Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

afbad13a0c...8.html

windows7-x64

1

afbad13a0c...8.html

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/06/2024, 18:13 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    afbad13a0c7c64c3ee3d9cbd9eb7f6fc_JaffaCakes118.html

  • Size

    312KB

  • MD5

    afbad13a0c7c64c3ee3d9cbd9eb7f6fc

  • SHA1

    85219ac99bbf1cae36bb2b2807e34c947c7294f6

  • SHA256

    742dc9b6431ad57e660b9b321fde273fe70233c7418740d7d4db46837c61ead9

  • SHA512

    d4125963796a086fea9cef40d20fd1889376d2bfc2783d4da890cdd28018263d3dcfacdefffed2d5ecc88ac1763b1677acf288f7dd82be4b3d01152245450906

  • SSDEEP

    6144:+XH+Xg9ah4RnSLfReleXcV9SgRL29gX11lBdS+1SrTqbq+WvvRWTmHzkpkENcgE:gvE

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 8 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\afbad13a0c7c64c3ee3d9cbd9eb7f6fc_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3620
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff6fcb46f8,0x7fff6fcb4708,0x7fff6fcb4718
      2⤵
        PID:4308
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,2279875301371793137,15759559142695425135,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2116 /prefetch:2
        2⤵
          PID:2216
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2100,2279875301371793137,15759559142695425135,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:1952
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2100,2279875301371793137,15759559142695425135,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2828 /prefetch:8
          2⤵
            PID:2256
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,2279875301371793137,15759559142695425135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
            2⤵
              PID:3884
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,2279875301371793137,15759559142695425135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1
              2⤵
                PID:1568
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,2279875301371793137,15759559142695425135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6124 /prefetch:1
                2⤵
                  PID:4036
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,2279875301371793137,15759559142695425135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5812 /prefetch:1
                  2⤵
                    PID:4732
                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,2279875301371793137,15759559142695425135,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5424 /prefetch:8
                    2⤵
                      PID:1280
                    • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2100,2279875301371793137,15759559142695425135,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5424 /prefetch:8
                      2⤵
                      • Suspicious behavior: EnumeratesProcesses
                      PID:1548
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,2279875301371793137,15759559142695425135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1
                      2⤵
                        PID:1104
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,2279875301371793137,15759559142695425135,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1
                        2⤵
                          PID:5076
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,2279875301371793137,15759559142695425135,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
                          2⤵
                            PID:1220
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2100,2279875301371793137,15759559142695425135,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
                            2⤵
                              PID:1664
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2100,2279875301371793137,15759559142695425135,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4868 /prefetch:2
                              2⤵
                              • Suspicious behavior: EnumeratesProcesses
                              PID:592
                          • C:\Windows\System32\CompPkgSrv.exe
                            C:\Windows\System32\CompPkgSrv.exe -Embedding
                            1⤵
                              PID:3772
                            • C:\Windows\System32\CompPkgSrv.exe
                              C:\Windows\System32\CompPkgSrv.exe -Embedding
                              1⤵
                                PID:4904

