Debian)
                                    Last-Modified: Thu, 09 Nov 2023 06:08:41 GMT
                                    Accept-Ranges: none
                                    Vary: Accept-Encoding
                                    Content-Encoding: gzip
                                    Keep-Alive: timeout=15, max=99
                                    Connection: Keep-Alive
                                    Transfer-Encoding: chunked
                                    Content-Type: application/javascript
                                  • flag-ua
                                    GET
                                    http://www.provkusnyashki.com/images/in.jpg
                                    msedge.exe
                                    Remote address:
                                    91.200.40.64:80
                                    Request
                                    GET /images/in.jpg HTTP/1.1
                                    Host: www.provkusnyashki.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 404 Not Found
                                    Date: Wed, 29 May 2024 14:49:14 GMT
                                    Server: Apache/2.4.38 (Debian)
                                    Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                    Cache-Control: no-cache, must-revalidate, max-age=0
                                    Link: <https://www.provkusnyashki.com/wp-json/>; rel="https://api.w.org/"
                                    Keep-Alive: timeout=15, max=98
                                    Connection: Keep-Alive
                                    Transfer-Encoding: chunked
                                    Content-Type: text/html; charset=UTF-8
                                  • flag-ua
                                    GET
                                    http://www.provkusnyashki.com/wp-content/plugins/jetpack/css/jetpack.css?ver=5.9
                                    msedge.exe
                                    Remote address:
                                    91.200.40.64:80
                                    Request
                                    GET /wp-content/plugins/jetpack/css/jetpack.css?ver=5.9 HTTP/1.1
                                    Host: www.provkusnyashki.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: text/css,*/*;q=0.1
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Date: Wed, 29 May 2024 14:49:14 GMT
                                    Server: Apache/2.4.38 (Debian)
                                    Upgrade: h2,h2c
                                    Connection: Upgrade, Keep-Alive
                                    Last-Modified: Sun, 28 Jan 2024 15:20:33 GMT
                                    ETag: "18cfd-610031204720f-gzip"
                                    Accept-Ranges: bytes
                                    Vary: Accept-Encoding
                                    Content-Encoding: gzip
                                    Content-Length: 18539
                                    Keep-Alive: timeout=15, max=100
                                    Content-Type: text/css
                                  • flag-ua
                                    GET
                                    http://www.provkusnyashki.com/wp-includes/js/wp-embed.min.js?ver=4.9.8
                                    msedge.exe
                                    Remote address:
                                    91.200.40.64:80
                                    Request
                                    GET /wp-includes/js/wp-embed.min.js?ver=4.9.8 HTTP/1.1
                                    Host: www.provkusnyashki.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: */*
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Date: Wed, 29 May 2024 14:49:14 GMT
                                    Server: Apache/2.4.38 (Debian)
                                    Last-Modified: Thu, 09 Nov 2023 06:08:11 GMT
                                    ETag: "4e3-609b207528566-gzip"
                                    Accept-Ranges: bytes
                                    Vary: Accept-Encoding
                                    Content-Encoding: gzip
                                    Content-Length: 694
                                    Keep-Alive: timeout=15, max=99
                                    Connection: Keep-Alive
                                    Content-Type: application/javascript
                                  • flag-ua
                                    GET
                                    http://www.provkusnyashki.com/images/vk.jpg
                                    msedge.exe
                                    Remote address:
                                    91.200.40.64:80
                                    Request
                                    GET /images/vk.jpg HTTP/1.1
                                    Host: www.provkusnyashki.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 404 Not Found
                                    Date: Wed, 29 May 2024 14:49:14 GMT
                                    Server: Apache/2.4.38 (Debian)
                                    Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                    Cache-Control: no-cache, must-revalidate, max-age=0
                                    Link: <https://www.provkusnyashki.com/wp-json/>; rel="https://api.w.org/"
                                    Keep-Alive: timeout=15, max=98
                                    Connection: Keep-Alive
                                    Transfer-Encoding: chunked
                                    Content-Type: text/html; charset=UTF-8
                                  • flag-ua
                                    GET
                                    http://www.provkusnyashki.com/wp-content/plugins/jetpack/_inc/build/sharedaddy/sharing.min.js?ver=5.9
                                    msedge.exe
                                    Remote address:
                                    91.200.40.64:80
                                    Request
                                    GET /wp-content/plugins/jetpack/_inc/build/sharedaddy/sharing.min.js?ver=5.9 HTTP/1.1
                                    Host: www.provkusnyashki.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: */*
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Date: Wed, 29 May 2024 14:49:14 GMT
                                    Server: Apache/2.4.38 (Debian)
                                    Upgrade: h2,h2c
                                    Connection: Upgrade, Keep-Alive
                                    Last-Modified: Sun, 28 Jan 2024 15:20:33 GMT
                                    ETag: "2259-61003120675b0-gzip"
                                    Accept-Ranges: bytes
                                    Vary: Accept-Encoding
                                    Content-Encoding: gzip
                                    Content-Length: 2939
                                    Keep-Alive: timeout=15, max=100
                                    Content-Type: application/javascript
                                  • flag-ua
                                    GET
                                    http://www.provkusnyashki.com/images/fb.jpg
                                    msedge.exe
                                    Remote address:
                                    91.200.40.64:80
                                    Request
                                    GET /images/fb.jpg HTTP/1.1
                                    Host: www.provkusnyashki.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 404 Not Found
                                    Date: Wed, 29 May 2024 14:49:14 GMT
                                    Server: Apache/2.4.38 (Debian)
                                    Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                    Cache-Control: no-cache, must-revalidate, max-age=0
                                    Link: <https://www.provkusnyashki.com/wp-json/>; rel="https://api.w.org/"
                                    Keep-Alive: timeout=15, max=99
                                    Connection: Keep-Alive
                                    Transfer-Encoding: chunked
                                    Content-Type: text/html; charset=UTF-8
                                  • flag-us
                                    DNS
                                    196.249.167.52.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    196.249.167.52.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    22.177.190.20.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    22.177.190.20.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    249.197.17.2.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    249.197.17.2.in-addr.arpa
                                    IN PTR
                                    Response
                                    249.197.17.2.in-addr.arpa
                                    IN PTR
                                    a2-17-197-249deploystaticakamaitechnologiescom
                                  • flag-us
                                    DNS
                                    95.221.229.192.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    95.221.229.192.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    apis.google.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    apis.google.com
                                    IN A
                                    Response
                                    apis.google.com
                                    IN CNAME
                                    plus.l.google.com
                                    plus.l.google.com
                                    IN A
                                    142.250.200.14
                                  • flag-us
                                    GET
                                    https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201837
                                    msedge.exe
                                    Remote address:
                                    192.0.77.32:443
                                    Request
                                    GET /wp-content/js/devicepx-jetpack.js?ver=201837 HTTP/2.0
                                    host: s0.wp.com
