Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

d5d2d3ad1b...8.html

windows7-x64

3

d5d2d3ad1b...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/09/2024, 06:56 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d5d2d3ad1b2e58b1ef99878df5dfbfd6_JaffaCakes118.html

  • Size

    175KB

  • MD5

    d5d2d3ad1b2e58b1ef99878df5dfbfd6

  • SHA1

    c1ace5531d85f02ff87186e5b3aa0e6033761574

  • SHA256

    a8219fbfc2da2a1700365775ab280df26c588d8e5e2fee364ef33055385e2944

  • SHA512

    cd9a9b4423e7a214c203fc82069f1d5920bdccaf67c5cda6768c8f789ab439591bbff531f3a5805acd8658d61697cbf6d8768a07d58ffdf3c21dad1d952cfcaf

  • SSDEEP

    1536:Sqt58gd8Wu8pI8Cd8hd8dQgbH//WoS3aGNkFvYfBCJiZq+aeTH+WK/Lf1/hpnVSV:SHCT3a/FOBCJiJB

Score
3/10
discovery

Malware Config

Signatures

  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\d5d2d3ad1b2e58b1ef99878df5dfbfd6_JaffaCakes118.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:2104
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd956346f8,0x7ffd95634708,0x7ffd95634718
      2⤵
        PID:2132
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,6456296880202346273,13515639470189089716,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2092 /prefetch:2
        2⤵
          PID:2928
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2072,6456296880202346273,13515639470189089716,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:2360
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2072,6456296880202346273,13515639470189089716,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2916 /prefetch:8
          2⤵
            PID:904
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6456296880202346273,13515639470189089716,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3240 /prefetch:1
            2⤵
              PID:4532
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6456296880202346273,13515639470189089716,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
              2⤵
                PID:4424
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6456296880202346273,13515639470189089716,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1
                2⤵
                  PID:4620
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6456296880202346273,13515639470189089716,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4884 /prefetch:1
                  2⤵
                    PID:3652
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6456296880202346273,13515639470189089716,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1
                    2⤵
                      PID:1520
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6456296880202346273,13515639470189089716,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4040 /prefetch:1
                      2⤵
                        PID:2632
                      • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,6456296880202346273,13515639470189089716,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4772 /prefetch:8
                        2⤵
                          PID:4592
                        • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2072,6456296880202346273,13515639470189089716,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4772 /prefetch:8
                          2⤵
                          • Suspicious behavior: EnumeratesProcesses
                          PID:4644
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6456296880202346273,13515639470189089716,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4764 /prefetch:1
                          2⤵
                            PID:3776
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6456296880202346273,13515639470189089716,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4860 /prefetch:1
                            2⤵
                              PID:4920
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6456296880202346273,13515639470189089716,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5996 /prefetch:1
                              2⤵
                                PID:716
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2072,6456296880202346273,13515639470189089716,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4224 /prefetch:1
                                2⤵
                                  PID:3444
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2072,6456296880202346273,13515639470189089716,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5960 /prefetch:2
                                  2⤵
                                  • Suspicious behavior: EnumeratesProcesses
                                  PID:3956
                              • C:\Windows\System32\CompPkgSrv.exe
                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                1⤵
                                  PID:4508
                                • C:\Windows\System32\CompPkgSrv.exe
                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                  1⤵
                                    PID:5116
                                  • C:\Windows\System32\CompPkgSrv.exe
                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                    1⤵
                                      PID:536

