hxxps://ddec1-0-en-ctp[.]trendmicro[.]com/wis/clicktime/v1/query?url=https%3a%2f%2fclinicaputumayo1%2dmy[.]sharepoint[.]com%2f%3au%3a%2fg%2fpersonal%2fglosas%5fhacputumayo%5fcom%5fco%2fEeSbIX4nBzlEratSxjF5En0BtRbz3z5rzETeCuhxmMNFeA&umid=912af1ac-d7ef-4576-94a9-899446b43f0c&auth=8c38a99fbfb8ee9ad7cfc9db516a19b3e760bd1c-0c37e5947901c96c5dce1bbe3ca4ad211d2ea523

Resubmissions

02/10/2024, 13:39 UTC

241002-qxzfpayejr 6

02/10/2024, 13:36 UTC

241002-qv9tmsydlr 6

Analysis

max time kernel
135s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
02/10/2024, 13:36 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fclinicaputumayo1%2dmy.sharepoint.com%2f%3au%3a%2fg%2fpersonal%2fglosas%5fhacputumayo%5fcom%5fco%2fEeSbIX4nBzlEratSxjF5En0BtRbz3z5rzETeCuhxmMNFeA&umid=912af1ac-d7ef-4576-94a9-899446b43f0c&auth=8c38a99fbfb8ee9ad7cfc9db516a19b3e760bd1c-0c37e5947901c96c5dce1bbe3ca4ad211d2ea523

Score

6^/10

discovery

Malware Config

Signatures

Network Share Discovery 1 TTPs
Attempt to gather information on host network.
discovery

Network Share Discovery
T1135
Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133723497869089898"	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1916	chrome.exe
1916	chrome.exe
3752	chrome.exe
3752	chrome.exe
3752	chrome.exe
3752	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs

pid	Process
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe
Token: SeShutdownPrivilege	1916	chrome.exe
Token: SeCreatePagefilePrivilege	1916	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe
1916	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1916 wrote to memory of 4048	1916	chrome.exe	82
PID 1916 wrote to memory of 4048	1916	chrome.exe	82
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 2628	1916	chrome.exe	83
PID 1916 wrote to memory of 936	1916	chrome.exe	84
PID 1916 wrote to memory of 936	1916	chrome.exe	84
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85
PID 1916 wrote to memory of 2832	1916	chrome.exe	85

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fclinicaputumayo1%2dmy.sharepoint.com%2f%3au%3a%2fg%2fpersonal%2fglosas%5fhacputumayo%5fcom%5fco%2fEeSbIX4nBzlEratSxjF5En0BtRbz3z5rzETeCuhxmMNFeA&umid=912af1ac-d7ef-4576-94a9-899446b43f0c&auth=8c38a99fbfb8ee9ad7cfc9db516a19b3e760bd1c-0c37e5947901c96c5dce1bbe3ca4ad211d2ea523
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:1916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7fffe59ccc40,0x7fffe59ccc4c,0x7fffe59ccc58
  2⤵
  PID:4048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1884,i,15955959061707747431,11531660730407578925,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1872 /prefetch:2
  2⤵
  PID:2628
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2132,i,15955959061707747431,11531660730407578925,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2172 /prefetch:3
  2⤵
  PID:936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2208,i,15955959061707747431,11531660730407578925,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2396 /prefetch:8
  2⤵
  PID:2832
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,15955959061707747431,11531660730407578925,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3124 /prefetch:1
  2⤵
  PID:1992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3112,i,15955959061707747431,11531660730407578925,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3160 /prefetch:1
  2⤵
  PID:3476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4304,i,15955959061707747431,11531660730407578925,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3704 /prefetch:1
  2⤵
  PID:4392
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4776,i,15955959061707747431,11531660730407578925,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4788 /prefetch:8
  2⤵
  PID:3056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=5028,i,15955959061707747431,11531660730407578925,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4448 /prefetch:1
  2⤵
  PID:2212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=724,i,15955959061707747431,11531660730407578925,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5032 /prefetch:1
  2⤵
  PID:3728
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4580,i,15955959061707747431,11531660730407578925,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5140 /prefetch:1
  2⤵
  PID:1676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5276,i,15955959061707747431,11531660730407578925,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4844 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5300,i,15955959061707747431,11531660730407578925,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5236 /prefetch:1
  2⤵
  PID:348

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1944

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3196

Network

DNS

232.168.11.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

232.168.11.51.in-addr.arpa

IN PTR

Response
DNS

ddec1-0-en-ctp.trendmicro.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ddec1-0-en-ctp.trendmicro.com