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    dnt: 1
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    accept: */*
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    accept-encoding: gzip, deflate, br
                                    accept-language: en-US,en;q=0.9
                                    Response
                                    HTTP/2.0 200
                                    server: nginx
                                    date: Wed, 29 May 2024 14:49:15 GMT
                                    content-type: application/javascript
                                    vary: Accept-Encoding
                                    x-minify: t
                                    x-minify-cache: hit
                                    etag: W/21174-1684461116036.7104
                                    content-encoding: br
                                    expires: Sat, 09 Nov 2024 17:07:34 GMT
                                    cache-control: max-age=31536000
                                    x-ac: 4.lhr _dca MISS
                                    access-control-allow-methods: GET, HEAD
                                    access-control-allow-origin: *
                                    timing-allow-origin: *
                                    alt-svc: h3=":443"; ma=86400
                                    x-nc: HIT lhr 2
                                  • flag-gb
                                    GET
                                    https://apis.google.com/js/platform.js
                                    msedge.exe
                                    Remote address:
                                    142.250.200.14:443
                                    Request
                                    GET /js/platform.js HTTP/2.0
                                    host: apis.google.com
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    dnt: 1
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    accept: */*
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    accept-encoding: gzip, deflate, br
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs
                                    msedge.exe
                                    Remote address:
                                    142.250.200.14:443
                                    Request
                                    GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs HTTP/2.0
                                    host: apis.google.com
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    dnt: 1
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    accept: */*
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    accept-encoding: gzip, deflate, br
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs
                                    msedge.exe
                                    Remote address:
                                    142.250.200.14:443
                                    Request
                                    GET /_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs HTTP/2.0
                                    host: apis.google.com
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    dnt: 1
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    accept: */*
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    accept-encoding: gzip, deflate, br
                                    accept-language: en-US,en;q=0.9
                                  • flag-ua
                                    GET
                                    http://www.provkusnyashki.com/wp-content/uploads/0162.jpg
                                    msedge.exe
                                    Remote address:
                                    91.200.40.64:80
                                    Request
                                    GET /wp-content/uploads/0162.jpg HTTP/1.1
                                    Host: www.provkusnyashki.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Date: Wed, 29 May 2024 14:49:14 GMT
                                    Server: Apache/2.4.38 (Debian)
                                    Upgrade: h2,h2c
                                    Connection: Upgrade, Keep-Alive
                                    Last-Modified: Thu, 09 Nov 2023 06:18:02 GMT
                                    ETag: "7c59-609b22a8bdf52"
                                    Accept-Ranges: bytes
                                    Content-Length: 31833
                                    Keep-Alive: timeout=15, max=100
                                    Content-Type: image/jpeg
                                  • flag-ua
                                    GET
                                    http://www.provkusnyashki.com/images/gp.jpg
                                    msedge.exe
                                    Remote address:
                                    91.200.40.64:80
                                    Request
                                    GET /images/gp.jpg HTTP/1.1
                                    Host: www.provkusnyashki.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 404 Not Found
                                    Date: Wed, 29 May 2024 14:49:14 GMT
                                    Server: Apache/2.4.38 (Debian)
                                    Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                    Cache-Control: no-cache, must-revalidate, max-age=0
                                    Link: <https://www.provkusnyashki.com/wp-json/>; rel="https://api.w.org/"
                                    Keep-Alive: timeout=15, max=99
                                    Connection: Keep-Alive
                                    Transfer-Encoding: chunked
                                    Content-Type: text/html; charset=UTF-8
                                  • flag-ua
                                    GET
                                    http://www.provkusnyashki.com/wp-content/uploads/0161.jpg
                                    msedge.exe
                                    Remote address:
                                    91.200.40.64:80
                                    Request
                                    GET /wp-content/uploads/0161.jpg HTTP/1.1
                                    Host: www.provkusnyashki.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Date: Wed, 29 May 2024 14:49:14 GMT
                                    Server: Apache/2.4.38 (Debian)
                                    Upgrade: h2,h2c
                                    Connection: Upgrade, Keep-Alive
                                    Last-Modified: Thu, 09 Nov 2023 06:18:02 GMT
                                    ETag: "5971-609b22a89faf2"
                                    Accept-Ranges: bytes
                                    Content-Length: 22897
                                    Keep-Alive: timeout=15, max=100
                                    Content-Type: image/jpeg
                                  • flag-ua
                                    GET
                                    http://www.provkusnyashki.com/wp-content/plugins/jetpack/modules/sharedaddy/images/loading.gif
                                    msedge.exe
                                    Remote address:
                                    91.200.40.64:80
                                    Request
                                    GET /wp-content/plugins/jetpack/modules/sharedaddy/images/loading.gif HTTP/1.1
                                    Host: www.provkusnyashki.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Date: Wed, 29 May 2024 14:49:14 GMT
                                    Server: Apache/2.4.38 (Debian)
                                    Last-Modified: Sun, 28 Jan 2024 15:20:33 GMT
                                    ETag: "9e2-6100312083ad0"
                                    Accept-Ranges: bytes
                                    Content-Length: 2530
                                    Keep-Alive: timeout=15, max=99
                                    Connection: Keep-Alive
                                    Content-Type: image/gif
                                  • flag-us
                                    DNS
                                    stats.wp.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    stats.wp.com
                                    IN A
                                    Response
                                    stats.wp.com
                                    IN A
                                    192.0.76.3
                                  • flag-us
                                    GET
                                    https://stats.wp.com/e-201837.js
                                    msedge.exe
                                    Remote address:
                                    192.0.76.3:443
                                    Request
                                    GET /e-201837.js HTTP/2.0
                                    host: stats.wp.com
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    dnt: 1
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    accept: */*
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    accept-encoding: gzip, deflate, br
                                    accept-language: en-US,en;q=0.9
                                    Response
                                    HTTP/2.0 200
                                    server: nginx
                                    date: Wed, 29 May 2024 14:49:15 GMT
                                    content-type: application/javascript
                                    vary: Accept-Encoding
                                    x-minify: t
                                    x-minify-cache: hit
                                    etag: W/13576-1684464982353.1523
                                    content-encoding: br
                                    expires: Sat, 09 Nov 2024 17:07:35 GMT
                                    cache-control: max-age=31536000
                                    access-control-allow-methods: GET, HEAD
                                    access-control-allow-origin: *
                                    x-nc: HIT lhr
                                    alt-svc: h3=":443"; ma=86400
                                  • flag-gb
                                    GET