                                    Network

                                    • flag-us
                                      DNS
                                      8.8.8.8.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      8.8.8.8.in-addr.arpa
                                      IN PTR
                                      Response
                                      8.8.8.8.in-addr.arpa
                                      IN PTR
                                      dnsgoogle
                                    • flag-us
                                      DNS
                                      241.150.49.20.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      241.150.49.20.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      www.konthaiusa.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      www.konthaiusa.com
                                      IN A
                                      Response
                                    • flag-gb
                                      GET
                                      http://fonts.googleapis.com/css?family=Arial
                                      msedge.exe
                                      Remote address:
                                      142.250.180.10:80
                                      Request
                                      GET /css?family=Arial HTTP/1.1
                                      Host: fonts.googleapis.com
                                      Connection: keep-alive
                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      DNT: 1
                                      Accept: text/css,*/*;q=0.1
                                      Accept-Encoding: gzip, deflate
                                      Accept-Language: en-US,en;q=0.9
                                      Response
                                      HTTP/1.1 400 Bad Request
                                      Content-Type: text/html; charset=utf-8
                                      Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                      Pragma: no-cache
                                      Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                      Date: Mon, 09 Sep 2024 06:56:25 GMT
                                      Cross-Origin-Opener-Policy: same-origin-allow-popups
                                      Cross-Origin-Resource-Policy: cross-origin
                                      Content-Encoding: gzip
                                      Transfer-Encoding: chunked
                                      Server: ESF
                                      X-XSS-Protection: 0
                                      X-Frame-Options: SAMEORIGIN
                                      X-Content-Type-Options: nosniff
                                    • flag-us
                                      DNS
                                      www.youtube.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      www.youtube.com
                                      IN A
                                      Response
                                      www.youtube.com
                                      IN CNAME
                                      youtube-ui.l.google.com
                                      youtube-ui.l.google.com
                                      IN A
                                      172.217.169.46
                                      youtube-ui.l.google.com
                                      IN A
                                      142.250.187.206
                                      youtube-ui.l.google.com
                                      IN A
                                      216.58.212.238
                                      youtube-ui.l.google.com
                                      IN A
                                      142.250.178.14
                                      youtube-ui.l.google.com
                                      IN A
                                      216.58.201.110
                                      youtube-ui.l.google.com
                                      IN A
                                      142.250.187.238
                                      youtube-ui.l.google.com
                                      IN A
                                      216.58.213.14
                                      youtube-ui.l.google.com
                                      IN A
                                      142.250.200.14
                                      youtube-ui.l.google.com
                                      IN A
                                      216.58.204.78
                                      youtube-ui.l.google.com
                                      IN A
                                      172.217.169.14
                                      youtube-ui.l.google.com
                                      IN A
                                      142.250.200.46
                                      youtube-ui.l.google.com
                                      IN A
                                      142.250.180.14
                                      youtube-ui.l.google.com
                                      IN A
                                      142.250.179.238
                                      youtube-ui.l.google.com
                                      IN A
                                      216.58.212.206
                                      youtube-ui.l.google.com
                                      IN A
                                      172.217.16.238
                                      youtube-ui.l.google.com
                                      IN A
                                      172.217.169.78
                                    • flag-us
                                      DNS
                                      www.facebook.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      www.facebook.com
                                      IN A
                                      Response
                                      www.facebook.com
                                      IN CNAME
                                      star-mini.c10r.facebook.com
                                      star-mini.c10r.facebook.com
                                      IN A
                                      163.70.151.35
                                    • flag-gb
                                      GET
                                      http://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
                                      msedge.exe
                                      Remote address:
                                      172.217.169.46:80
                                      Request
                                      GET /embed/evMR3wn1LGk?wmode=Opaque HTTP/1.1
                                      Host: www.youtube.com
                                      Connection: keep-alive
                                      Upgrade-Insecure-Requests: 1
                                      DNT: 1
                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      Accept-Encoding: gzip, deflate
                                      Accept-Language: en-US,en;q=0.9
                                      Response
                                      HTTP/1.1 301 Moved Permanently
                                      Content-Type: application/binary
                                      X-Content-Type-Options: nosniff
                                      Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                      Pragma: no-cache
                                      Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                      Date: Mon, 09 Sep 2024 06:56:25 GMT
                                      Location: https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
                                      Server: ESF
                                      Content-Length: 0
                                      X-XSS-Protection: 0
                                      X-Frame-Options: SAMEORIGIN
                                    • flag-gb
                                      GET
                                      http://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
                                      msedge.exe
                                      Remote address:
                                      172.217.169.46:80
                                      Request
                                      GET /embed/ygK7kej0BPA?wmode=Opaque HTTP/1.1
                                      Host: www.youtube.com
                                      Connection: keep-alive
                                      Upgrade-Insecure-Requests: 1
                                      DNT: 1
                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      Accept-Encoding: gzip, deflate
                                      Accept-Language: en-US,en;q=0.9
                                      Response
                                      HTTP/1.1 301 Moved Permanently
                                      Content-Type: application/binary
                                      X-Content-Type-Options: nosniff
                                      Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                      Pragma: no-cache
                                      Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                      Date: Mon, 09 Sep 2024 06:56:25 GMT
                                      Location: https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
                                      Server: ESF
                                      Content-Length: 0
                                      X-XSS-Protection: 0
                                      X-Frame-Options: SAMEORIGIN
                                    • flag-gb
                                      GET
                                      http://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
                                      msedge.exe
                                      Remote address:
                                      163.70.151.35:80
                                      Request
                                      GET /plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75 HTTP/1.1
                                      Host: www.facebook.com
                                      Connection: keep-alive
                                      Upgrade-Insecure-Requests: 1
                                      DNT: 1
                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      Accept-Encoding: gzip, deflate
                                      Accept-Language: en-US,en;q=0.9
                                      Response
                                      HTTP/1.1 301 Moved Permanently
                                      Location: https://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
                                      Content-Type: text/plain
                                      Server: proxygen-bolt
                                      Date: Mon, 09 Sep 2024 06:56:25 GMT
                                      Connection: keep-alive
                                      Content-Length: 0
                                    • flag-gb
                                      GET
                                      http://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
                                      msedge.exe
                                      Remote address:
                                      172.217.169.46:80
                                      Request
                                      GET /embed/ywSeSlVcY4w?wmode=Opaque HTTP/1.1
                                      Host: www.youtube.com
                                      Connection: keep-alive
                                      Upgrade-Insecure-Requests: 1
                                      DNT: 1
                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      Accept-Encoding: gzip, deflate
                                      Accept-Language: en-US,en;q=0.9
                                      Response
                                      HTTP/1.1 301 Moved Permanently
                                      Content-Type: application/binary
                                      X-Content-Type-Options: nosniff
                                      Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                      Pragma: no-cache
                                      Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                      Date: Mon, 09 Sep 2024 06:56:25 GMT
                                      Location: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
                                      Server: ESF
                                      Content-Length: 0
                                      X-XSS-Protection: 0
                                      X-Frame-Options: SAMEORIGIN
                                    • flag-gb
                                      GET
                                      http://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
                                      msedge.exe
                                      Remote address:
                                      172.217.169.46:80
                                      Request
                                      GET /embed/gS2GhpTPLvQ?wmode=Opaque HTTP/1.1
                                      Host: www.youtube.com
                                      Connection: keep-alive
                                      Upgrade-Insecure-Requests: 1
                                      DNT: 1
                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      Accept-Encoding: gzip, deflate
                                      Accept-Language: en-US,en;q=0.9
                                      Response
                                      HTTP/1.1 301 Moved Permanently
                                      Content-Type: application/binary
                                      X-Content-Type-Options: nosniff
                                      Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                      Pragma: no-cache
                                      Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                      Date: Mon, 09 Sep 2024 06:56:25 GMT
                                      Location: https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
                                      Server: ESF
                                      Content-Length: 0
                                      X-XSS-Protection: 0
                                      X-Frame-Options: SAMEORIGIN
                                    • flag-gb
                                      GET
                                      http://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
                                      msedge.exe
                                      Remote address:
                                      172.217.169.46:80
                                      Request
                                      GET /embed/QMECDnECjJM?wmode=Opaque HTTP/1.1
                                      Host: www.youtube.com
                                      Connection: keep-alive
                                      Upgrade-Insecure-Requests: 1
                                      DNT: 1
                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      Accept-Encoding: gzip, deflate
                                      Accept-Language: en-US,en;q=0.9
                                      Response
                                      HTTP/1.1 301 Moved Permanently
                                      Content-Type: application/binary
                                      X-Content-Type-Options: nosniff
                                      Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                      Pragma: no-cache
                                      Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                      Date: Mon, 09 Sep 2024 06:56:25 GMT
                                      Location: https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
                                      Server: ESF
                                      Content-Length: 0
                                      X-XSS-Protection: 0
                                      X-Frame-Options: SAMEORIGIN
                                    • flag-gb
                                      GET
                                      https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque
                                      msedge.exe
                                      Remote address:
                                      172.217.169.46:443
                                      Request
                                      GET /embed/evMR3wn1LGk?wmode=Opaque HTTP/2.0
                                      host: www.youtube.com
                                      upgrade-insecure-requests: 1
                                      dnt: 1
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: navigate
                                      sec-fetch-dest: iframe
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      sec-ch-ua-mobile: ?0
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      GET
                                      https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
                                      msedge.exe
                                      Remote address:
                                      172.217.169.46:443
                                      Request
                                      GET /embed/ygK7kej0BPA?wmode=Opaque HTTP/2.0
                                      host: www.youtube.com
                                      upgrade-insecure-requests: 1
                                      dnt: 1
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: navigate
                                      sec-fetch-dest: iframe
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      sec-ch-ua-mobile: ?0
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      GET
                                      https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
                                      msedge.exe
                                      Remote address:
                                      172.217.169.46:443
                                      Request