                              Network

                              • flag-us
                                DNS
                                serraturecassefortigraziano.it
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                serraturecassefortigraziano.it
                                IN A
                                Response
                              • flag-us
                                DNS
                                google-statik.pw
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                google-statik.pw
                                IN A
                                Response
                                google-statik.pw
                                IN A
                                185.130.44.165
                              • flag-us
                                DNS
                                netdna.bootstrapcdn.com
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                netdna.bootstrapcdn.com
                                IN A
                                Response
                                netdna.bootstrapcdn.com
                                IN A
                                104.18.11.207
                                netdna.bootstrapcdn.com
                                IN A
                                104.18.10.207
                              • flag-se
                                GET
                                http://google-statik.pw/mainer/myscr109881.js
                                msedge.exe
                                Remote address:
                                185.130.44.165:80
                                Request
                                GET /mainer/myscr109881.js HTTP/1.1
                                Host: google-statik.pw
                                Connection: keep-alive
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                DNT: 1
                                Accept: */*
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 404 Not Found
                                Date: Sat, 15 Jun 2024 18:13:39 GMT
                                Server: Apache/2.4.29 (Ubuntu)
                                Content-Length: 278
                                Keep-Alive: timeout=5, max=100
                                Connection: Keep-Alive
                                Content-Type: text/html; charset=iso-8859-1
                              • flag-us
                                GET
                                https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css?ver=5.0.8
                                msedge.exe
                                Remote address:
                                104.18.11.207:443
                                Request
                                GET /font-awesome/4.0.3/css/font-awesome.css?ver=5.0.8 HTTP/2.0
                                host: netdna.bootstrapcdn.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                dnt: 1
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: text/css,*/*;q=0.1
                                sec-fetch-site: cross-site
                                sec-fetch-mode: no-cors
                                sec-fetch-dest: style
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                                Response
                                HTTP/2.0 200
                                date: Sat, 15 Jun 2024 18:13:39 GMT
                                content-type: text/css; charset=utf-8
                                cdn-pullzone: 252412
                                cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
                                cdn-requestcountrycode: FR
                                vary: Accept-Encoding
                                access-control-allow-origin: *
                                cache-control: public, max-age=31919000
                                content-encoding: br
                                etag: W/"1f9e9d1a5a1d347d945ef4b7727f2ea0"
                                last-modified: Mon, 25 Jan 2021 22:04:53 GMT
                                cdn-cachedat: 03/18/2024 14:42:14
                                cdn-proxyver: 1.04
                                cdn-requestpullcode: 200
                                cdn-requestpullsuccess: True
                                cdn-edgestorageid: 1074
                                timing-allow-origin: *
                                cross-origin-resource-policy: cross-origin
                                x-content-type-options: nosniff
                                cdn-status: 200
                                cdn-requestid: 597e52299b5c072b18e26b7540f37822
                                cdn-cache: HIT
                                cf-cache-status: HIT
                                age: 446575
                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                server: cloudflare
                                cf-ray: 8944890798ab63e5-LHR
                                alt-svc: h3=":443"; ma=86400
                              • flag-us
                                DNS
                                nibirumail.com
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                nibirumail.com
                                IN A
                                Response
                                nibirumail.com
                                IN A
                                46.28.2.29
                              • flag-us
                                DNS
                                s.w.org
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                s.w.org
                                IN A
                                Response
                                s.w.org
                                IN A
                                192.0.77.48
                              • flag-us
                                DNS
                                www.idraulico-riccione.it
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                www.idraulico-riccione.it
                                IN A
                                Response
                              • flag-it
                                GET
                                https://nibirumail.com/docs/scripts/nibirumail.cookie.min.js?ver=0.9
                                msedge.exe
                                Remote address:
                                46.28.2.29:443
                                Request
                                GET /docs/scripts/nibirumail.cookie.min.js?ver=0.9 HTTP/1.1
                                Host: nibirumail.com
                                Connection: keep-alive
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                DNT: 1
                                sec-ch-ua-mobile: ?0
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                Accept: */*
                                Sec-Fetch-Site: cross-site
                                Sec-Fetch-Mode: no-cors
                                Sec-Fetch-Dest: script
                                Accept-Encoding: gzip, deflate, br
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 200 OK
                                Date: Sat, 15 Jun 2024 18:13:39 GMT
                                Server: Apache
                                Last-Modified: Sun, 29 May 2022 11:12:51 GMT
                                ETag: "f00-5e0249ece16ae"
                                Accept-Ranges: bytes
                                Content-Length: 3840
                                X-Powered-By: PleskLin
                                Keep-Alive: timeout=1, max=100
                                Connection: Keep-Alive
                                Content-Type: application/javascript
                              • flag-us
                                DNS
                                apis.google.com
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                apis.google.com
                                IN A
                                Response
                                apis.google.com
                                IN CNAME
                                plus.l.google.com
                                plus.l.google.com
                                IN A
                                142.250.200.14
                              • flag-gb
                                GET
                                https://apis.google.com/js/platform.js
                                msedge.exe
                                Remote address:
                                142.250.200.14:443
                                Request
                                GET /js/platform.js HTTP/2.0
                                host: apis.google.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                dnt: 1
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: */*
                                sec-fetch-site: cross-site
                                sec-fetch-mode: no-cors
                                sec-fetch-dest: script
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-gb
                                GET
                                https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=page/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs
                                msedge.exe
                                Remote address:
                                142.250.200.14:443
                                Request
                                GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=page/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs HTTP/2.0
                                host: apis.google.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                dnt: 1
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: */*
                                sec-fetch-site: cross-site
                                sec-fetch-mode: no-cors
                                sec-fetch-dest: script
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-gb
                                GET
                                https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=page/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs
                                msedge.exe
                                Remote address:
                                142.250.200.14:443
                                Request
                                GET /_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=page/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs HTTP/2.0
                                host: apis.google.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                dnt: 1
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: */*
                                sec-fetch-site: cross-site
                                sec-fetch-mode: no-cors
                                sec-fetch-dest: script
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-gb
                                GET
                                https://apis.google.com/u/0/_/widget/render/page?usegapi=1&width=300&href=https%3A%2F%2Fplus.google.com%2Fb%2F116508173172942963955%2F116508173172942963955&layout=portrait&theme=light&rel=publisher&showtagline=false&showcoverphoto=false&origin=file%3A%2F%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
                                msedge.exe
                                Remote address:
                                142.250.200.14:443
                                Request
                                GET /u/0/_/widget/render/page?usegapi=1&width=300&href=https%3A%2F%2Fplus.google.com%2Fb%2F116508173172942963955%2F116508173172942963955&layout=portrait&theme=light&rel=publisher&showtagline=false&showcoverphoto=false&origin=file%3A%2F%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__ HTTP/2.0
                                host: apis.google.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                sec-ch-ua-mobile: ?0
                                upgrade-insecure-requests: 1
                                dnt: 1
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                sec-fetch-site: cross-site
                                sec-fetch-mode: navigate
                                sec-fetch-dest: iframe
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-us
                                DNS
                                8.8.8.8.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                8.8.8.8.in-addr.arpa
                                IN PTR
                                Response
                                8.8.8.8.in-addr.arpa
                                IN PTR
                                dnsgoogle
                              • flag-us
                                DNS
                                207.11.18.104.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                207.11.18.104.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                165.44.130.185.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                165.44.130.185.in-addr.arpa