                                    http://www.google-analytics.com/ga.js
                                    msedge.exe
                                    Remote address:
                                    216.58.213.14:80
                                    Request
                                    GET /ga.js HTTP/1.1
                                    Host: www.google-analytics.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: */*
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
                                    X-Content-Type-Options: nosniff
                                    Content-Encoding: gzip
                                    Cross-Origin-Resource-Policy: cross-origin
                                    Server: Golfe2
                                    Content-Length: 17168
                                    Date: Wed, 29 May 2024 13:25:01 GMT
                                    Expires: Wed, 29 May 2024 15:25:01 GMT
                                    Cache-Control: public, max-age=7200
                                    Age: 5054
                                    Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
                                    Content-Type: text/javascript
                                    Vary: Accept-Encoding
                                  • flag-ua
                                    GET
                                    http://www.provkusnyashki.com/wp-content/plugins/akismet/_inc/form.js?ver=4.0.8
                                    msedge.exe
                                    Remote address:
                                    91.200.40.64:80
                                    Request
                                    GET /wp-content/plugins/akismet/_inc/form.js?ver=4.0.8 HTTP/1.1
                                    Host: www.provkusnyashki.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: */*
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 404 Not Found
                                    Date: Wed, 29 May 2024 14:49:15 GMT
                                    Server: Apache/2.4.38 (Debian)
                                    Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                    Cache-Control: no-cache, must-revalidate, max-age=0
                                    Link: <https://www.provkusnyashki.com/wp-json/>; rel="https://api.w.org/"
                                    Upgrade: h2,h2c
                                    Connection: Upgrade, Keep-Alive
                                    Keep-Alive: timeout=15, max=100
                                    Transfer-Encoding: chunked
                                    Content-Type: text/html; charset=UTF-8
                                  • flag-ua
                                    GET
                                    http://www.provkusnyashki.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
                                    msedge.exe
                                    Remote address:
                                    91.200.40.64:80
                                    Request
                                    GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.8 HTTP/1.1
                                    Host: www.provkusnyashki.com
                                    Connection: keep-alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    DNT: 1
                                    Accept: */*
                                    Accept-Encoding: gzip, deflate
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 200 OK
                                    Date: Wed, 29 May 2024 14:49:15 GMT
                                    Server: Apache/2.4.38 (Debian)
                                    Upgrade: h2,h2c
                                    Connection: Upgrade, Keep-Alive
                                    Last-Modified: Thu, 09 Nov 2023 06:08:12 GMT
                                    ETag: "4904-609b207558306-gzip"
                                    Accept-Ranges: bytes
                                    Vary: Accept-Encoding
                                    Content-Encoding: gzip
                                    Content-Length: 5039
                                    Keep-Alive: timeout=15, max=100
                                    Content-Type: application/javascript
                                  • flag-us
                                    DNS
                                    www.youtube.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    www.youtube.com
                                    IN A
                                    Response
                                    www.youtube.com
                                    IN CNAME
                                    youtube-ui.l.google.com
                                    youtube-ui.l.google.com
                                    IN A
                                    142.250.200.46
                                    youtube-ui.l.google.com
                                    IN A
                                    216.58.201.110
                                    youtube-ui.l.google.com
                                    IN A
                                    216.58.204.78
                                    youtube-ui.l.google.com
                                    IN A
                                    216.58.212.206
                                    youtube-ui.l.google.com
                                    IN A
                                    216.58.212.238
                                    youtube-ui.l.google.com
                                    IN A
                                    172.217.169.46
                                    youtube-ui.l.google.com
                                    IN A
                                    142.250.179.238
                                    youtube-ui.l.google.com
                                    IN A
                                    142.250.180.14
                                    youtube-ui.l.google.com
                                    IN A
                                    142.250.187.206
                                    youtube-ui.l.google.com
                                    IN A
                                    142.250.187.238
                                    youtube-ui.l.google.com
                                    IN A
                                    142.250.178.14
                                    youtube-ui.l.google.com
                                    IN A
                                    172.217.16.238
                                    youtube-ui.l.google.com
                                    IN A
                                    142.250.200.14
                                  • flag-gb
                                    GET
                                    https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCK0fWFvSOVGoKtOZLafIynA&layout=full&count=default&origin=file%3A%2F%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__
                                    msedge.exe
                                    Remote address:
                                    142.250.200.46:443
                                    Request
                                    GET /subscribe_embed?usegapi=1&channelid=UCK0fWFvSOVGoKtOZLafIynA&layout=full&count=default&origin=file%3A%2F%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/2.0
                                    host: www.youtube.com
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    sec-ch-ua-mobile: ?0
                                    upgrade-insecure-requests: 1
                                    dnt: 1
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: navigate
                                    sec-fetch-dest: iframe
                                    accept-encoding: gzip, deflate, br
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    accounts.google.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    accounts.google.com
                                    IN A
                                    Response
                                    accounts.google.com
                                    IN A
                                    142.250.27.84
                                  • flag-us
                                    DNS
                                    64.40.200.91.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    64.40.200.91.in-addr.arpa
                                    IN PTR
                                    Response
                                    64.40.200.91.in-addr.arpa
                                    IN PTR
                                    h64hvostingua
                                  • flag-us
                                    DNS
                                    32.77.0.192.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    32.77.0.192.in-addr.arpa
                                    IN PTR
                                    Response
                                    32.77.0.192.in-addr.arpa
                                    IN PTR
                                    wordpresscom
                                  • flag-us
                                    DNS
                                    14.200.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    14.200.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    14.200.250.142.in-addr.arpa
                                    IN PTR
                                    lhr48s29-in-f141e100net
                                  • flag-us
                                    DNS
                                    3.76.0.192.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    3.76.0.192.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    14.213.58.216.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    14.213.58.216.in-addr.arpa
                                    IN PTR
                                    Response
                                    14.213.58.216.in-addr.arpa
                                    IN PTR
                                    ber01s14-in-f141e100net
                                    14.213.58.216.in-addr.arpa
                                    IN PTR
                                    lhr25s25-in-f14�H
                                  • flag-us
                                    DNS