                                      GET /embed/gS2GhpTPLvQ?wmode=Opaque HTTP/2.0
                                      host: www.youtube.com
                                      upgrade-insecure-requests: 1
                                      dnt: 1
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: navigate
                                      sec-fetch-dest: iframe
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      sec-ch-ua-mobile: ?0
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      GET
                                      https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
                                      msedge.exe
                                      Remote address:
                                      172.217.169.46:443
                                      Request
                                      GET /embed/ywSeSlVcY4w?wmode=Opaque HTTP/2.0
                                      host: www.youtube.com
                                      upgrade-insecure-requests: 1
                                      dnt: 1
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: navigate
                                      sec-fetch-dest: iframe
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      sec-ch-ua-mobile: ?0
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      GET
                                      https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
                                      msedge.exe
                                      Remote address:
                                      172.217.169.46:443
                                      Request
                                      GET /embed/QMECDnECjJM?wmode=Opaque HTTP/2.0
                                      host: www.youtube.com
                                      upgrade-insecure-requests: 1
                                      dnt: 1
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: navigate
                                      sec-fetch-dest: iframe
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      sec-ch-ua-mobile: ?0
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      GET
                                      https://www.youtube.com/s/player/5f8f5b0f/www-player.css
                                      msedge.exe
                                      Remote address:
                                      172.217.169.46:443
                                      Request
                                      GET /s/player/5f8f5b0f/www-player.css HTTP/2.0
                                      host: www.youtube.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/css,*/*;q=0.1
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: style
                                      referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      GET
                                      https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/embed.js
                                      msedge.exe
                                      Remote address:
                                      172.217.169.46:443
                                      Request
                                      GET /s/player/5f8f5b0f/player_ias.vflset/en_US/embed.js HTTP/2.0
                                      host: www.youtube.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: */*
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: script
                                      referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      GET
                                      https://www.youtube.com/s/player/5f8f5b0f/www-embed-player.vflset/www-embed-player.js
                                      msedge.exe
                                      Remote address:
                                      172.217.169.46:443
                                      Request
                                      GET /s/player/5f8f5b0f/www-embed-player.vflset/www-embed-player.js HTTP/2.0
                                      host: www.youtube.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: */*
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: script
                                      referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      GET
                                      https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/base.js
                                      msedge.exe
                                      Remote address:
                                      172.217.169.46:443
                                      Request
                                      GET /s/player/5f8f5b0f/player_ias.vflset/en_US/base.js HTTP/2.0
                                      host: www.youtube.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: */*
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: script
                                      referer: https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      GET
                                      http://www.google-analytics.com/ga.js
                                      msedge.exe
                                      Remote address:
                                      142.250.180.14:80
                                      Request
                                      GET /ga.js HTTP/1.1
                                      Host: www.google-analytics.com
                                      Connection: keep-alive
                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      DNT: 1
                                      Accept: */*
                                      Accept-Encoding: gzip, deflate
                                      Accept-Language: en-US,en;q=0.9
                                      Response
                                      HTTP/1.1 200 OK
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      X-Content-Type-Options: nosniff
                                      Content-Encoding: gzip
                                      Cross-Origin-Resource-Policy: cross-origin
                                      Server: Golfe2
                                      Content-Length: 17168
                                      Date: Mon, 09 Sep 2024 06:47:20 GMT
                                      Expires: Mon, 09 Sep 2024 08:47:20 GMT
                                      Cache-Control: public, max-age=7200
                                      Age: 545
                                      Last-Modified: Tue, 12 Dec 2023 18:09:08 GMT
                                      Content-Type: text/javascript
                                      Vary: Accept-Encoding
                                    • flag-us
                                      DNS
                                      i.ytimg.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      i.ytimg.com
                                      IN A
                                      Response
                                      i.ytimg.com
                                      IN A
                                      216.58.212.246
                                      i.ytimg.com
                                      IN A
                                      216.58.213.22
                                      i.ytimg.com
                                      IN A
                                      216.58.204.86
                                      i.ytimg.com
                                      IN A
                                      216.58.212.214
                                      i.ytimg.com
                                      IN A
                                      142.250.179.246
                                      i.ytimg.com
                                      IN A
                                      216.58.201.118
                                      i.ytimg.com
                                      IN A
                                      142.250.200.22
                                      i.ytimg.com
                                      IN A
                                      142.250.187.214
                                      i.ytimg.com
                                      IN A
                                      172.217.169.22
                                      i.ytimg.com
                                      IN A
                                      172.217.169.54
                                      i.ytimg.com
                                      IN A
                                      172.217.169.86
                                      i.ytimg.com
                                      IN A
                                      142.250.178.22
                                      i.ytimg.com
                                      IN A
                                      142.250.200.54
                                      i.ytimg.com
                                      IN A
                                      172.217.16.246
                                      i.ytimg.com
                                      IN A
                                      142.250.187.246
                                      i.ytimg.com
                                      IN A
                                      142.250.180.22
                                    • flag-us
                                      DNS
                                      73.144.22.2.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      73.144.22.2.in-addr.arpa
                                      IN PTR
                                      Response
                                      73.144.22.2.in-addr.arpa
                                      IN PTR
                                      a2-22-144-73deploystaticakamaitechnologiescom
                                    • flag-us
                                      DNS
                                      17.160.190.20.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      17.160.190.20.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      10.180.250.142.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      10.180.250.142.in-addr.arpa
                                      IN PTR
                                      Response
                                      10.180.250.142.in-addr.arpa
                                      IN PTR
                                      lhr25s32-in-f101e100net
                                    • flag-us
                                      DNS
                                      46.169.217.172.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      46.169.217.172.in-addr.arpa
                                      IN PTR
                                      Response
                                      46.169.217.172.in-addr.arpa
                                      IN PTR
                                      lhr48s08-in-f141e100net
                                    • flag-us
                                      DNS
                                      35.151.70.163.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      35.151.70.163.in-addr.arpa
                                      IN PTR
                                      Response
                                      35.151.70.163.in-addr.arpa
                                      IN PTR
                                      edge-star-mini-shv-02-lhr6facebookcom
                                    • flag-us
                                      DNS
                                      14.180.250.142.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      14.180.250.142.in-addr.arpa
                                      IN PTR
                                      Response
                                      14.180.250.142.in-addr.arpa
                                      IN PTR
                                      lhr25s32-in-f141e100net
                                    • flag-gb
                                      GET
                                      https://i.ytimg.com/vi/gS2GhpTPLvQ/sddefault.jpg
                                      msedge.exe
                                      Remote address:
                                      216.58.212.246:443
                                      Request
                                      GET /vi/gS2GhpTPLvQ/sddefault.jpg HTTP/2.0
                                      host: i.ytimg.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: image
                                      referer: https://www.youtube.com/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      GET
                                      https://i.ytimg.com/vi/ygK7kej0BPA/sddefault.jpg
                                      msedge.exe
                                      Remote address:
                                      216.58.212.246:443
                                      Request
                                      GET /vi/ygK7kej0BPA/sddefault.jpg HTTP/2.0
                                      host: i.ytimg.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: image
                                      referer: https://www.youtube.com/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-us
                                      DNS
                                      static.xx.fbcdn.net
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      static.xx.fbcdn.net
                                      IN A
                                      Response
                                      static.xx.fbcdn.net
                                      IN CNAME
                                      scontent.xx.fbcdn.net
                                      scontent.xx.fbcdn.net
                                      IN A
                                      157.240.221.16
                                    • flag-us
                                      DNS
                                      scontent.xx.fbcdn.net
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      scontent.xx.fbcdn.net
                                      IN A
                                      Response
                                      scontent.xx.fbcdn.net
                                      IN A
                                      157.240.221.16
                                    • flag-us
                                      DNS
                                      googleads.g.doubleclick.net
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      googleads.g.doubleclick.net
                                      IN A
                                      Response
                                      googleads.g.doubleclick.net
                                      IN A
                                      142.250.179.226
                                    • flag-gb
                                      GET
                                      https://googleads.g.doubleclick.net/pagead/id
                                      msedge.exe
                                      Remote address:
                                      142.250.179.226:443
                                      Request
                                      GET /pagead/id HTTP/2.0
                                      host: googleads.g.doubleclick.net
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: */*
                                      origin: https://www.youtube.com
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: cors
                                      sec-fetch-dest: empty
                                      referer: https://www.youtube.com/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-us
                                      DNS
                                      3.200.250.142.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      3.200.250.142.in-addr.arpa
                                      IN PTR
                                      Response
                                      3.200.250.142.in-addr.arpa
                                      IN PTR
                                      lhr48s29-in-f31e100net
                                    • flag-us
                                      DNS
                                      246.212.58.216.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      246.212.58.216.in-addr.arpa
                                      IN PTR
                                      Response
                                      246.212.58.216.in-addr.arpa
                                      IN PTR
                                      ams16s22-in-f2461e100net
                                      246.212.58.216.in-addr.arpa
                                      IN PTR
                                      ams16s22-in-f22�J
                                      246.212.58.216.in-addr.arpa
                                      IN PTR
                                      lhr25s28-in-f22�J
                                    • flag-us
                                      DNS
                                      16.221.240.157.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      16.221.240.157.in-addr.arpa
                                      IN PTR
                                      Response
                                      16.221.240.157.in-addr.arpa
                                      IN PTR
                                      xx-fbcdn-shv-01-lhr8fbcdnnet
                                    • flag-us
                                      DNS
                                      226.179.250.142.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      226.179.250.142.in-addr.arpa
                                      IN PTR
                                      Response
                                      226.179.250.142.in-addr.arpa
                                      IN PTR
                                      lhr25s31-in-f21e100net
                                    • flag-us
                                      DNS
                                      static.doubleclick.net
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      static.doubleclick.net
                                      IN A
                                      Response
                                      static.doubleclick.net
                                      IN A
                                      142.250.179.230
                                    • flag-us
                                      DNS
                                      jnn-pa.googleapis.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      jnn-pa.googleapis.com
                                      IN A
                                      Response
                                      jnn-pa.googleapis.com