                                IN PTR
                                Response
                                165.44.130.185.in-addr.arpa
                                IN PTR
                                18513044165staticprivexcc
                              • flag-us
                                DNS
                                249.197.17.2.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                249.197.17.2.in-addr.arpa
                                IN PTR
                                Response
                                249.197.17.2.in-addr.arpa
                                IN PTR
                                a2-17-197-249deploystaticakamaitechnologiescom
                              • flag-us
                                DNS
                                29.2.28.46.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                29.2.28.46.in-addr.arpa
                                IN PTR
                                Response
                                29.2.28.46.in-addr.arpa
                                IN PTR
                                d00ic6-lenuslab1 sphostservercom
                              • flag-us
                                DNS
                                14.200.250.142.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                14.200.250.142.in-addr.arpa
                                IN PTR
                                Response
                                14.200.250.142.in-addr.arpa
                                IN PTR
                                lhr48s29-in-f141e100net
                              • flag-us
                                DNS
                                g.bing.com
                                Remote address:
                                8.8.8.8:53
                                Request
                                g.bing.com
                                IN A
                                Response
                                g.bing.com
                                IN CNAME
                                g-bing-com.dual-a-0034.a-msedge.net
                                g-bing-com.dual-a-0034.a-msedge.net
                                IN CNAME
                                dual-a-0034.a-msedge.net
                                dual-a-0034.a-msedge.net
                                IN A
                                13.107.21.237
                                dual-a-0034.a-msedge.net
                                IN A
                                204.79.197.237
                              • flag-us
                                GET
                                https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8NvNZEaigH140zI8rodsQATVUCUyJ-E0e0JKpHQts8_3Rhj3m70D2UC4A7clLCimJcyf8EnGpQO0b4VhpwD9SZFIi5BFJHQhFyFH5Rbpu9u1Qso5bu3PeAhjkOu_zyEgNNTndzelgi7wu2Zk0pMsx0-Ry7QjOyYRvF5DYO6P30RiXOhhx%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZndvcmQlM2ZvY2lkJTNkY21taWV5YnVyNGM%26rlid%3D9796fe2c77431487075a9844d4dbdc5e&TIME=20240611T192127Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321&muid=C1FAC51E94ABDC02D5235673D6AE25E6
                                Remote address:
                                13.107.21.237:443
                                Request
                                GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8NvNZEaigH140zI8rodsQATVUCUyJ-E0e0JKpHQts8_3Rhj3m70D2UC4A7clLCimJcyf8EnGpQO0b4VhpwD9SZFIi5BFJHQhFyFH5Rbpu9u1Qso5bu3PeAhjkOu_zyEgNNTndzelgi7wu2Zk0pMsx0-Ry7QjOyYRvF5DYO6P30RiXOhhx%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZndvcmQlM2ZvY2lkJTNkY21taWV5YnVyNGM%26rlid%3D9796fe2c77431487075a9844d4dbdc5e&TIME=20240611T192127Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321&muid=C1FAC51E94ABDC02D5235673D6AE25E6 HTTP/2.0
                                host: g.bing.com
                                accept-encoding: gzip, deflate
                                user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                                Response
                                HTTP/2.0 204
                                cache-control: no-cache, must-revalidate
                                pragma: no-cache
                                expires: Fri, 01 Jan 1990 00:00:00 GMT
                                set-cookie: MUID=10D563BEBB1A669705827721BA3D67B7; domain=.bing.com; expires=Thu, 10-Jul-2025 18:13:40 GMT; path=/; SameSite=None; Secure; Priority=High;
                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                access-control-allow-origin: *
                                x-cache: CONFIG_NOCACHE
                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                x-msedge-ref: Ref A: B31BADC69C8A40E88EBCCB29262A97DB Ref B: LON04EDGE0712 Ref C: 2024-06-15T18:13:40Z
                                date: Sat, 15 Jun 2024 18:13:40 GMT
                              • flag-us
                                GET
                                https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8NvNZEaigH140zI8rodsQATVUCUyJ-E0e0JKpHQts8_3Rhj3m70D2UC4A7clLCimJcyf8EnGpQO0b4VhpwD9SZFIi5BFJHQhFyFH5Rbpu9u1Qso5bu3PeAhjkOu_zyEgNNTndzelgi7wu2Zk0pMsx0-Ry7QjOyYRvF5DYO6P30RiXOhhx%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZndvcmQlM2ZvY2lkJTNkY21taWV5YnVyNGM%26rlid%3D9796fe2c77431487075a9844d4dbdc5e&TIME=20240611T192127Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321&muid=C1FAC51E94ABDC02D5235673D6AE25E6
                                Remote address:
                                13.107.21.237:443
                                Request
                                GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8NvNZEaigH140zI8rodsQATVUCUyJ-E0e0JKpHQts8_3Rhj3m70D2UC4A7clLCimJcyf8EnGpQO0b4VhpwD9SZFIi5BFJHQhFyFH5Rbpu9u1Qso5bu3PeAhjkOu_zyEgNNTndzelgi7wu2Zk0pMsx0-Ry7QjOyYRvF5DYO6P30RiXOhhx%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZndvcmQlM2ZvY2lkJTNkY21taWV5YnVyNGM%26rlid%3D9796fe2c77431487075a9844d4dbdc5e&TIME=20240611T192127Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321&muid=C1FAC51E94ABDC02D5235673D6AE25E6 HTTP/2.0
                                host: g.bing.com
                                accept-encoding: gzip, deflate
                                user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                                cookie: MUID=10D563BEBB1A669705827721BA3D67B7; _EDGE_S=SID=12693E21FB1B63A8218A2ABEFAC96230
                                Response
                                HTTP/2.0 204
                                cache-control: no-cache, must-revalidate
                                pragma: no-cache
                                expires: Fri, 01 Jan 1990 00:00:00 GMT
                                set-cookie: MSPTC=aZ361oYRmn8iX1Jp4OTiZdT4RwcREsZ61dPtlzLaiOA; domain=.bing.com; expires=Thu, 10-Jul-2025 18:13:41 GMT; path=/; Partitioned; secure; SameSite=None
                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                access-control-allow-origin: *
                                x-cache: CONFIG_NOCACHE
                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                x-msedge-ref: Ref A: 0292557A67BA4956A0DE7905FB2C25F2 Ref B: LON04EDGE0712 Ref C: 2024-06-15T18:13:41Z
                                date: Sat, 15 Jun 2024 18:13:40 GMT
                              • flag-be
                                GET
                                https://www.bing.com/aes/c.gif?RG=214e741399424ad6af50d1621f64ebd5&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T192127Z&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321
                                Remote address:
                                23.41.178.98:443
                                Request
                                GET /aes/c.gif?RG=214e741399424ad6af50d1621f64ebd5&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T192127Z&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321 HTTP/2.0
                                host: www.bing.com
                                accept-encoding: gzip, deflate
                                user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                                cookie: MUID=10D563BEBB1A669705827721BA3D67B7
                                Response
                                HTTP/2.0 200
                                cache-control: private,no-store
                                pragma: no-cache
                                vary: Origin
                                p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                x-msedge-ref: Ref A: 77379B816EDB4862992E23776B501F10 Ref B: FRAEDGE1208 Ref C: 2024-06-15T18:13:41Z
                                content-length: 0
                                date: Sat, 15 Jun 2024 18:13:41 GMT
                                set-cookie: _EDGE_S=SID=12693E21FB1B63A8218A2ABEFAC96230; path=/; httponly; domain=bing.com
                                set-cookie: MUIDB=10D563BEBB1A669705827721BA3D67B7; path=/; httponly; expires=Thu, 10-Jul-2025 18:13:41 GMT
                                alt-svc: h3=":443"; ma=93600
                                x-cdn-traceid: 0.5eb22917.1718475221.9e0fce
                              • flag-us
                                DNS
                                98.178.41.23.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                98.178.41.23.in-addr.arpa
                                IN PTR
                                Response
                                98.178.41.23.in-addr.arpa
                                IN PTR
                                a23-41-178-98deploystaticakamaitechnologiescom
                              • flag-us
                                DNS
                                static.addtoany.com
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                static.addtoany.com
                                IN A
                                Response
                                static.addtoany.com
                                IN A
                                172.67.39.148
                                static.addtoany.com
                                IN A
                                104.22.71.197
                                static.addtoany.com
                                IN A
                                104.22.70.197
                              • flag-us
                                DNS
                                serraturecassefortigraziano.it
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                serraturecassefortigraziano.it
                                IN A
                                Response
                              • flag-us
                                GET
                                https://static.addtoany.com/menu/page.js
                                msedge.exe
                                Remote address:
                                172.67.39.148:443
                                Request
                                GET /menu/page.js HTTP/2.0
                                host: static.addtoany.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                dnt: 1
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: */*
                                sec-fetch-site: cross-site
                                sec-fetch-mode: no-cors
                                sec-fetch-dest: script
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                                Response
                                HTTP/2.0 200
                                date: Sat, 15 Jun 2024 18:14:01 GMT
                                content-type: application/javascript
                                access-control-allow-origin: *
                                cache-control: max-age=86400, stale-while-revalidate=30, public
                                cf-bgj: minify
                                etag: W/"e346c2841e4abbb66ee259e9540abb61"
                                nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PIYEO6yM3UUei8REvQQRNGRdz0LoBLLMaJ7fMywB9rDaTaTJj%2FTKdwMvuhulaqy7XU%2FvW6fKBy%2FllZwssgeiHeqKditRL1kWnKC8lafsl0B5cO2xAzczjm%2FWiuBxG7qMtHZjULED"}],"group":"cf-nel","max_age":604800}
                                vary: Accept-Encoding
                                referrer-policy: strict-origin-when-cross-origin
                                x-content-type-options: nosniff
                                cf-cache-status: HIT
                                age: 24248
                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                server: cloudflare
                                cf-ray: 89448994aa1023c4-LHR
                                content-encoding: br
                                alt-svc: h3=":443"; ma=86400
                              • flag-us
                                GET
                                https://static.addtoany.com/menu/sm.25.html
                                msedge.exe
                                Remote address:
                                172.67.39.148:443
                                Request
                                GET /menu/sm.25.html HTTP/2.0