                                    46.200.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    46.200.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    46.200.250.142.in-addr.arpa
                                    IN PTR
                                    lhr48s30-in-f141e100net
                                  • flag-nl
                                    GET
                                    https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__
                                    msedge.exe
                                    Remote address:
                                    142.250.27.84:443
                                    Request
                                    GET /o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__ HTTP/2.0
                                    host: accounts.google.com
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    sec-ch-ua-mobile: ?0
                                    upgrade-insecure-requests: 1
                                    dnt: 1
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: navigate
                                    sec-fetch-dest: iframe
                                    accept-encoding: gzip, deflate, br
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    yt3.ggpht.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    yt3.ggpht.com
                                    IN A
                                    Response
                                    yt3.ggpht.com
                                    IN CNAME
                                    photos-ugc.l.googleusercontent.com
                                    photos-ugc.l.googleusercontent.com
                                    IN A
                                    142.250.180.1
                                  • flag-gb
                                    GET
                                    https://yt3.ggpht.com/ytc/AIdro_l-D9joSoYANZDzudaFiHSm7AFsCbG0MhVLqWO7vqXepA=s48-c-k-c0x00ffffff-no-rj
                                    msedge.exe
                                    Remote address:
                                    142.250.180.1:443
                                    Request
                                    GET /ytc/AIdro_l-D9joSoYANZDzudaFiHSm7AFsCbG0MhVLqWO7vqXepA=s48-c-k-c0x00ffffff-no-rj HTTP/2.0
                                    host: yt3.ggpht.com
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    dnt: 1
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: image
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    ssl.gstatic.com
                                    msedge.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    ssl.gstatic.com
                                    IN A
                                    Response
                                    ssl.gstatic.com
                                    IN A
                                    172.217.169.3
                                  • flag-gb
                                    GET
                                    https://ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js
                                    msedge.exe
                                    Remote address:
                                    172.217.169.3:443
                                    Request
                                    GET /accounts/o/3604799710-postmessagerelay.js HTTP/2.0
                                    host: ssl.gstatic.com
                                    sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                    dnt: 1
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                    accept: */*
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    referer: https://accounts.google.com/
                                    accept-encoding: gzip, deflate, br
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    84.27.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    84.27.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    84.27.250.142.in-addr.arpa
                                    IN PTR
                                    ra-in-f841e100net
                                  • flag-us
                                    DNS
                                    1.180.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    1.180.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    1.180.250.142.in-addr.arpa
                                    IN PTR
                                    lhr25s32-in-f11e100net
                                  • flag-us
                                    DNS
                                    3.169.217.172.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    3.169.217.172.in-addr.arpa
                                    IN PTR
                                    Response
                                    3.169.217.172.in-addr.arpa
                                    IN PTR
                                    lhr25s26-in-f31e100net
                                  • flag-us
                                    DNS
                                    97.17.167.52.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    97.17.167.52.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    api.pinterest.com
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    api.pinterest.com
                                    IN A
                                    Response
                                    api.pinterest.com
                                    IN CNAME
                                    api-pinterest-com.gslb.pinterest.com
                                    api-pinterest-com.gslb.pinterest.com
                                    IN CNAME
                                    2-01-37d2-0018.cdx.cedexis.net
                                    2-01-37d2-0018.cdx.cedexis.net
                                    IN CNAME
                                    prod.pinterest.global.map.fastly.net
                                    prod.pinterest.global.map.fastly.net
                                    IN A
                                    151.101.0.84
                                    prod.pinterest.global.map.fastly.net
                                    IN A
                                    151.101.64.84
                                    prod.pinterest.global.map.fastly.net
                                    IN A
                                    151.101.128.84
                                    prod.pinterest.global.map.fastly.net
                                    IN A
                                    151.101.192.84
                                  • flag-us
                                    DNS
                                    api.pinterest.com
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    api.pinterest.com
                                    IN A
                                    Response
                                    api.pinterest.com
                                    IN CNAME
                                    api-pinterest-com.gslb.pinterest.com
                                    api-pinterest-com.gslb.pinterest.com
                                    IN CNAME
                                    2-01-37d2-0018.cdx.cedexis.net
                                    2-01-37d2-0018.cdx.cedexis.net
                                    IN CNAME
                                    prod.pinterest.global.map.fastly.net
                                    prod.pinterest.global.map.fastly.net
                                    IN A
                                    151.101.0.84
                                    prod.pinterest.global.map.fastly.net
                                    IN A
                                    151.101.64.84
                                    prod.pinterest.global.map.fastly.net
                                    IN A
                                    151.101.128.84
                                    prod.pinterest.global.map.fastly.net
                                    IN A
                                    151.101.192.84
                                  • flag-us
                                    DNS
                                    183.59.114.20.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    183.59.114.20.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    15.164.165.52.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    15.164.165.52.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    pixel.wp.com
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    pixel.wp.com
                                    IN A
                                    Response
                                    pixel.wp.com
                                    IN A
                                    192.0.76.3
                                  • flag-us
                                    DNS
                                    pixel.wp.com
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    pixel.wp.com
                                    IN A
                                    Response
                                    pixel.wp.com
                                    IN A
                                    192.0.76.3
                                  • flag-us
                                    DNS
                                    172.210.232.199.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    172.210.232.199.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    43.229.111.52.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    43.229.111.52.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    92.16.208.104.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    92.16.208.104.in-addr.arpa
                                    IN PTR
                                    Response
                                  • 216.58.212.194:445
                                    pagead2.googlesyndication.com
                                    260 B
                                    5
                                  • 91.200.40.64:80
                                    http://www.provkusnyashki.com/images/yt.jpg
                                    http
                                    msedge.exe
                                    2.7kB
                                    48.0kB
                                    35
                                    38