                                      IN A
                                      172.217.169.42
                                      jnn-pa.googleapis.com
                                      IN A
                                      216.58.204.74
                                      jnn-pa.googleapis.com
                                      IN A
                                      142.250.187.234
                                      jnn-pa.googleapis.com
                                      IN A
                                      142.250.187.202
                                      jnn-pa.googleapis.com
                                      IN A
                                      216.58.212.202
                                      jnn-pa.googleapis.com
                                      IN A
                                      142.250.200.42
                                      jnn-pa.googleapis.com
                                      IN A
                                      172.217.169.10
                                      jnn-pa.googleapis.com
                                      IN A
                                      142.250.178.10
                                      jnn-pa.googleapis.com
                                      IN A
                                      142.250.179.234
                                      jnn-pa.googleapis.com
                                      IN A
                                      172.217.16.234
                                      jnn-pa.googleapis.com
                                      IN A
                                      142.250.180.10
                                      jnn-pa.googleapis.com
                                      IN A
                                      216.58.212.234
                                      jnn-pa.googleapis.com
                                      IN A
                                      216.58.201.106
                                      jnn-pa.googleapis.com
                                      IN A
                                      142.250.200.10
                                      jnn-pa.googleapis.com
                                      IN A
                                      172.217.169.74
                                    • flag-us
                                      DNS
                                      www.google.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      www.google.com
                                      IN A
                                      Response
                                      www.google.com
                                      IN A
                                      142.250.178.4
                                    • flag-us
                                      DNS
                                      yt3.ggpht.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      yt3.ggpht.com
                                      IN A
                                      Response
                                      yt3.ggpht.com
                                      IN CNAME
                                      photos-ugc.l.googleusercontent.com
                                      photos-ugc.l.googleusercontent.com
                                      IN A
                                      142.250.200.33
                                    • flag-gb
                                      GET
                                      https://static.doubleclick.net/instream/ad_status.js
                                      msedge.exe
                                      Remote address:
                                      142.250.179.230:443
                                      Request
                                      GET /instream/ad_status.js HTTP/2.0
                                      host: static.doubleclick.net
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: */*
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: script
                                      referer: https://www.youtube.com/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      OPTIONS
                                      https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
                                      msedge.exe
                                      Remote address:
                                      172.217.169.42:443
                                      Request
                                      OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/2.0
                                      host: jnn-pa.googleapis.com
                                      accept: */*
                                      access-control-request-method: POST
                                      access-control-request-headers: content-type,x-goog-api-key,x-user-agent
                                      origin: https://www.youtube.com
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      sec-fetch-mode: cors
                                      sec-fetch-site: cross-site
                                      sec-fetch-dest: empty
                                      referer: https://www.youtube.com/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      OPTIONS
                                      https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
                                      msedge.exe
                                      Remote address:
                                      172.217.169.42:443
                                      Request
                                      OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/2.0
                                      host: jnn-pa.googleapis.com
                                      accept: */*
                                      access-control-request-method: POST
                                      access-control-request-headers: content-type,x-goog-api-key,x-user-agent
                                      origin: https://www.youtube.com
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      sec-fetch-mode: cors
                                      sec-fetch-site: cross-site
                                      sec-fetch-dest: empty
                                      referer: https://www.youtube.com/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      OPTIONS
                                      https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
                                      msedge.exe
                                      Remote address:
                                      172.217.169.42:443
                                      Request
                                      OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/2.0
                                      host: jnn-pa.googleapis.com
                                      accept: */*
                                      access-control-request-method: POST
                                      access-control-request-headers: content-type,x-goog-api-key,x-user-agent
                                      origin: https://www.youtube.com
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      sec-fetch-mode: cors
                                      sec-fetch-site: cross-site
                                      sec-fetch-dest: empty
                                      referer: https://www.youtube.com/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      OPTIONS
                                      https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
                                      msedge.exe
                                      Remote address:
                                      172.217.169.42:443
                                      Request
                                      OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/2.0
                                      host: jnn-pa.googleapis.com
                                      accept: */*
                                      access-control-request-method: POST
                                      access-control-request-headers: content-type,x-goog-api-key,x-user-agent
                                      origin: https://www.youtube.com
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      sec-fetch-mode: cors
                                      sec-fetch-site: cross-site
                                      sec-fetch-dest: empty
                                      referer: https://www.youtube.com/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      OPTIONS
                                      https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
                                      msedge.exe
                                      Remote address:
                                      172.217.169.42:443
                                      Request
                                      OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/2.0
                                      host: jnn-pa.googleapis.com
                                      accept: */*
                                      access-control-request-method: POST
                                      access-control-request-headers: content-type,x-goog-api-key,x-user-agent
                                      origin: https://www.youtube.com
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      sec-fetch-mode: cors
                                      sec-fetch-site: cross-site
                                      sec-fetch-dest: empty
                                      referer: https://www.youtube.com/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      GET
                                      https://www.google.com/js/th/s9i9Iyk4Y_s1LD6aqz2X9kjqPppJUVpoTsMZDucYENo.js
                                      msedge.exe
                                      Remote address:
                                      142.250.178.4:443
                                      Request
                                      GET /js/th/s9i9Iyk4Y_s1LD6aqz2X9kjqPppJUVpoTsMZDucYENo.js HTTP/2.0
                                      host: www.google.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: */*
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: script
                                      referer: https://www.youtube.com/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      GET
                                      https://yt3.ggpht.com/ytc/AIdro_kKqNeL3cYjYNkFmifDFE3XRspqNa0XYqzqcmi30Ic=s68-c-k-c0x00ffffff-no-rj
                                      msedge.exe
                                      Remote address:
                                      142.250.200.33:443
                                      Request
                                      GET /ytc/AIdro_kKqNeL3cYjYNkFmifDFE3XRspqNa0XYqzqcmi30Ic=s68-c-k-c0x00ffffff-no-rj HTTP/2.0
                                      host: yt3.ggpht.com
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: image
                                      referer: https://www.youtube.com/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-us
                                      DNS
                                      play.google.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      play.google.com
                                      IN A
                                      Response
                                      play.google.com
                                      IN A
                                      216.58.212.206
                                    • flag-gb
                                      OPTIONS
                                      https://play.google.com/log?format=json&hasfast=true&authuser=0
                                      msedge.exe
                                      Remote address:
                                      216.58.212.206:443
                                      Request
                                      OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/2.0
                                      host: play.google.com
                                      accept: */*
                                      access-control-request-method: POST
                                      access-control-request-headers: x-goog-authuser
                                      origin: https://www.youtube.com
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      sec-fetch-mode: cors
                                      sec-fetch-site: cross-site
                                      sec-fetch-dest: empty
                                      referer: https://www.youtube.com/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      OPTIONS
                                      https://play.google.com/log?format=json&hasfast=true&authuser=0
                                      msedge.exe
                                      Remote address:
                                      216.58.212.206:443
                                      Request
                                      OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/2.0
                                      host: play.google.com
                                      accept: */*
                                      access-control-request-method: POST
                                      access-control-request-headers: x-goog-authuser
                                      origin: https://www.youtube.com
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      sec-fetch-mode: cors
                                      sec-fetch-site: cross-site
                                      sec-fetch-dest: empty
                                      referer: https://www.youtube.com/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-us
                                      DNS
                                      230.179.250.142.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      230.179.250.142.in-addr.arpa
                                      IN PTR
                                      Response
                                      230.179.250.142.in-addr.arpa
                                      IN PTR
                                      lhr25s31-in-f61e100net
                                    • flag-us
                                      DNS
                                      42.169.217.172.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      42.169.217.172.in-addr.arpa
                                      IN PTR
                                      Response
                                      42.169.217.172.in-addr.arpa
                                      IN PTR
                                      lhr48s08-in-f101e100net
                                    • flag-us
                                      DNS
                                      4.178.250.142.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      4.178.250.142.in-addr.arpa
                                      IN PTR
                                      Response
                                      4.178.250.142.in-addr.arpa
                                      IN PTR
                                      lhr48s27-in-f41e100net
                                    • flag-us
                                      DNS
                                      33.200.250.142.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      33.200.250.142.in-addr.arpa
                                      IN PTR
                                      Response
                                      33.200.250.142.in-addr.arpa
                                      IN PTR
                                      lhr48s30-in-f11e100net
                                    • flag-us
                                      DNS
                                      227.179.250.142.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      227.179.250.142.in-addr.arpa
                                      IN PTR
                                      Response
                                      227.179.250.142.in-addr.arpa
                                      IN PTR
                                      lhr25s31-in-f31e100net
                                    • flag-us
                                      DNS
                                      206.212.58.216.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      206.212.58.216.in-addr.arpa
                                      IN PTR
                                      Response
                                      206.212.58.216.in-addr.arpa
                                      IN PTR
                                      ams16s21-in-f141e100net
                                      206.212.58.216.in-addr.arpa
                                      IN PTR
                                      ams16s21-in-f206�I
                                      206.212.58.216.in-addr.arpa
                                      IN PTR
                                      lhr25s27-in-f14�I
                                    • flag-us
                                      DNS
                                      26.165.165.52.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      26.165.165.52.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      206.23.85.13.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      206.23.85.13.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      172.210.232.199.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      172.210.232.199.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      81.144.22.2.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      81.144.22.2.in-addr.arpa
                                      IN PTR
                                      Response
                                      81.144.22.2.in-addr.arpa
                                      IN PTR
                                      a2-22-144-81deploystaticakamaitechnologiescom
                                    • flag-us
                                      DNS
                                      31.243.111.52.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      31.243.111.52.in-addr.arpa
                                      IN PTR
                                      Response
                                    • 142.250.180.10:80
                                      http://fonts.googleapis.com/css?family=Arial
                                      http
                                      msedge.exe
                                      608 B
                                       1.4kB
                                       6
                                      4