                                host: static.addtoany.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                sec-ch-ua-mobile: ?0
                                upgrade-insecure-requests: 1
                                dnt: 1
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                sec-fetch-site: cross-site
                                sec-fetch-mode: navigate
                                sec-fetch-dest: iframe
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                                Response
                                HTTP/2.0 200
                                date: Sat, 15 Jun 2024 18:14:01 GMT
                                content-type: text/html; charset=utf-8
                                access-control-allow-origin: *
                                cache-control: max-age=315360000, immutable
                                referrer-policy: strict-origin-when-cross-origin
                                x-content-type-options: nosniff
                                report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EIP3WdSCtEpwhyMJ9Y7r8QfKdjfaQ6EruU%2BiAClpz0%2F6lEDKck3JmI0lJE1%2FbjsAb5HNhmm4WlIxHr2%2F8cEuJLmaYDx7SqoAOLmV1UTU80PFqfTKKk5bCke2m%2BaNMCTQ8DmF75g5XMBajeWHyHNy6Gub"}],"group":"cf-nel","max_age":604800}
                                nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                vary: Accept-Encoding
                                cf-cache-status: HIT
                                age: 24379
                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                server: cloudflare
                                cf-ray: 894489952abe23c4-LHR
                                content-encoding: br
                                alt-svc: h3=":443"; ma=86400
                              • flag-us
                                GET
                                https://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
                                msedge.exe
                                Remote address:
                                104.18.11.207:443
                                Request
                                GET /font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3 HTTP/2.0
                                host: netdna.bootstrapcdn.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                origin: null
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                dnt: 1
                                accept: */*
                                sec-fetch-site: cross-site
                                sec-fetch-mode: cors
                                sec-fetch-dest: font
                                referer: https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css?ver=5.0.8
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                                Response
                                HTTP/2.0 200
                                date: Sat, 15 Jun 2024 18:14:01 GMT
                                content-type: font/woff
                                content-length: 44432
                                cdn-pullzone: 252412
                                cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
                                cdn-requestcountrycode: FR
                                access-control-allow-origin: *
                                cache-control: public, max-age=31919000
                                etag: "3293616ec0c605c7c2db25829a0a509e"
                                last-modified: Mon, 25 Jan 2021 22:04:53 GMT
                                cdn-cachedat: 10/31/2023 19:16:58
                                cdn-proxyver: 1.04
                                cdn-requestpullcode: 200
                                cdn-requestpullsuccess: True
                                cdn-edgestorageid: 1073
                                timing-allow-origin: *
                                cross-origin-resource-policy: cross-origin
                                x-content-type-options: nosniff
                                cdn-status: 200
                                cdn-requestid: 13e956833a13cc544d0e25ae210eb9d3
                                cdn-cache: HIT
                                cf-cache-status: HIT
                                age: 7686081
                                accept-ranges: bytes
                                vary: Accept-Encoding
                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                server: cloudflare
                                cf-ray: 89448993af803da8-LHR
                                alt-svc: h3=":443"; ma=86400
                              • flag-us
                                DNS
                                developers.google.com
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                developers.google.com
                                IN A
                                Response
                                developers.google.com
                                IN A
                                216.58.201.110
                              • flag-gb
                                GET
                                http://developers.google.com/
                                msedge.exe
                                Remote address:
                                216.58.201.110:80
                                Request
                                GET / HTTP/1.1
                                Host: developers.google.com
                                Connection: keep-alive
                                Upgrade-Insecure-Requests: 1
                                DNT: 1
                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                Accept-Encoding: gzip, deflate
                                Accept-Language: en-US,en;q=0.9
                                Response
                                HTTP/1.1 301 Moved Permanently
                                Location: https://developers.google.com/
                                X-Cloud-Trace-Context: 47b94e82cb0acf18f4e365b26c6ad50d
                                Date: Sat, 15 Jun 2024 18:14:01 GMT
                                Content-Type: text/html
                                Server: Google Frontend
                                Content-Length: 0
                              • flag-us
                                DNS
                                apps.identrust.com
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                apps.identrust.com
                                IN A
                                Response
                                apps.identrust.com
                                IN CNAME
                                identrust.edgesuite.net
                                identrust.edgesuite.net
                                IN CNAME
                                a1952.dscq.akamai.net
                                a1952.dscq.akamai.net
                                IN A
                                104.117.77.184
                                a1952.dscq.akamai.net
                                IN A
                                104.117.77.187
                              • flag-us
                                DNS
                                accounts.google.com
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                accounts.google.com
                                IN A
                                Response
                                accounts.google.com
                                IN A
                                142.250.27.84
                              • flag-be
                                GET
                                http://apps.identrust.com/roots/dstrootcax3.p7c
                                msedge.exe
                                Remote address:
                                104.117.77.184:80
                                Request
                                GET /roots/dstrootcax3.p7c HTTP/1.1
                                Connection: Keep-Alive
                                Accept: */*
                                User-Agent: Microsoft-CryptoAPI/10.0
                                Host: apps.identrust.com
                                Response
                                HTTP/1.1 200 OK
                                X-XSS-Protection: 1; mode=block
                                X-Frame-Options: SAMEORIGIN
                                X-Content-Type-Options: nosniff
                                X-Robots-Tag: noindex
                                Referrer-Policy: same-origin
                                Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
                                ETag: "37d-6079b8c0929c0"
                                Accept-Ranges: bytes
                                Content-Length: 893
                                X-Content-Type-Options: nosniff
                                X-Frame-Options: sameorigin
                                Content-Type: application/pkcs7-mime
                                Cache-Control: max-age=3600
                                Expires: Sat, 15 Jun 2024 19:14:01 GMT
                                Date: Sat, 15 Jun 2024 18:14:01 GMT
                                Connection: keep-alive
                              • flag-nl
                                GET
                                https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
                                msedge.exe
                                Remote address:
                                142.250.27.84:443
                                Request
                                GET /o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__ HTTP/2.0
                                host: accounts.google.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                sec-ch-ua-mobile: ?0
                                upgrade-insecure-requests: 1
                                dnt: 1
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                sec-fetch-site: cross-site
                                sec-fetch-mode: navigate
                                sec-fetch-dest: iframe
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-gb
                                GET
                                https://developers.google.com/
                                msedge.exe
                                Remote address:
                                216.58.201.110:443
                                Request
                                GET / HTTP/2.0
                                host: developers.google.com
                                upgrade-insecure-requests: 1
                                dnt: 1
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                sec-fetch-site: cross-site
                                sec-fetch-mode: navigate
                                sec-fetch-dest: iframe
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                sec-ch-ua-mobile: ?0
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-us
                                GET
                                https://static.addtoany.com/menu/modules/core.BRQnzO8v.js
                                msedge.exe
                                Remote address:
                                172.67.39.148:443
                                Request
                                GET /menu/modules/core.BRQnzO8v.js HTTP/2.0
                                host: static.addtoany.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                origin: null
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                dnt: 1
                                accept: */*
                                sec-fetch-site: cross-site
                                sec-fetch-mode: cors
                                sec-fetch-dest: script
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                                Response
                                HTTP/2.0 200
                                date: Sat, 15 Jun 2024 18:14:01 GMT
                                content-type: application/javascript
                                access-control-allow-origin: *
                                cache-control: max-age=315360000, immutable
                                cf-bgj: minify
                                etag: W/"25da5432b1057724b8210f17e9b9db05"
                                nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2gJ0HbfnckLN13D85%2BIikPx0EgwQVgj5%2F8XvG5WcHJmfnV%2Bv%2FrazMCtVR6DOvKg6ZsvtVKhXSIbbwk3WoAgnBoPZrp2DfYzI7AJHXipj92D3Smy62EZ3v7LKJgOzHRDqf6QxtUk4xjx6rNRBfQkK82ch"}],"group":"cf-nel","max_age":604800}
                                vary: Accept-Encoding
                                referrer-policy: strict-origin-when-cross-origin
                                x-content-type-options: nosniff
                                cf-cache-status: HIT
                                age: 7173
                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                server: cloudflare
                                cf-ray: 89448995be8f9472-LHR