                                    HTTP Request

                                    GET http://www.provkusnyashki.com/wp-content/plugins/xmasb-quotes/xmasbquotes.css?ver=4.9.8

                                    HTTP Response

                                    200

                                    HTTP Request

                                    GET http://www.provkusnyashki.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

                                    HTTP Response

                                    200

                                    HTTP Request

                                    GET http://www.provkusnyashki.com/images/yt.jpg

                                    HTTP Response

                                    404
                                  • 91.200.40.64:80
                                    http://www.provkusnyashki.com/wp-content/themes/peppers/style.css
                                    http
                                    msedge.exe
                                    1.7kB
                                    42.0kB
                                    30
                                    32

                                    HTTP Request

                                    GET http://www.provkusnyashki.com/wp-content/themes/peppers/style.css

                                    HTTP Response

                                    404
                                  • 91.200.40.64:80
                                    http://www.provkusnyashki.com/images/in.jpg
                                    http
                                    msedge.exe
                                    4.3kB
                                    147.4kB
                                    69
                                    111

                                    HTTP Request

                                    GET http://www.provkusnyashki.com/wp-content/plugins/jetpack/_inc/social-logos/social-logos.min.css?ver=1

                                    HTTP Response

                                    200

                                    HTTP Request

                                    GET http://www.provkusnyashki.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

                                    HTTP Response

                                    200

                                    HTTP Request

                                    GET http://www.provkusnyashki.com/images/in.jpg

                                    HTTP Response

                                    404
                                  • 91.200.40.64:80
                                    http://www.provkusnyashki.com/images/vk.jpg
                                    http
                                    msedge.exe
                                    3.1kB
                                    71.0kB
                                    44
                                    54

                                    HTTP Request

                                    GET http://www.provkusnyashki.com/wp-content/plugins/jetpack/css/jetpack.css?ver=5.9

                                    HTTP Response

                                    200

                                    HTTP Request

                                    GET http://www.provkusnyashki.com/wp-includes/js/wp-embed.min.js?ver=4.9.8

                                    HTTP Response

                                    200

                                    HTTP Request

                                    GET http://www.provkusnyashki.com/images/vk.jpg

                                    HTTP Response

                                    404
                                  • 91.200.40.64:80
                                    http://www.provkusnyashki.com/images/fb.jpg
                                    http
                                    msedge.exe
                                    2.2kB
                                    45.5kB
                                    32
                                    36

                                    HTTP Request

                                    GET http://www.provkusnyashki.com/wp-content/plugins/jetpack/_inc/build/sharedaddy/sharing.min.js?ver=5.9

                                    HTTP Response

                                    200

                                    HTTP Request

                                    GET http://www.provkusnyashki.com/images/fb.jpg

                                    HTTP Response

                                    404
                                  • 192.0.77.32:443
                                    https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201837
                                    tls, http2
                                    msedge.exe
                                    1.8kB
                                    8.5kB
                                    17
                                    20

                                    HTTP Request

                                    GET https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201837

                                    HTTP Response

                                    200
                                  • 142.250.200.14:443
                                    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs
                                    tls, http2
                                    msedge.exe
                                    5.1kB
                                    125.1kB
                                    79
                                    104

                                    HTTP Request

                                    GET https://apis.google.com/js/platform.js

                                    HTTP Request

                                    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_0?le=scs

                                    HTTP Request

                                    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.JisoxTPHVRs.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg/cb=gapi.loaded_1?le=scs
                                  • 91.200.40.64:80
                                    http://www.provkusnyashki.com/images/gp.jpg
                                    http
                                    msedge.exe
                                    3.0kB
                                    84.6kB
                                    49
                                    64

                                    HTTP Request

                                    GET http://www.provkusnyashki.com/wp-content/uploads/0162.jpg

                                    HTTP Response

                                    200

                                    HTTP Request

                                    GET http://www.provkusnyashki.com/images/gp.jpg

                                    HTTP Response

                                    404
                                  • 91.200.40.64:80
                                    http://www.provkusnyashki.com/wp-content/plugins/jetpack/modules/sharedaddy/images/loading.gif
                                    http
                                    msedge.exe
                                    1.5kB
                                    27.0kB
                                    16
                                    25

                                    HTTP Request

                                    GET http://www.provkusnyashki.com/wp-content/uploads/0161.jpg

                                    HTTP Response

                                    200

                                    HTTP Request

                                    GET http://www.provkusnyashki.com/wp-content/plugins/jetpack/modules/sharedaddy/images/loading.gif

                                    HTTP Response

                                    200
                                  • 192.0.76.3:443
                                    https://stats.wp.com/e-201837.js
                                    tls, http2
                                    msedge.exe
                                    1.8kB
                                    8.2kB
                                    17
                                    20

                                    HTTP Request

                                    GET https://stats.wp.com/e-201837.js

                                    HTTP Response

                                    200
                                  • 216.58.213.14:80
                                    http://www.google-analytics.com/ga.js
                                    http
                                    msedge.exe
                                    908 B
                                    18.3kB
                                    13
                                    17

                                    HTTP Request

                                    GET http://www.google-analytics.com/ga.js

                                    HTTP Response

                                    200
                                  • 91.200.40.64:80
                                    http://www.provkusnyashki.com/wp-content/plugins/akismet/_inc/form.js?ver=4.0.8
                                    http
                                    msedge.exe
                                    1.7kB
                                    42.0kB
                                    30
                                    32

                                    HTTP Request

                                    GET http://www.provkusnyashki.com/wp-content/plugins/akismet/_inc/form.js?ver=4.0.8

                                    HTTP Response

                                    404
                                  • 91.200.40.64:80
                                    http://www.provkusnyashki.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
                                    http
                                    msedge.exe
                                    627 B
                                    5.8kB
                                    6
                                    8