                                      HTTP Request

                                      GET http://fonts.googleapis.com/css?family=Arial

                                      HTTP Response

                                      400
                                    • 172.217.169.46:80
                                      http://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque
                                      http
                                      msedge.exe
                                      1.3kB
                                       1.2kB
                                       8
                                      8

                                      HTTP Request

                                      GET http://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque

                                      HTTP Response

                                      301

                                      HTTP Request

                                      GET http://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque

                                      HTTP Response

                                      301
                                    • 163.70.151.35:80
                                      http://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75
                                      http
                                      msedge.exe
                                      967 B
                                       685 B
                                       7
                                      6

                                      HTTP Request

                                      GET http://www.facebook.com/plugins/likebox.php?href=http://www.facebook.com/pages/konthaiusacom/177402280020?ref=tn_tnmn&width=250&colorscheme=light&show_faces=false&border_color=%23000000&stream=false&header=false&height=75

                                      HTTP Response

                                      301
                                    • 172.217.169.46:80
                                      www.youtube.com
                                      msedge.exe
                                      236 B
                                       208 B
                                       5
                                      4
                                    • 172.217.169.46:80
                                      http://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque
                                      http
                                      msedge.exe
                                      799 B
                                       695 B
                                       7
                                      6

                                      HTTP Request

                                      GET http://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque

                                      HTTP Response

                                      301
                                    • 172.217.169.46:80
                                      http://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque
                                      http
                                      msedge.exe
                                      799 B
                                       695 B
                                       7
                                      6

                                      HTTP Request

                                      GET http://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque

                                      HTTP Response

                                      301
                                    • 172.217.169.46:80
                                      http://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque
                                      http
                                      msedge.exe
                                      799 B
                                       695 B
                                       7
                                      6

                                      HTTP Request

                                      GET http://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque

                                      HTTP Response

                                      301
                                    • 163.70.151.35:443
                                      www.facebook.com
                                      tls
                                      msedge.exe
                                      2.2kB
                                       20.2kB
                                       20
                                      27
                                    • 172.217.169.46:443
                                      https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/base.js
                                      tls, http2
                                      msedge.exe
                                      29.4kB
                                       1.2MB
                                       597
                                      872

                                      HTTP Request

                                      GET https://www.youtube.com/embed/evMR3wn1LGk?wmode=Opaque

                                      HTTP Request

                                      GET https://www.youtube.com/embed/ygK7kej0BPA?wmode=Opaque

                                      HTTP Request

                                      GET https://www.youtube.com/embed/gS2GhpTPLvQ?wmode=Opaque

                                      HTTP Request

                                      GET https://www.youtube.com/embed/ywSeSlVcY4w?wmode=Opaque

                                      HTTP Request

                                      GET https://www.youtube.com/embed/QMECDnECjJM?wmode=Opaque

                                      HTTP Request

                                      GET https://www.youtube.com/s/player/5f8f5b0f/www-player.css

                                      HTTP Request

                                      GET https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/embed.js

                                      HTTP Request

                                      GET https://www.youtube.com/s/player/5f8f5b0f/www-embed-player.vflset/www-embed-player.js

                                      HTTP Request

                                      GET https://www.youtube.com/s/player/5f8f5b0f/player_ias.vflset/en_US/base.js
                                    • 142.250.180.14:80
                                      http://www.google-analytics.com/ga.js
                                      http
                                      msedge.exe
                                      908 B
                                       18.4kB
                                       13
                                      18