                                content-encoding: br
                                alt-svc: h3=":443"; ma=86400
                              • flag-us
                                GET
                                https://static.addtoany.com/menu/svg/icons/facebook.js
                                msedge.exe
                                Remote address:
                                172.67.39.148:443
                                Request
                                GET /menu/svg/icons/facebook.js HTTP/2.0
                                host: static.addtoany.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                origin: null
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                dnt: 1
                                accept: */*
                                sec-fetch-site: cross-site
                                sec-fetch-mode: cors
                                sec-fetch-dest: script
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                                Response
                                HTTP/2.0 200
                                date: Sat, 15 Jun 2024 18:14:01 GMT
                                content-type: application/javascript
                                access-control-allow-origin: *
                                cache-control: max-age=7776000, stale-while-revalidate=30, public
                                cf-bgj: minify
                                etag: W/"68925fa8e347041c6006837e73c518bc"
                                nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TINkMEojtzZo5%2BFQWsUFnxEZTAlgKQuQOGmod5xamnbfbFVE%2FJQ6kmKJKq7rz5FwvKnE0j9A5rYdypUjXLz1y4xD9RgE1y5Gc9B6BhPo8%2FkwgW6XYXMkr2YWAe2mPi6BedYOVVyJHIngSV3pxew0hzPw"}],"group":"cf-nel","max_age":604800}
                                vary: Accept-Encoding
                                referrer-policy: strict-origin-when-cross-origin
                                x-content-type-options: nosniff
                                cf-cache-status: HIT
                                age: 23695
                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                server: cloudflare
                                cf-ray: 894489964f379472-LHR
                                content-encoding: br
                                alt-svc: h3=":443"; ma=86400
                              • flag-us
                                GET
                                https://static.addtoany.com/menu/svg/icons/twitter.js
                                msedge.exe
                                Remote address:
                                172.67.39.148:443
                                Request
                                GET /menu/svg/icons/twitter.js HTTP/2.0
                                host: static.addtoany.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                origin: null
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                dnt: 1
                                accept: */*
                                sec-fetch-site: cross-site
                                sec-fetch-mode: cors
                                sec-fetch-dest: script
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                                Response
                                HTTP/2.0 200
                                date: Sat, 15 Jun 2024 18:14:01 GMT
                                content-type: application/javascript
                                access-control-allow-origin: *
                                cache-control: max-age=7776000, stale-while-revalidate=30, public
                                cf-bgj: minify
                                etag: W/"0aca4ea1e5f8f250126a8e0c597dd969"
                                nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mb%2FiHFmpViuz7Abb%2BFyvDWQjLCmGF5tU%2FVtuioTjEAk3R6D3iJuKCjahhclTWRVosy%2BjOJNKN1KMAqyx4XT70fSrV4pYRt3CXfZkEsTakfTwkniEFtj1ZrkldQ0cVMXm9n6XsVJy"}],"group":"cf-nel","max_age":604800}
                                vary: Accept-Encoding
                                referrer-policy: strict-origin-when-cross-origin
                                x-content-type-options: nosniff
                                cf-cache-status: HIT
                                age: 21384
                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                server: cloudflare
                                cf-ray: 894489964f3f9472-LHR
                                content-encoding: br
                                alt-svc: h3=":443"; ma=86400
                              • flag-us
                                GET
                                https://static.addtoany.com/menu/svg/icons/a2a.js
                                msedge.exe
                                Remote address:
                                172.67.39.148:443
                                Request
                                GET /menu/svg/icons/a2a.js HTTP/2.0
                                host: static.addtoany.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                origin: null
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                dnt: 1
                                accept: */*
                                sec-fetch-site: cross-site
                                sec-fetch-mode: cors
                                sec-fetch-dest: script
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                                Response
                                HTTP/2.0 200
                                date: Sat, 15 Jun 2024 18:14:01 GMT
                                content-type: application/javascript
                                access-control-allow-origin: *
                                cache-control: max-age=7776000, stale-while-revalidate=30, public
                                cf-bgj: minify
                                etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
                                nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SwAw9bdeDX4B5CfzzDU0v23nTn3DJWXxxtqyWrRCQhdt5TXUr1vw83XsjSNx2UdHk%2FdfXqNlzy8y91eNpRvRQ6wohAki%2Bt0VvIyooLN%2FqqAXvv%2BeTz1MwOmqbAGD2f8iRiyZRH9I"}],"group":"cf-nel","max_age":604800}
                                vary: Accept-Encoding
                                referrer-policy: strict-origin-when-cross-origin
                                x-content-type-options: nosniff
                                cf-cache-status: HIT
                                age: 2171
                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                server: cloudflare
                                cf-ray: 894489964f399472-LHR
                                content-encoding: br
                                alt-svc: h3=":443"; ma=86400
                              • flag-us
                                DNS
                                ssl.gstatic.com
                                msedge.exe
                                Remote address:
                                8.8.8.8:53
                                Request
                                ssl.gstatic.com
                                IN A
                                Response
                                ssl.gstatic.com
                                IN A
                                172.217.169.3
                              • flag-gb
                                GET
                                https://ssl.gstatic.com/accounts/o/544727282-postmessagerelay.js
                                msedge.exe
                                Remote address:
                                172.217.169.3:443
                                Request
                                GET /accounts/o/544727282-postmessagerelay.js HTTP/2.0
                                host: ssl.gstatic.com
                                sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                dnt: 1
                                sec-ch-ua-mobile: ?0
                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                accept: */*
                                sec-fetch-site: cross-site
                                sec-fetch-mode: no-cors
                                sec-fetch-dest: script
                                referer: https://accounts.google.com/
                                accept-encoding: gzip, deflate, br
                                accept-language: en-US,en;q=0.9
                              • flag-us
                                DNS
                                14.213.58.216.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                14.213.58.216.in-addr.arpa
                                IN PTR
                                Response
                                14.213.58.216.in-addr.arpa
                                IN PTR
                                ber01s14-in-f141e100net
                                14.213.58.216.in-addr.arpa
                                IN PTR
                                lhr25s25-in-f14�H
                              • flag-us
                                DNS
                                148.39.67.172.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                148.39.67.172.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                110.201.58.216.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                110.201.58.216.in-addr.arpa
                                IN PTR
                                Response
                                110.201.58.216.in-addr.arpa
                                IN PTR
                                prg03s02-in-f141e100net
                                110.201.58.216.in-addr.arpa
                                IN PTR
                                lhr48s48-in-f14�I
                                110.201.58.216.in-addr.arpa
                                IN PTR
                                prg03s02-in-f110�I
                              • flag-us
                                DNS
                                184.77.117.104.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                184.77.117.104.in-addr.arpa
                                IN PTR
                                Response
                                184.77.117.104.in-addr.arpa
                                IN PTR
                                a104-117-77-184deploystaticakamaitechnologiescom
                              • flag-us
                                DNS
                                84.27.250.142.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                84.27.250.142.in-addr.arpa
                                IN PTR
                                Response
                                84.27.250.142.in-addr.arpa
                                IN PTR
                                ra-in-f841e100net
                              • flag-us
                                DNS
                                3.169.217.172.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                3.169.217.172.in-addr.arpa
                                IN PTR
                                Response
                                3.169.217.172.in-addr.arpa
                                IN PTR
                                lhr25s26-in-f31e100net
                              • flag-us
                                DNS
                                15.164.165.52.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                15.164.165.52.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                157.123.68.40.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                157.123.68.40.in-addr.arpa
                                IN PTR
                                Response
                              • flag-us
                                DNS
                                35.15.31.184.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                35.15.31.184.in-addr.arpa
                                IN PTR
                                Response
                                35.15.31.184.in-addr.arpa
                                IN PTR
                                a184-31-15-35deploystaticakamaitechnologiescom
                              • flag-us
                                DNS
                                172.214.232.199.in-addr.arpa
                                Remote address:
                                8.8.8.8:53
                                Request
                                172.214.232.199.in-addr.arpa
                                IN PTR
                                Response
                              • 142.250.187.202:445
                                fonts.googleapis.com
                                260 B
                                 5
                              • 185.130.44.165:80
                                http://google-statik.pw/mainer/myscr109881.js
                                http
                                msedge.exe
                                548 B
                                 667 B
                                 5
                                4