                                    HTTP Request

                                    GET http://www.provkusnyashki.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8

                                    HTTP Response

                                    200
                                  • 142.250.200.46:443
                                    https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCK0fWFvSOVGoKtOZLafIynA&layout=full&count=default&origin=file%3A%2F%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__
                                    tls, http2
                                    msedge.exe
                                    2.2kB
                                    11.1kB
                                    18
                                    20

                                    HTTP Request

                                    GET https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCK0fWFvSOVGoKtOZLafIynA&layout=full&count=default&origin=file%3A%2F%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__
                                  • 172.217.169.34:139
                                    pagead2.googlesyndication.com
                                    260 B
                                    5
                                  • 142.250.27.84:443
                                    https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__
                                    tls, http2
                                    msedge.exe
                                    2.1kB
                                    7.7kB
                                    17
                                    19

                                    HTTP Request

                                    GET https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.JisoxTPHVRs.O%2Fam%3DAAAC%2Fd%3D1%2Frs%3DAHpOoo9VOmUKkb8FAwL65OiDUU4etqWcRg%2Fm%3D__features__
                                  • 142.250.180.1:443
                                    https://yt3.ggpht.com/ytc/AIdro_l-D9joSoYANZDzudaFiHSm7AFsCbG0MhVLqWO7vqXepA=s48-c-k-c0x00ffffff-no-rj
                                    tls, http2
                                    msedge.exe
                                    2.0kB
                                    13.2kB
                                    17
                                    21

                                    HTTP Request

                                    GET https://yt3.ggpht.com/ytc/AIdro_l-D9joSoYANZDzudaFiHSm7AFsCbG0MhVLqWO7vqXepA=s48-c-k-c0x00ffffff-no-rj
                                  • 172.217.169.3:443
                                    https://ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js
                                    tls, http2
                                    msedge.exe
                                    2.0kB
                                    11.9kB
                                    19
                                    19

                                    HTTP Request

                                    GET https://ssl.gstatic.com/accounts/o/3604799710-postmessagerelay.js
                                  • 151.101.0.84:445
                                    api.pinterest.com
                                    260 B
                                    5
                                  • 151.101.64.84:445
                                    api.pinterest.com
                                    260 B
                                    5
                                  • 151.101.128.84:445
                                    api.pinterest.com
                                    260 B
                                    5
                                  • 151.101.192.84:445
                                    api.pinterest.com
                                    260 B
                                    5
                                  • 151.101.0.84:139
                                    api.pinterest.com
                                    260 B
                                    5
                                  • 192.0.76.3:445
                                    pixel.wp.com
                                    260 B
                                    5
                                  • 8.8.8.8:53
                                    www.provkusnyashki.com
                                    dns
                                    msedge.exe
                                    68 B
                                    84 B
                                    1
                                    1

                                    DNS Request

                                    www.provkusnyashki.com

                                    DNS Response

                                    91.200.40.64

                                  • 8.8.8.8:53
                                    s.w.org
                                    dns
                                    msedge.exe
                                    53 B
                                    69 B
                                    1
                                    1

                                    DNS Request

                                    s.w.org

                                    DNS Response

                                    192.0.77.48

                                  • 8.8.8.8:53
                                    s0.wp.com
                                    dns
                                    msedge.exe
                                    55 B
                                    71 B
                                    1
                                    1

                                    DNS Request

                                    s0.wp.com

                                    DNS Response

                                    192.0.77.32

                                  • 8.8.8.8:53
                                    196.249.167.52.in-addr.arpa
                                    dns
                                    73 B
                                    147 B
                                    1
                                    1

                                    DNS Request

                                    196.249.167.52.in-addr.arpa

                                  • 8.8.8.8:53
                                    22.177.190.20.in-addr.arpa
                                    dns
                                    72 B
                                    158 B
                                    1
                                    1

                                    DNS Request

                                    22.177.190.20.in-addr.arpa

                                  • 8.8.8.8:53
                                    249.197.17.2.in-addr.arpa
                                    dns
                                    71 B
                                    135 B
                                    1
                                    1

                                    DNS Request

                                    249.197.17.2.in-addr.arpa

                                  • 8.8.8.8:53
                                    95.221.229.192.in-addr.arpa
                                    dns
                                    73 B
                                    144 B
                                    1
                                    1

                                    DNS Request

                                    95.221.229.192.in-addr.arpa

                                  • 8.8.8.8:53
                                    apis.google.com
                                    dns
                                    msedge.exe
                                    61 B
                                    98 B
                                    1
                                    1

                                    DNS Request

                                    apis.google.com

                                    DNS Response

                                    142.250.200.14

                                  • 8.8.8.8:53
                                    stats.wp.com
                                    dns
                                    msedge.exe
                                    58 B
                                    74 B
                                    1
                                    1

                                    DNS Request

                                    stats.wp.com

                                    DNS Response

                                    192.0.76.3

                                  • 142.250.200.14:443
                                    apis.google.com
                                    https
                                    msedge.exe
                                    8.1kB
                                    170.3kB
                                    66
                                    134
                                  • 8.8.8.8:53
                                    www.youtube.com
                                    dns
                                    msedge.exe
                                    61 B
                                    303 B
                                    1
                                    1

                                    DNS Request

                                    www.youtube.com

                                    DNS Response

                                    142.250.200.46
                                    216.58.201.110
                                    216.58.204.78
                                    216.58.212.206
                                    216.58.212.238
                                    172.217.169.46
                                    142.250.179.238
                                    142.250.180.14
                                    142.250.187.206
                                    142.250.187.238
                                    142.250.178.14
                                    172.217.16.238
                                    142.250.200.14

                                  • 8.8.8.8:53
                                    accounts.google.com
                                    dns
                                    msedge.exe
                                    65 B
                                    81 B
                                    1
                                    1

                                    DNS Request

                                    accounts.google.com

                                    DNS Response

                                    142.250.27.84

                                  • 8.8.8.8:53
                                    64.40.200.91.in-addr.arpa
                                    dns
                                    71 B
                                    100 B
                                    1
                                    1