                                      HTTP Request

                                      GET http://www.google-analytics.com/ga.js

                                      HTTP Response

                                      200
                                    • 172.217.169.46:443
                                      www.youtube.com
                                      msedge.exe
                                      98 B
                                       52 B
                                       2
                                      1
                                    • 172.217.169.46:443
                                      www.youtube.com
                                      msedge.exe
                                      98 B
                                       52 B
                                       2
                                      1
                                    • 172.217.169.46:443
                                      www.youtube.com
                                      msedge.exe
                                      98 B
                                       52 B
                                       2
                                      1
                                    • 172.217.169.46:443
                                      www.youtube.com
                                      msedge.exe
                                      98 B
                                       52 B
                                       2
                                      1
                                    • 216.58.212.246:443
                                      https://i.ytimg.com/vi/ygK7kej0BPA/sddefault.jpg
                                      tls, http2
                                      msedge.exe
                                      4.2kB
                                       82.2kB
                                       65
                                      69

                                      HTTP Request

                                      GET https://i.ytimg.com/vi/gS2GhpTPLvQ/sddefault.jpg

                                      HTTP Request

                                      GET https://i.ytimg.com/vi/ygK7kej0BPA/sddefault.jpg
                                    • 157.240.221.16:443
                                      static.xx.fbcdn.net
                                      tls
                                      msedge.exe
                                      9.1kB
                                       252.6kB
                                       150
                                      217
                                    • 157.240.221.16:443
                                      static.xx.fbcdn.net
                                      tls
                                      msedge.exe
                                      897 B
                                       2.6kB
                                       7
                                      5
                                    • 157.240.221.16:443
                                      static.xx.fbcdn.net
                                      tls
                                      msedge.exe
                                      943 B
                                       2.8kB
                                       8
                                      6
                                    • 157.240.221.16:443
                                      static.xx.fbcdn.net
                                      tls
                                      msedge.exe
                                      989 B
                                       2.9kB
                                       9
                                      7
                                    • 157.240.221.16:443
                                      static.xx.fbcdn.net
                                      tls
                                      msedge.exe
                                      989 B
                                       2.9kB
                                       9
                                      7
                                    • 157.240.221.16:443
                                      static.xx.fbcdn.net
                                      tls
                                      msedge.exe
                                      943 B
                                       2.8kB
                                       8
                                      6
                                    • 142.250.179.226:443
                                      https://googleads.g.doubleclick.net/pagead/id
                                      tls, http2
                                      msedge.exe
                                      1.8kB
                                       6.8kB
                                       15
                                      17

                                      HTTP Request

                                      GET https://googleads.g.doubleclick.net/pagead/id
                                    • 142.250.179.230:443
                                      https://static.doubleclick.net/instream/ad_status.js
                                      tls, http2
                                      msedge.exe
                                      1.8kB
                                       6.7kB
                                       15
                                      15

                                      HTTP Request

                                      GET https://static.doubleclick.net/instream/ad_status.js
                                    • 172.217.169.42:443
                                      jnn-pa.googleapis.com
                                      tls, http2
                                      msedge.exe
                                      999 B
                                       6.0kB
                                       9
                                      8
                                    • 172.217.169.42:443
                                      jnn-pa.googleapis.com
                                      tls, http2
                                      msedge.exe
                                      999 B
                                       6.0kB
                                       9
                                      8
                                    • 172.217.169.42:443
                                      https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
                                      tls, http2
                                      msedge.exe
                                      2.5kB
                                       7.6kB
                                       23
                                      26

                                      HTTP Request

                                      OPTIONS https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

                                      HTTP Request

                                      OPTIONS https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

                                      HTTP Request

                                      OPTIONS https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

                                      HTTP Request

                                      OPTIONS https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

                                      HTTP Request

                                      OPTIONS https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
                                    • 172.217.169.42:443
                                      jnn-pa.googleapis.com
                                      tls, http2
                                      msedge.exe
                                      999 B
                                       6.0kB
                                       9
                                      8
                                    • 172.217.169.42:443
                                      jnn-pa.googleapis.com
                                      tls, http2
                                      msedge.exe
                                      999 B
                                       6.0kB
                                       9
                                      8
                                    • 142.250.178.4:443
                                      https://www.google.com/js/th/s9i9Iyk4Y_s1LD6aqz2X9kjqPppJUVpoTsMZDucYENo.js
                                      tls, http2
                                      msedge.exe
                                      2.5kB
                                       28.2kB
                                       30
                                      31

                                      HTTP Request

                                      GET https://www.google.com/js/th/s9i9Iyk4Y_s1LD6aqz2X9kjqPppJUVpoTsMZDucYENo.js
                                    • 142.250.200.33:443
                                      https://yt3.ggpht.com/ytc/AIdro_kKqNeL3cYjYNkFmifDFE3XRspqNa0XYqzqcmi30Ic=s68-c-k-c0x00ffffff-no-rj
                                      tls, http2
                                      msedge.exe
                                      2.0kB
                                       12.7kB
                                       18
                                      18

                                      HTTP Request

                                      GET https://yt3.ggpht.com/ytc/AIdro_kKqNeL3cYjYNkFmifDFE3XRspqNa0XYqzqcmi30Ic=s68-c-k-c0x00ffffff-no-rj
                                    • 216.58.212.206:443
                                      https://play.google.com/log?format=json&hasfast=true&authuser=0
                                      tls, http2
                                      msedge.exe
                                      2.0kB
                                       8.5kB
                                       17
                                      18

                                      HTTP Request

                                      OPTIONS https://play.google.com/log?format=json&hasfast=true&authuser=0

                                      HTTP Request

                                      OPTIONS https://play.google.com/log?format=json&hasfast=true&authuser=0
                                    • 216.58.212.206:443
                                      play.google.com
                                      msedge.exe
                                      98 B
                                       52 B
                                       2
                                      1
                                    • 8.8.8.8:53
                                      8.8.8.8.in-addr.arpa
                                      dns
                                      66 B
                                       90 B
                                       1
                                      1

                                      DNS Request

                                      8.8.8.8.in-addr.arpa

                                    • 8.8.8.8:53
                                      241.150.49.20.in-addr.arpa
                                      dns
                                      72 B
                                       158 B
                                       1
                                      1

                                      DNS Request

                                      241.150.49.20.in-addr.arpa

                                    • 8.8.8.8:53
                                      www.konthaiusa.com
                                      dns
                                      msedge.exe
                                      64 B
                                       137 B
                                       1
                                      1

                                      DNS Request

                                      www.konthaiusa.com

                                    • 8.8.8.8:53
                                      www.youtube.com
                                      dns
                                      msedge.exe
                                      61 B
                                       351 B
                                       1
                                      1

                                      DNS Request

                                      www.youtube.com

                                      DNS Response

                                      172.217.169.46
                                      142.250.187.206
                                      216.58.212.238
                                      142.250.178.14
                                      216.58.201.110
                                      142.250.187.238
                                      216.58.213.14
                                      142.250.200.14
                                      216.58.204.78
                                      172.217.169.14
                                      142.250.200.46
                                      142.250.180.14
                                      142.250.179.238
                                      216.58.212.206
                                      172.217.16.238
                                      172.217.169.78