                                HTTP Request

                                GET http://google-statik.pw/mainer/myscr109881.js

                                HTTP Response

                                404
                              • 104.18.11.207:443
                                https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css?ver=5.0.8
                                tls, http2
                                msedge.exe
                                1.8kB
                                 10.8kB
                                 16
                                20

                                HTTP Request

                                GET https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css?ver=5.0.8

                                HTTP Response

                                200
                              • 46.28.2.29:443
                                https://nibirumail.com/docs/scripts/nibirumail.cookie.min.js?ver=0.9
                                tls, http
                                msedge.exe
                                1.7kB
                                 8.1kB
                                 12
                                13

                                HTTP Request

                                GET https://nibirumail.com/docs/scripts/nibirumail.cookie.min.js?ver=0.9

                                HTTP Response

                                200
                              • 142.250.200.14:443
                                https://apis.google.com/u/0/_/widget/render/page?usegapi=1&width=300&href=https%3A%2F%2Fplus.google.com%2Fb%2F116508173172942963955%2F116508173172942963955&layout=portrait&theme=light&rel=publisher&showtagline=false&showcoverphoto=false&origin=file%3A%2F%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
                                tls, http2
                                msedge.exe
                                6.5kB
                                 126.0kB
                                 99
                                104

                                HTTP Request

                                GET https://apis.google.com/js/platform.js

                                HTTP Request

                                GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=page/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_0?le=scs

                                HTTP Request

                                GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6jI6mC1Equ4.O/m=auth/exm=page/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ/cb=gapi.loaded_1?le=scs

                                HTTP Request

                                GET https://apis.google.com/u/0/_/widget/render/page?usegapi=1&width=300&href=https%3A%2F%2Fplus.google.com%2Fb%2F116508173172942963955%2F116508173172942963955&layout=portrait&theme=light&rel=publisher&showtagline=false&showcoverphoto=false&origin=file%3A%2F%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
                              • 142.250.187.202:139
                                fonts.googleapis.com
                                260 B
                                 5
                              • 13.107.21.237:443
                                https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8NvNZEaigH140zI8rodsQATVUCUyJ-E0e0JKpHQts8_3Rhj3m70D2UC4A7clLCimJcyf8EnGpQO0b4VhpwD9SZFIi5BFJHQhFyFH5Rbpu9u1Qso5bu3PeAhjkOu_zyEgNNTndzelgi7wu2Zk0pMsx0-Ry7QjOyYRvF5DYO6P30RiXOhhx%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZndvcmQlM2ZvY2lkJTNkY21taWV5YnVyNGM%26rlid%3D9796fe2c77431487075a9844d4dbdc5e&TIME=20240611T192127Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321&muid=C1FAC51E94ABDC02D5235673D6AE25E6
                                tls, http2
                                2.5kB
                                 9.0kB
                                 19
                                17

                                HTTP Request

                                GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8NvNZEaigH140zI8rodsQATVUCUyJ-E0e0JKpHQts8_3Rhj3m70D2UC4A7clLCimJcyf8EnGpQO0b4VhpwD9SZFIi5BFJHQhFyFH5Rbpu9u1Qso5bu3PeAhjkOu_zyEgNNTndzelgi7wu2Zk0pMsx0-Ry7QjOyYRvF5DYO6P30RiXOhhx%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZndvcmQlM2ZvY2lkJTNkY21taWV5YnVyNGM%26rlid%3D9796fe2c77431487075a9844d4dbdc5e&TIME=20240611T192127Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321&muid=C1FAC51E94ABDC02D5235673D6AE25E6

                                HTTP Response

                                204

                                HTTP Request

                                GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8NvNZEaigH140zI8rodsQATVUCUyJ-E0e0JKpHQts8_3Rhj3m70D2UC4A7clLCimJcyf8EnGpQO0b4VhpwD9SZFIi5BFJHQhFyFH5Rbpu9u1Qso5bu3PeAhjkOu_zyEgNNTndzelgi7wu2Zk0pMsx0-Ry7QjOyYRvF5DYO6P30RiXOhhx%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZndvcmQlM2ZvY2lkJTNkY21taWV5YnVyNGM%26rlid%3D9796fe2c77431487075a9844d4dbdc5e&TIME=20240611T192127Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321&muid=C1FAC51E94ABDC02D5235673D6AE25E6

                                HTTP Response

                                204
                              • 23.41.178.98:443
                                https://www.bing.com/aes/c.gif?RG=214e741399424ad6af50d1621f64ebd5&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T192127Z&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321
                                tls, http2
                                1.5kB
                                 5.4kB
                                 17
                                12

                                HTTP Request

                                GET https://www.bing.com/aes/c.gif?RG=214e741399424ad6af50d1621f64ebd5&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T192127Z&adUnitId=11730597&localId=w:C1FAC51E-94AB-DC02-D523-5673D6AE25E6&deviceId=6896198597095321

                                HTTP Response

                                200
                              • 172.67.39.148:443
                                https://static.addtoany.com/menu/sm.25.html
                                tls, http2
                                msedge.exe
                                3.1kB
                                 8.1kB
                                 19
                                17

                                HTTP Request

                                GET https://static.addtoany.com/menu/page.js

                                HTTP Response

                                200

                                HTTP Request

                                GET https://static.addtoany.com/menu/sm.25.html

                                HTTP Response

                                200
                              • 104.18.11.207:443
                                https://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3
                                tls, http2
                                msedge.exe
                                3.2kB
                                 52.6kB
                                 45
                                48

                                HTTP Request

                                GET https://netdna.bootstrapcdn.com/font-awesome/4.0.3/fonts/fontawesome-webfont.woff?v=4.0.3

                                HTTP Response

                                200
                              • 216.58.201.110:80
                                http://developers.google.com/
                                http
                                msedge.exe
                                729 B
                                 475 B
                                 6
                                5

                                HTTP Request

                                GET http://developers.google.com/

                                HTTP Response

                                301
                              • 104.117.77.184:80
                                http://apps.identrust.com/roots/dstrootcax3.p7c
                                http
                                msedge.exe
                                416 B
                                 1.6kB
                                 6
                                5

                                HTTP Request

                                GET http://apps.identrust.com/roots/dstrootcax3.p7c

                                HTTP Response

                                200
                              • 142.250.27.84:443
                                https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
                                tls, http2
                                msedge.exe
                                2.0kB
                                 7.5kB
                                 14
                                17

                                HTTP Request

                                GET https://accounts.google.com/o/oauth2/postmessageRelay?parent=file%3A%2F%2F&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.6jI6mC1Equ4.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo-79kMK-M6Si-J0E_6fI_9RBHBrwQ%2Fm%3D__features__
                              • 216.58.201.110:443
                                https://developers.google.com/
                                tls, http2
                                msedge.exe
                                2.5kB
                                 43.5kB
                                 29
                                42

                                HTTP Request

                                GET https://developers.google.com/
                              • 172.67.39.148:443
                                https://static.addtoany.com/menu/svg/icons/a2a.js
                                tls, http2
                                msedge.exe
                                4.1kB
                                 35.2kB
                                 40
                                46

                                HTTP Request

                                GET https://static.addtoany.com/menu/modules/core.BRQnzO8v.js

                                HTTP Response

                                200

                                HTTP Request

                                GET https://static.addtoany.com/menu/svg/icons/facebook.js

                                HTTP Request

                                GET https://static.addtoany.com/menu/svg/icons/twitter.js

                                HTTP Request

                                GET https://static.addtoany.com/menu/svg/icons/a2a.js

                                HTTP Response

                                200

                                HTTP Response

                                200

                                HTTP Response

                                200
                              • 172.217.169.3:443
                                https://ssl.gstatic.com/accounts/o/544727282-postmessagerelay.js
                                tls, http2
                                msedge.exe
                                1.9kB
                                 11.8kB
                                 18
                                19

                                HTTP Request

                                GET https://ssl.gstatic.com/accounts/o/544727282-postmessagerelay.js
                              • 8.8.8.8:53
                                serraturecassefortigraziano.it
                                dns
                                msedge.exe
                                76 B
                                 131 B
                                 1
                                1