                                    DNS Request

                                    64.40.200.91.in-addr.arpa

                                  • 8.8.8.8:53
                                    32.77.0.192.in-addr.arpa
                                    dns
                                    70 B
                                    97 B
                                    1
                                    1

                                    DNS Request

                                    32.77.0.192.in-addr.arpa

                                  • 8.8.8.8:53
                                    14.200.250.142.in-addr.arpa
                                    dns
                                    73 B
                                    112 B
                                    1
                                    1

                                    DNS Request

                                    14.200.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    3.76.0.192.in-addr.arpa
                                    dns
                                    69 B
                                    134 B
                                    1
                                    1

                                    DNS Request

                                    3.76.0.192.in-addr.arpa

                                  • 8.8.8.8:53
                                    14.213.58.216.in-addr.arpa
                                    dns
                                    72 B
                                    141 B
                                    1
                                    1

                                    DNS Request

                                    14.213.58.216.in-addr.arpa

                                  • 8.8.8.8:53
                                    46.200.250.142.in-addr.arpa
                                    dns
                                    73 B
                                    112 B
                                    1
                                    1

                                    DNS Request

                                    46.200.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    yt3.ggpht.com
                                    dns
                                    msedge.exe
                                    59 B
                                    120 B
                                    1
                                    1

                                    DNS Request

                                    yt3.ggpht.com

                                    DNS Response

                                    142.250.180.1

                                  • 8.8.8.8:53
                                    ssl.gstatic.com
                                    dns
                                    msedge.exe
                                    61 B
                                    77 B
                                    1
                                    1

                                    DNS Request

                                    ssl.gstatic.com

                                    DNS Response

                                    172.217.169.3

                                  • 8.8.8.8:53
                                    84.27.250.142.in-addr.arpa
                                    dns
                                    72 B
                                    105 B
                                    1
                                    1

                                    DNS Request

                                    84.27.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    1.180.250.142.in-addr.arpa
                                    dns
                                    72 B
                                    110 B
                                    1
                                    1

                                    DNS Request

                                    1.180.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    3.169.217.172.in-addr.arpa
                                    dns
                                    72 B
                                    110 B
                                    1
                                    1

                                    DNS Request

                                    3.169.217.172.in-addr.arpa

                                  • 224.0.0.251:5353
                                    msedge.exe
                                    584 B
                                    9
                                  • 8.8.8.8:53
                                    97.17.167.52.in-addr.arpa
                                    dns
                                    71 B
                                    145 B
                                    1
                                    1

                                    DNS Request

                                    97.17.167.52.in-addr.arpa

                                  • 8.8.8.8:53
                                    api.pinterest.com
                                    dns
                                    63 B
                                    255 B
                                    1
                                    1

                                    DNS Request

                                    api.pinterest.com

                                    DNS Response

                                    151.101.0.84
                                    151.101.64.84
                                    151.101.128.84
                                    151.101.192.84

                                  • 8.8.8.8:53
                                    api.pinterest.com
                                    dns
                                    63 B
                                    255 B
                                    1
                                    1

                                    DNS Request

                                    api.pinterest.com

                                    DNS Response

                                    151.101.0.84
                                    151.101.64.84
                                    151.101.128.84
                                    151.101.192.84

                                  • 8.8.8.8:53
                                    183.59.114.20.in-addr.arpa
                                    dns
                                    72 B
                                    158 B
                                    1
                                    1

                                    DNS Request

                                    183.59.114.20.in-addr.arpa

                                  • 8.8.8.8:53
                                    15.164.165.52.in-addr.arpa
                                    dns
                                    72 B
                                    146 B
                                    1
                                    1

                                    DNS Request

                                    15.164.165.52.in-addr.arpa

                                  • 8.8.8.8:53
                                    pixel.wp.com
                                    dns
                                    58 B
                                    74 B
                                    1
                                    1

                                    DNS Request

                                    pixel.wp.com

                                    DNS Response

                                    192.0.76.3

                                  • 8.8.8.8:53
                                    pixel.wp.com
                                    dns
                                    58 B
                                    74 B
                                    1
                                    1

                                    DNS Request

                                    pixel.wp.com

                                    DNS Response

                                    192.0.76.3

                                  • 142.250.27.84:443
                                    accounts.google.com
                                    https
                                    msedge.exe
                                    2.6kB
                                    8.5kB
                                    10
                                    12
                                  • 8.8.8.8:53
                                    172.210.232.199.in-addr.arpa
                                    dns
                                    74 B
                                    128 B
                                    1
                                    1

                                    DNS Request

                                    172.210.232.199.in-addr.arpa

                                  • 8.8.8.8:53
                                    43.229.111.52.in-addr.arpa
                                    dns
                                    72 B
                                    158 B
                                    1
                                    1

                                    DNS Request

                                    43.229.111.52.in-addr.arpa

                                  • 142.250.27.84:443
                                    accounts.google.com
                                    https
                                    msedge.exe
                                    3.8kB
                                    3.8kB
                                    9
                                    10
                                  • 8.8.8.8:53
                                    92.16.208.104.in-addr.arpa
                                    dns
                                    72 B
                                    146 B
                                    1
                                    1

                                    DNS Request

                                    92.16.208.104.in-addr.arpa

                                  MITRE ATT&CK Enterprise v15

                                  Replay Monitor

                                  Loading Replay Monitor...