                                    • 8.8.8.8:53
                                      www.facebook.com
                                      dns
                                      msedge.exe
                                      62 B
                                       107 B
                                       1
                                      1

                                      DNS Request

                                      www.facebook.com

                                      DNS Response

                                      163.70.151.35

                                    • 172.217.169.46:443
                                      www.youtube.com
                                      https
                                      msedge.exe
                                      61.3kB
                                       46.4kB
                                       83
                                      80
                                    • 8.8.8.8:53
                                      i.ytimg.com
                                      dns
                                      msedge.exe
                                      57 B
                                       313 B
                                       1
                                      1

                                      DNS Request

                                      i.ytimg.com

                                      DNS Response

                                      216.58.212.246
                                      216.58.213.22
                                      216.58.204.86
                                      216.58.212.214
                                      142.250.179.246
                                      216.58.201.118
                                      142.250.200.22
                                      142.250.187.214
                                      172.217.169.22
                                      172.217.169.54
                                      172.217.169.86
                                      142.250.178.22
                                      142.250.200.54
                                      172.217.16.246
                                      142.250.187.246
                                      142.250.180.22

                                    • 8.8.8.8:53
                                      73.144.22.2.in-addr.arpa
                                      dns
                                      70 B
                                       133 B
                                       1
                                      1

                                      DNS Request

                                      73.144.22.2.in-addr.arpa

                                    • 8.8.8.8:53
                                      17.160.190.20.in-addr.arpa
                                      dns
                                      72 B
                                       158 B
                                       1
                                      1

                                      DNS Request

                                      17.160.190.20.in-addr.arpa

                                    • 8.8.8.8:53
                                      10.180.250.142.in-addr.arpa
                                      dns
                                      73 B
                                       112 B
                                       1
                                      1

                                      DNS Request

                                      10.180.250.142.in-addr.arpa

                                    • 8.8.8.8:53
                                      46.169.217.172.in-addr.arpa
                                      dns
                                      73 B
                                       112 B
                                       1
                                      1

                                      DNS Request

                                      46.169.217.172.in-addr.arpa

                                    • 8.8.8.8:53
                                      35.151.70.163.in-addr.arpa
                                      dns
                                      72 B
                                       125 B
                                       1
                                      1

                                      DNS Request

                                      35.151.70.163.in-addr.arpa

                                    • 8.8.8.8:53
                                      14.180.250.142.in-addr.arpa
                                      dns
                                      73 B
                                       112 B
                                       1
                                      1

                                      DNS Request

                                      14.180.250.142.in-addr.arpa

                                    • 8.8.8.8:53
                                      static.xx.fbcdn.net
                                      dns
                                      msedge.exe
                                      65 B
                                       104 B
                                       1
                                      1

                                      DNS Request

                                      static.xx.fbcdn.net

                                      DNS Response

                                      157.240.221.16

                                    • 8.8.8.8:53
                                      scontent.xx.fbcdn.net
                                      dns
                                      msedge.exe
                                      67 B
                                       83 B
                                       1
                                      1

                                      DNS Request

                                      scontent.xx.fbcdn.net

                                      DNS Response

                                      157.240.221.16

                                    • 8.8.8.8:53
                                      googleads.g.doubleclick.net
                                      dns
                                      msedge.exe
                                      73 B
                                       89 B
                                       1
                                      1

                                      DNS Request

                                      googleads.g.doubleclick.net

                                      DNS Response

                                      142.250.179.226

                                    • 8.8.8.8:53
                                      3.200.250.142.in-addr.arpa
                                      dns
                                      72 B
                                       110 B
                                       1
                                      1

                                      DNS Request

                                      3.200.250.142.in-addr.arpa

                                    • 8.8.8.8:53
                                      246.212.58.216.in-addr.arpa
                                      dns
                                      73 B
                                       173 B
                                       1
                                      1

                                      DNS Request

                                      246.212.58.216.in-addr.arpa

                                    • 8.8.8.8:53
                                      16.221.240.157.in-addr.arpa
                                      dns
                                      73 B
                                       117 B
                                       1
                                      1

                                      DNS Request

                                      16.221.240.157.in-addr.arpa

                                    • 8.8.8.8:53
                                      226.179.250.142.in-addr.arpa
                                      dns
                                      74 B
                                       112 B
                                       1
                                      1

                                      DNS Request

                                      226.179.250.142.in-addr.arpa

                                    • 8.8.8.8:53
                                      static.doubleclick.net
                                      dns
                                      msedge.exe
                                      68 B
                                       84 B
                                       1
                                      1

                                      DNS Request

                                      static.doubleclick.net

                                      DNS Response

                                      142.250.179.230

                                    • 142.250.179.226:443
                                      googleads.g.doubleclick.net
                                      https
                                      msedge.exe
                                      5.1kB
                                       9.6kB
                                       27
                                      32
                                    • 8.8.8.8:53
                                      jnn-pa.googleapis.com
                                      dns
                                      msedge.exe
                                      67 B
                                       307 B
                                       1
                                      1

                                      DNS Request

                                      jnn-pa.googleapis.com

                                      DNS Response

                                      172.217.169.42
                                      216.58.204.74
                                      142.250.187.234
                                      142.250.187.202
                                      216.58.212.202
                                      142.250.200.42
                                      172.217.169.10
                                      142.250.178.10
                                      142.250.179.234
                                      172.217.16.234
                                      142.250.180.10
                                      216.58.212.234
                                      216.58.201.106
                                      142.250.200.10
                                      172.217.169.74

                                    • 8.8.8.8:53
                                      www.google.com
                                      dns
                                      msedge.exe
                                      60 B
                                       76 B
                                       1
                                      1

                                      DNS Request

                                      www.google.com

                                      DNS Response

                                      142.250.178.4

                                    • 8.8.8.8:53
                                      yt3.ggpht.com
                                      dns
                                      msedge.exe
                                      59 B
                                       120 B
                                       1
                                      1

                                      DNS Request

                                      yt3.ggpht.com

                                      DNS Response

                                      142.250.200.33

                                    • 172.217.169.42:443
                                      jnn-pa.googleapis.com
                                      https
                                      msedge.exe
                                      14.9kB
                                       232.1kB
                                       88
                                      196
                                    • 8.8.8.8:53
                                      play.google.com
                                      dns
                                      msedge.exe
                                      61 B
                                       77 B
                                       1
                                      1

                                      DNS Request

                                      play.google.com

                                      DNS Response

                                      216.58.212.206

                                    • 216.58.212.206:443
                                      play.google.com
                                      https
                                      msedge.exe
                                      14.8kB
                                       12.2kB
                                       33
                                      39
                                    • 8.8.8.8:53
                                      230.179.250.142.in-addr.arpa
                                      dns
                                      74 B
                                       112 B
                                       1
                                      1

                                      DNS Request

                                      230.179.250.142.in-addr.arpa

                                    • 8.8.8.8:53
                                      42.169.217.172.in-addr.arpa
                                      dns
                                      73 B
                                       112 B
                                       1
                                      1

                                      DNS Request

                                      42.169.217.172.in-addr.arpa

                                    • 8.8.8.8:53
                                      4.178.250.142.in-addr.arpa
                                      dns
                                      72 B
                                       110 B
                                       1
                                      1