                                DNS Request

                                serraturecassefortigraziano.it

                              • 8.8.8.8:53
                                google-statik.pw
                                dns
                                msedge.exe
                                62 B
                                 78 B
                                 1
                                1

                                DNS Request

                                google-statik.pw

                                DNS Response

                                185.130.44.165

                              • 8.8.8.8:53
                                netdna.bootstrapcdn.com
                                dns
                                msedge.exe
                                69 B
                                 101 B
                                 1
                                1

                                DNS Request

                                netdna.bootstrapcdn.com

                                DNS Response

                                104.18.11.207
                                104.18.10.207

                              • 8.8.8.8:53
                                nibirumail.com
                                dns
                                msedge.exe
                                60 B
                                 76 B
                                 1
                                1

                                DNS Request

                                nibirumail.com

                                DNS Response

                                46.28.2.29

                              • 8.8.8.8:53
                                s.w.org
                                dns
                                msedge.exe
                                53 B
                                 69 B
                                 1
                                1

                                DNS Request

                                s.w.org

                                DNS Response

                                192.0.77.48

                              • 8.8.8.8:53
                                www.idraulico-riccione.it
                                dns
                                msedge.exe
                                71 B
                                 126 B
                                 1
                                1

                                DNS Request

                                www.idraulico-riccione.it

                              • 8.8.8.8:53
                                apis.google.com
                                dns
                                msedge.exe
                                61 B
                                 98 B
                                 1
                                1

                                DNS Request

                                apis.google.com

                                DNS Response

                                142.250.200.14

                              • 8.8.8.8:53
                                8.8.8.8.in-addr.arpa
                                dns
                                66 B
                                 90 B
                                 1
                                1

                                DNS Request

                                8.8.8.8.in-addr.arpa

                              • 8.8.8.8:53
                                207.11.18.104.in-addr.arpa
                                dns
                                72 B
                                 134 B
                                 1
                                1

                                DNS Request

                                207.11.18.104.in-addr.arpa

                              • 8.8.8.8:53
                                165.44.130.185.in-addr.arpa
                                dns
                                73 B
                                 118 B
                                 1
                                1

                                DNS Request

                                165.44.130.185.in-addr.arpa

                              • 8.8.8.8:53
                                249.197.17.2.in-addr.arpa
                                dns
                                71 B
                                 135 B
                                 1
                                1

                                DNS Request

                                249.197.17.2.in-addr.arpa

                              • 8.8.8.8:53
                                29.2.28.46.in-addr.arpa
                                dns
                                69 B
                                 116 B
                                 1
                                1

                                DNS Request

                                29.2.28.46.in-addr.arpa

                              • 8.8.8.8:53
                                14.200.250.142.in-addr.arpa
                                dns
                                73 B
                                 112 B
                                 1
                                1

                                DNS Request

                                14.200.250.142.in-addr.arpa

                              • 8.8.8.8:53
                                g.bing.com
                                dns
                                56 B
                                 151 B
                                 1
                                1

                                DNS Request

                                g.bing.com

                                DNS Response

                                13.107.21.237
                                204.79.197.237

                              • 8.8.8.8:53
                                98.178.41.23.in-addr.arpa
                                dns
                                71 B
                                 135 B
                                 1
                                1

                                DNS Request

                                98.178.41.23.in-addr.arpa

                              • 224.0.0.251:5353
                                msedge.exe
                                570 B
                                 9
                              • 8.8.8.8:53
                                static.addtoany.com
                                dns
                                msedge.exe
                                65 B
                                 113 B
                                 1
                                1

                                DNS Request

                                static.addtoany.com

                                DNS Response

                                172.67.39.148
                                104.22.71.197
                                104.22.70.197

                              • 8.8.8.8:53
                                serraturecassefortigraziano.it
                                dns
                                msedge.exe
                                76 B
                                 131 B
                                 1
                                1

                                DNS Request

                                serraturecassefortigraziano.it

                              • 142.250.200.14:443
                                apis.google.com
                                https
                                msedge.exe
                                4.8kB
                                 39.6kB
                                 26
                                36
                              • 8.8.8.8:53
                                developers.google.com
                                dns
                                msedge.exe
                                67 B
                                 83 B
                                 1
                                1

                                DNS Request

                                developers.google.com

                                DNS Response

                                216.58.201.110

                              • 8.8.8.8:53
                                apps.identrust.com
                                dns
                                msedge.exe
                                64 B
                                 165 B
                                 1
                                1

                                DNS Request

                                apps.identrust.com

                                DNS Response

                                104.117.77.184
                                104.117.77.187

                              • 8.8.8.8:53
                                accounts.google.com
                                dns
                                msedge.exe
                                65 B
                                 81 B
                                 1
                                1

                                DNS Request

                                accounts.google.com

                                DNS Response

                                142.250.27.84

                              • 8.8.8.8:53
                                ssl.gstatic.com
                                dns
                                msedge.exe
                                61 B
                                 77 B
                                 1
                                1

                                DNS Request

                                ssl.gstatic.com

                                DNS Response

                                172.217.169.3

                              • 8.8.8.8:53
                                14.213.58.216.in-addr.arpa
                                dns
                                72 B
                                 141 B
                                 1
                                1

                                DNS Request

                                14.213.58.216.in-addr.arpa

                              • 8.8.8.8:53
                                148.39.67.172.in-addr.arpa
                                dns
                                72 B
                                 134 B
                                 1
                                1

                                DNS Request

                                148.39.67.172.in-addr.arpa

                              • 8.8.8.8:53
                                110.201.58.216.in-addr.arpa
                                dns
                                73 B
                                 173 B
                                 1
                                1

                                DNS Request

                                110.201.58.216.in-addr.arpa

                              • 8.8.8.8:53
                                184.77.117.104.in-addr.arpa
                                dns
                                73 B
                                 139 B
                                 1
                                1

                                DNS Request

                                184.77.117.104.in-addr.arpa

                              • 8.8.8.8:53
                                84.27.250.142.in-addr.arpa
                                dns
                                72 B
                                 105 B
                                 1
                                1

                                DNS Request

                                84.27.250.142.in-addr.arpa

                              • 8.8.8.8:53
                                3.169.217.172.in-addr.arpa
                                dns
                                72 B
                                 110 B
                                 1
                                1

                                DNS Request

                                3.169.217.172.in-addr.arpa

                              • 8.8.8.8:53
                                15.164.165.52.in-addr.arpa
                                dns
                                72 B
                                 146 B
                                 1
                                1

                                DNS Request

                                15.164.165.52.in-addr.arpa

                              • 8.8.8.8:53
                                157.123.68.40.in-addr.arpa
                                dns
                                72 B
                                 146 B
                                 1
                                1

                                DNS Request

                                157.123.68.40.in-addr.arpa

                              • 8.8.8.8:53
                                35.15.31.184.in-addr.arpa
                                dns
                                71 B
                                 135 B
                                 1
                                1

                                DNS Request

                                35.15.31.184.in-addr.arpa

                              • 8.8.8.8:53
                                172.214.232.199.in-addr.arpa
                                dns
                                74 B
                                 128 B
                                 1
                                1

                                DNS Request

                                172.214.232.199.in-addr.arpa

                              • 142.250.27.84:443
                                accounts.google.com
                                https
                                msedge.exe
                                2.5kB
                                 8.5kB
                                 9
                                12
                              • 142.250.27.84:443
                                accounts.google.com
                                https
                                msedge.exe
                                2.5kB
                                 3.7kB
                                 9
                                10
                              • 8.8.8.8:53

                              MITRE ATT&CK Enterprise v15

                              Replay Monitor

                              Loading Replay Monitor...