                                  Downloads

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                    Filesize

                                    152B

                                    MD5

                                    c9c4c494f8fba32d95ba2125f00586a3

                                    SHA1

                                    8a600205528aef7953144f1cf6f7a5115e3611de

                                    SHA256

                                    a0ca609205813c307df9122c0c5b0967c5472755700f615b0033129cf7d6b35b

                                    SHA512

                                    9d30cea6cfc259e97b0305f8b5cd19774044fb78feedfcef2014b2947f2e6a101273bc4ad30db9cc1724e62eb441266d7df376e28ac58693f128b9cce2c7d20d

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                    Filesize

                                    152B

                                    MD5

                                    4dc6fc5e708279a3310fe55d9c44743d

                                    SHA1

                                    a42e8bdf9d1c25ef3e223d59f6b1d16b095f46d2

                                    SHA256

                                    a1c5f48659d4b3af960971b3a0f433a95fee5bfafe5680a34110c68b342377d8

                                    SHA512

                                    5874b2310187f242b852fa6dcded244cc860abb2be4f6f5a6a1db8322e12e1fef8f825edc0aae75adbb7284a2cd64730650d0643b1e2bb7ead9350e50e1d8c13

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

                                    Filesize

                                    22KB

                                    MD5

                                    5e74c6d871232d6fe5d88711ece1408b

                                    SHA1

                                    1a5d3ac31e833df4c091f14c94a2ecd1c6294875

                                    SHA256

                                    bcadf445d413314a44375c63418a0f255fbac7afae40be0a80c9231751176105

                                    SHA512

                                    9d001eabce7ffdbf8e338725ef07f0033d0780ea474b7d33c2ad63886ff3578d818eb5c9b130d726353cd813160b49f572736dd288cece84e9bd8b784ce530d5

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                    Filesize

                                    168B

                                    MD5

                                    8ccd9cdb824ae52756a59551352e8673

                                    SHA1

                                    e86af1aa0d2989b7cd6a0ded3c7259317ba3f94d

                                    SHA256

                                    93efe7bdbbe6bd539207ab79f69bf6a2026150c1337ea6ce0ee3c8f5af01aed8

                                    SHA512

                                    1d8851e8b86dd3d69b4ee94cb3854f5f1fc04d5c8d2405431cd1a58839ebf37350c10b48101682706de461a2b788fcc627969efa53271ce74a285e212094c925

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                    Filesize

                                    192B

                                    MD5

                                    f8b58bf272fbca21bd0fb1a65805b3d4

                                    SHA1

                                    9da36da4b6f6b36a1b5ea4e2a7d934cf081038e7

                                    SHA256

                                    0c44c554f6093c65be898f14f367f404984d8958dba27455345bdace04c09fab

                                    SHA512

                                    1f6442866a04bf200f3b9c14c14d324b032756d85ed93a104339f13699d07bf2918f2dc669d05e9338b9e771696c8542b8aa60a4a2c240eb87f1df1f3a7c54fe

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

                                    Filesize

                                    192B

                                    MD5

                                    7bccdeedd8af48477d177918d6814ab5

                                    SHA1

                                    95cd32dd16dd4206a6db13afdf84973fbb576389

                                    SHA256

                                    36bf083e76cec0123b4f769504989bffe5f028ccd822c1f1c3f219f36661aafa

                                    SHA512

                                    c80b6695d16118812df17f0fe73c5c6cb061fad6b7a692a0851150a7f25524fa2ea8ac4094dad7fc45f98652540f9c6072afe929209378566309a7f7c2d2c075

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                    Filesize

                                    1KB

                                    MD5

                                    c7b508a29c1f99b5148935d14619aa6a

                                    SHA1

                                    882503da51245ab60e98d56988415b02a3813d55

                                    SHA256

                                    117400ea29c73a6fd639fc11198eb9a999f81ddc3e68a0a94c1a43152bbdbf04

                                    SHA512

                                    b6cf2013f06d7944c436643f379ff9a192b5185e57c218c1b6f70cd234db5ab95a0d6a24b960a4d94a3eade5c82ac2c3890420a0591092c8d4954adde4ddd396

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                    Filesize

                                    5KB

                                    MD5

                                    1d4ba5d63c6db01040af25f174de7086

                                    SHA1

                                    600749f725e8a21708f7c86005129e3b05a4d4c1

                                    SHA256

                                    81e19b2533f20d3f1d647b1db3400dd6f6ccff01dc1db378d393fd0717e144da

                                    SHA512

                                    8d5ec0faa7a651b15047e6c8519845b9ece9c17072c57e63678a8b88a42f754cedb6615e7819a482d6951205c617bde3bd1bb3f6bd86669f52d271bd1bcdedd3

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                    Filesize

                                    7KB

                                    MD5

                                    b6e2bf6b36339611ea4795955b4f19be

                                    SHA1

                                    5eabb8eb6ac5ffdf974966e42568c4dadc77fa12

                                    SHA256

                                    46bb77504b32855ab46f02062b466dbfb7e5d68837823bede2461a50804f4a3b

                                    SHA512

                                    3d80ccfb77ff82171aa034cc9f289f2d77efa48744e2b3d7f66d964111d38db84d79c75f15259bf634e0b61a1f5b5dcb8c61590f85fe133844fc208b11291a9e

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                    Filesize

                                    6KB

                                    MD5

                                    f72ba9358e34d79ba4d99a2ac213cae4

                                    SHA1

                                    0bf1b6fd475ce59289d6f6f04a1e6ade0e349a2f

                                    SHA256

                                    c34df3056b2ee6ea0a63112943fb7290dafff3101860e37348d19806f7e1795e

                                    SHA512

                                    8f0d17589ee2398a91e88f0ac5e94f0a2746bd6df982ea627a758f6ae34bbfb32a5306f9963b34c8a9b6cd5e5101d76448e8c95be019c2e4f740ab14b374382c

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                    Filesize

                                    16B

                                    MD5

                                    46295cac801e5d4857d09837238a6394

                                    SHA1

                                    44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                    SHA256

                                    0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                    SHA512

                                    8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

                                    Filesize

                                    16B

                                    MD5

                                    206702161f94c5cd39fadd03f4014d98

                                    SHA1

                                    bd8bfc144fb5326d21bd1531523d9fb50e1b600a

                                    SHA256

                                    1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167

                                    SHA512

                                    0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

                                  • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                    Filesize

                                    10KB

                                    MD5

                                    0643c760cf7cb479c033638e424401f1

                                    SHA1

                                    7928e7301acd72e8fd10e8c7adc3eb9bef595bbe

                                    SHA256

                                    a0c0e098a4e69b4bfc1cf023f85fa367d4ba0eea550ab31900f1a19beb97651c

                                    SHA512

                                    500b46b835896b93a899bb5cf48d6e289f25a209262dfea07fb418569c6de50690d00fcba217d11781bbdaa7342f42de55f86816e40cd97bb68059339fbc40b8

                                  We care about your privacy.

                                  This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.