                                      DNS Request

                                      4.178.250.142.in-addr.arpa

                                    • 8.8.8.8:53
                                      33.200.250.142.in-addr.arpa
                                      dns
                                      73 B
                                       111 B
                                       1
                                      1

                                      DNS Request

                                      33.200.250.142.in-addr.arpa

                                    • 8.8.8.8:53
                                      227.179.250.142.in-addr.arpa
                                      dns
                                      74 B
                                       112 B
                                       1
                                      1

                                      DNS Request

                                      227.179.250.142.in-addr.arpa

                                    • 8.8.8.8:53
                                      206.212.58.216.in-addr.arpa
                                      dns
                                      73 B
                                       173 B
                                       1
                                      1

                                      DNS Request

                                      206.212.58.216.in-addr.arpa

                                    • 224.0.0.251:5353
                                      530 B
                                       8
                                    • 8.8.8.8:53
                                      26.165.165.52.in-addr.arpa
                                      dns
                                      72 B
                                       146 B
                                       1
                                      1

                                      DNS Request

                                      26.165.165.52.in-addr.arpa

                                    • 8.8.8.8:53
                                      206.23.85.13.in-addr.arpa
                                      dns
                                      71 B
                                       145 B
                                       1
                                      1

                                      DNS Request

                                      206.23.85.13.in-addr.arpa

                                    • 216.58.212.206:443
                                      play.google.com
                                      https
                                      msedge.exe
                                      8.8kB
                                       4.4kB
                                       18
                                      17
                                    • 8.8.8.8:53
                                      172.210.232.199.in-addr.arpa
                                      dns
                                      74 B
                                       128 B
                                       1
                                      1

                                      DNS Request

                                      172.210.232.199.in-addr.arpa

                                    • 8.8.8.8:53
                                      81.144.22.2.in-addr.arpa
                                      dns
                                      70 B
                                       133 B
                                       1
                                      1

                                      DNS Request

                                      81.144.22.2.in-addr.arpa

                                    • 8.8.8.8:53
                                      31.243.111.52.in-addr.arpa
                                      dns
                                      72 B
                                       158 B
                                       1
                                      1

                                      DNS Request

                                      31.243.111.52.in-addr.arpa

                                    • 142.250.179.226:443
                                      googleads.g.doubleclick.net
                                      https
                                      msedge.exe
                                      5.2kB
                                       6.1kB
                                       29
                                      36

                                    MITRE ATT&CK Enterprise v15

                                    Replay Monitor

                                    Loading Replay Monitor...

                                    Downloads

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                      Filesize

                                      152B

                                      MD5

                                      ab8ce148cb7d44f709fb1c460d03e1b0

                                      SHA1

                                      44d15744015155f3e74580c93317e12d2cc0f859

                                      SHA256

                                      014006a90e43ea9a1903b08b843a5aab8ad3823d22e26e5b113fad5f9fa620ff

                                      SHA512

                                      f685423b1eaee18a2a06030b4b2977335f62499c0041c142a92f6e6f846c2b9ce54324b6ae94efbbb303282dcda70e2b1597c748fddc251c0b3122a412c2d7c4

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                      Filesize

                                      152B

                                      MD5

                                      38f59a47b777f2fc52088e96ffb2baaf

                                      SHA1

                                      267224482588b41a96d813f6d9e9d924867062db

                                      SHA256

                                      13569c5681c71dc42ab57d34879f5a567d7b94afe0e8f6d7c6f6c1314fb0087b

                                      SHA512

                                      4657d13e1bb7cdd7e83f5f2562f5598cca12edf839626ae96da43e943b5550fab46a14b9018f1bec90de88cc714f637605531ccda99deb9e537908ddb826113b

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                      Filesize

                                      384B

                                      MD5

                                      274804d4e8856e7d8acacf7a1fc3b3eb

                                      SHA1

                                      0cf89c0064981d042dfe49c415b1174afe761072

                                      SHA256

                                      4b365540d5ce6eb5414c2c1fba5519e95cb75478d578fd228e3d37709e52a4f6

                                      SHA512

                                      8ee2966a457ef12246843b4b6a2c9aafea4485c001e7289d2f6cffbe0482d6feb51e422ef229567af06649693f0b106deb280667f8581b414770a7fd12cd19e2

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                      Filesize

                                      2KB

                                      MD5

                                      a17fa38f8b3b2e9e017158345c34cbcc

                                      SHA1

                                      83be6144dd5072711fef7e2fec8dba4fa7dce693

                                      SHA256

                                      e41c61f0e5bf6efd9f7d7f9fa948663f28d5d9f2703d9f93e1121a49090c7883

                                      SHA512

                                      becfc10057ff8e132b5130e43be9e1f383989dd4773795b00769ecc4c610963cb89a02776cee073706d42e9de693a92d24f9c473ab03f583ef6ccb77456e2b9f

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                      Filesize

                                      2KB

                                      MD5

                                      5c9bbfd441099018b558a587a46984f3

                                      SHA1

                                      fcf35de3c4aebbdac11ec49d4b3032ee2bbf944d

                                      SHA256

                                      169584047dfb99a3227ea5d003671a80e4ca2cc32375427e5586a83ba762e641

                                      SHA512

                                      70168624a29e59dad2b16634a0e5d6dd19f711889968673a59a011177af4d818da7a1f127e41f792db45570fe6a2a45f7fc82640b1512c3e8f624436e0699180

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                      Filesize

                                      5KB

                                      MD5

                                      acdbf645ba47d6ab1c82179a5e306655

                                      SHA1

                                      8f5225c2bcd42dbb78a5675b5dc96184a57a8f8b

                                      SHA256

                                      593dbdce063afe30cc4ace5b9a28ac78b32cc9905352fe61e8475f0405c1af9d

                                      SHA512

                                      0945feeced82e28874212bc4a18b7e74367114870ec0e8ef037d60d2c79d7e2c36551c6e5a1c56cb9e0989662e866ecd7227fa3885c38cd52e04511e851243e9

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                      Filesize

                                      7KB

                                      MD5

                                      2d42cb53f83ea308f9914bd3a15d0d8b

                                      SHA1

                                      8461ebf9826d038fde6131676e7492a15b7415d5

                                      SHA256

                                      9a14e4cae225d86f0d68258dbeb484d178fa2bf59ca5b23277428b9c2461763b

                                      SHA512

                                      734ae4d976a875f915de48bf67c9cc669f9ee1441447313b38b735a6a89bc7f6e4dc89d7e3ffb5cbe673161543daa8cc68f583e32c2f5f5e6d68d6c1c3566944

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                      Filesize

                                      16B

                                      MD5

                                      6752a1d65b201c13b62ea44016eb221f

                                      SHA1

                                      58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                      SHA256

                                      0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                      SHA512

                                      9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                      Filesize

                                      10KB

                                      MD5

                                      85ed78ed6e83381e98d06c4e5789b43d

                                      SHA1

                                      50cc4a0500d80fe09dedd09a83ac36b0fc6dbb78

                                      SHA256

                                      f49c571cac8ccf4cbb4e7a641c865d9007e7759453b582a5f0538d4d43c95124

                                      SHA512

                                      ac17841c1169d1a75d1d342064ce8ee7b8dfd48eb2d8239722bcf776b91b47d15458b8dd9b8bf0a60c3e021eec81dc17bca54818dcac2f52342d223596bc8c70

                                      Download Submit

                                    We care about your privacy.

                                    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.