                              Downloads

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                Filesize

                                152B

                                MD5

                                dabfafd78687947a9de64dd5b776d25f

                                SHA1

                                16084c74980dbad713f9d332091985808b436dea

                                SHA256

                                c7658f407cbe799282ef202e78319e489ed4e48e23f6d056b505bc0d73e34201

                                SHA512

                                dae1de5245cd9b72117c430250aa2029eb8df1b85dc414ac50152d8eba4d100bcf0320ac18446f865dc96949f8b06a5b9e7a0c84f9c1b0eada318e80f99f9d2b

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                Filesize

                                152B

                                MD5

                                c39b3aa574c0c938c80eb263bb450311

                                SHA1

                                f4d11275b63f4f906be7a55ec6ca050c62c18c88

                                SHA256

                                66f8d413a30451055d4b6fa40e007197a4bb93a66a28ca4112967ec417ffab6c

                                SHA512

                                eeca2e21cd4d66835beb9812e26344c8695584253af397b06f378536ca797c3906a670ed239631729c96ebb93acfb16327cf58d517e83fb8923881c5fdb6d232

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
                                Filesize

                                23KB

                                MD5

                                e1c71f7c04be834f5587230db2ad24b3

                                SHA1

                                f3bab9cb99d9f343bf7ed3981aaa7450515d2424

                                SHA256

                                9fb6c768068467b58cc773a3907f3f5ec170bfe02ca8f301f6a232a9daf5a899

                                SHA512

                                205366b4a3ca0dae58722a19ba24088dd8db483db9d14b376434024b064715ade720347ff5de87db014e32d2ef8192e71bbbdd3c885d5a8581b4aafc6e88ce51

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                Filesize

                                144B

                                MD5

                                bbf9a21c33ded078bf17eafb5cb631a5

                                SHA1

                                fa1a55d46cfd361669f1c88655a4d76215a5a7e9

                                SHA256

                                dbd30b908ac62b343597537d5315dc700dabafd90dacca93fd484172a54d432a

                                SHA512

                                00b15358fa3d4c32c3fe6838efbf4123ac4f262f290bbdadcb9e53fb1893dd7815d0cb79149a9fff937061b354adf2cb22101543d5c0e315b5969b06b1b50e44

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                Filesize

                                120B

                                MD5

                                00201ee317531a45587bccea20e2862f

                                SHA1

                                73284711dbf981840ffb48160c455d5b2c163c86

                                SHA256

                                2ddd8cb726bf4ba9f05e9025790a72b12de3ad57637378bc0450d6d1d47dac8b

                                SHA512

                                22b18345313310612bfee4aa92adf322c2a81dde0cce344a1aea73e583b3bb29e6cc7d27a537a6abe40b6cad1e6589dceee97d2185e3cc45f8da3380834c1fb8

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                Filesize

                                1KB

                                MD5

                                0e1e5c3cad8142438eb0ad1f67707578

                                SHA1

                                bb8dd0d5fa01eb8aa31feb4b19c560e5a8d2b57f

                                SHA256

                                48571c45b9786242d26468058bef37877b5d9dd9ff5a7fa60e12add64910bafc

                                SHA512

                                35417642e43a5dc5551af552f662c3ff87105e1989ca262cbdeabe1af2842444e052bafddef9a421af372e87330693604eed09c938a0390b57d3c105e4d38e43

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                Filesize

                                6KB

                                MD5

                                bd9855288ad6143fdcb150753e560120

                                SHA1

                                6ecdb56bf6deb0dedad0e510813d3bb9f0291d5e

                                SHA256

                                0bcf871935ef548b9f91f018ed94630594bae081ebd28b5d716ae7574e98d270

                                SHA512

                                0896993f06e5f984a0dd029c759e7ebc200bf77c212cc3631ad135df3d466b842dbadabd0469f19458bdd0705e89c8b06f16fe488e44c5cb5786dc8f039cfdbf

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                Filesize

                                6KB

                                MD5

                                48b3080ebc3a62c4fc29cbf6179d2a60

                                SHA1

                                614a3eb7602052f2b28909cf3c96cb53629909e6

                                SHA256

                                e39b0ac5110130c590be85f38ec2f6e6019339f5efd53e8f1bc93b3ec57fa032

                                SHA512

                                7b5087b2ffe1e84394cde96e5c76678fa9adef9a3d5db78cbe8e861aca5aa45e82b918a1f4345fd4cc86b28850ec68cd3ba00ff6c15e40b5c2a446b96b9b0a7a

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                Filesize

                                7KB

                                MD5

                                e27b4c5b7e1a2c2590d49d4001815f99

                                SHA1

                                693b5e031f648e3d5bf605e99d5cadfaf9c1af62

                                SHA256

                                4387b400a8232ba1793ec36584cf6226bff4a45b589d35f7d1e7b71de5c19806

                                SHA512

                                234a57226bbcbe3b0573bcfd45716fae8d29eb7d768b3eaf5de36db28fc9dbb891df588d6ccc1c71fb837b5d39be146566fc9c93d6999ad300e8c9fbf5a77992

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                Filesize

                                7KB

                                MD5

                                f2c5779e049c6f4d678cee11f2074434

                                SHA1

                                182c616134d7bde1867110dadf62e9bc2deade73

                                SHA256

                                5fa3f899b80699484d4938dc6aaee967a8f476ab6210efc9ffd944b576f4e79e

                                SHA512

                                471ccdbd8744cf7aa297e28afde9ee69f7422bba5257265b03a38b7b07c43944d4bdd7410c3430c4dab93be6c07879de6c2fb5821d7591f4a1d02a67cd71406e

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
                                Filesize

                                704B

                                MD5

                                f492b77b8eacf33ab2c51747d7f124de

                                SHA1

                                7f37ff57f114ca350cd61f32e352d7b5cfdb8d2e

                                SHA256

                                6e17a39e8b9506954183e02a1687970c1f95c747ea5871b7a1993cf2134ff6cf

                                SHA512

                                80c1da140ff3e22accd81e5bb8374c51216259be9d9d256810b1548444d9128c407daf02505218d3e2175881a228367cecf1b05595489dda1ea2e674e6e2a663

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57b4c9.TMP
                                Filesize

                                203B

                                MD5

                                2b42466fffa7165a6e514d5779ec069b

                                SHA1

                                372c16ddc10b0d2be445c0b0fcaff73a68ebb87d

                                SHA256

                                827d75fe0819f7904d38bef2da2116502aac99700f3cbfa89aa91fc184839519

                                SHA512

                                584f1a93d92b44791c3b39469ea75501526a4e3224aa66e11da95416b402c4e66e491e531c514f9aeaacad207ffe028a414a277816e55e8f521660955dd752f6

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                Filesize

                                16B

                                MD5

                                6752a1d65b201c13b62ea44016eb221f

                                SHA1

                                58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                SHA256

                                0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                SHA512

                                9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                Download Submit

                              • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                Filesize

                                11KB

                                MD5

                                12806372d680311ab035b394f328d9ca

                                SHA1

                                3a3181e0970f186415f7dd25ef8030f68e212a62

                                SHA256

                                3be90643802927231ef9a9250401eb0ca9d840128cee16bcebb47975e4812aa5

                                SHA512

                                28a393f2517ee320ad7ffef7de33a183bf39c914e882e499052bc224c69616561f8e09d2878b9604b54152d332a8a967c9fcd3babff06b0f8d1ed4fe450d704d

                                Download Submit

                              We care about your privacy.

                              This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.