IN A

Response

ddec1-0-en-ctp.trendmicro.com

IN CNAME

ctp.wtp.trendmicro.com

ctp.wtp.trendmicro.com

IN CNAME

ctp-proxy.prod.wrs.trendmicro.com

ctp-proxy.prod.wrs.trendmicro.com

IN A

44.227.4.222

ctp-proxy.prod.wrs.trendmicro.com

IN A

54.187.74.250

ctp-proxy.prod.wrs.trendmicro.com

IN A

54.245.116.215
GET

https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fclinicaputumayo1%2dmy.sharepoint.com%2f%3au%3a%2fg%2fpersonal%2fglosas%5fhacputumayo%5fcom%5fco%2fEeSbIX4nBzlEratSxjF5En0BtRbz3z5rzETeCuhxmMNFeA&umid=912af1ac-d7ef-4576-94a9-899446b43f0c&auth=8c38a99fbfb8ee9ad7cfc9db516a19b3e760bd1c-0c37e5947901c96c5dce1bbe3ca4ad211d2ea523

chrome.exe

Remote address:

44.227.4.222:443

Request

GET /wis/clicktime/v1/query?url=https%3a%2f%2fclinicaputumayo1%2dmy.sharepoint.com%2f%3au%3a%2fg%2fpersonal%2fglosas%5fhacputumayo%5fcom%5fco%2fEeSbIX4nBzlEratSxjF5En0BtRbz3z5rzETeCuhxmMNFeA&umid=912af1ac-d7ef-4576-94a9-899446b43f0c&auth=8c38a99fbfb8ee9ad7cfc9db516a19b3e760bd1c-0c37e5947901c96c5dce1bbe3ca4ad211d2ea523 HTTP/2.0
host: ddec1-0-en-ctp.trendmicro.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Wed, 02 Oct 2024 13:36:23 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://clinicaputumayo1-my.sharepoint.com/:u:/g/personal/glosas_hacputumayo_com_co/EeSbIX4nBzlEratSxjF5En0BtRbz3z5rzETeCuhxmMNFeA
access-control-allow-origin: *
server: istio-envoy
x-envoy-decorator-operation: ctp-web-service.ctp.svc.cluster.local:8080/*
x-envoy-upstream-service-time: 68
DNS

clinicaputumayo1-my.sharepoint.com

chrome.exe

Remote address:

8.8.8.8:53

Request

clinicaputumayo1-my.sharepoint.com

IN A

Response

clinicaputumayo1-my.sharepoint.com

IN CNAME

clinicaputumayo1.sharepoint.com

clinicaputumayo1.sharepoint.com

IN CNAME

11728-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com

11728-ipv4v6e.clump.dprodmgd105.aa-rt.sharepoint.com

IN CNAME

191616-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com

191616-ipv4v6e.farm.dprodmgd105.aa-rt.sharepoint.com

IN CNAME

191616-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net

191616-ipv4v6w.farm.dprodmgd105.sharepointonline.com.akadns.net

IN CNAME

191616-ipv4v6.farm.dprodmgd105.aa-rt.sharepoint.com.dual-spo-0005.spo-msedge.net

191616-ipv4v6.farm.dprodmgd105.aa-rt.sharepoint.com.dual-spo-0005.spo-msedge.net

IN CNAME

dual-spo-0005.spo-msedge.net

dual-spo-0005.spo-msedge.net

IN A

13.107.138.10

dual-spo-0005.spo-msedge.net

IN A

13.107.136.10
GET

https://clinicaputumayo1-my.sharepoint.com/:u:/g/personal/glosas_hacputumayo_com_co/EeSbIX4nBzlEratSxjF5En0BtRbz3z5rzETeCuhxmMNFeA

chrome.exe

Remote address:

13.107.138.10:443

Request

GET /:u:/g/personal/glosas_hacputumayo_com_co/EeSbIX4nBzlEratSxjF5En0BtRbz3z5rzETeCuhxmMNFeA HTTP/2.0
host: clinicaputumayo1-my.sharepoint.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

cache-control: private
content-length: 440
content-type: text/html; charset=utf-8
location: https://clinicaputumayo1-my.sharepoint.com/personal/glosas_hacputumayo_com_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments%2F%2D854633%2DDEMANDA%20LABORAL%2D85545%2D%204%2Esvg&parent=%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments&ga=1
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=; path=/; SameSite=None; secure; HttpOnly
x-networkstatistics: 0,1573888,0,0,2949037,0,343951,110
x-sharepointhealthscore: 2
x-ms-spo-cookievalidator: 0ikI3T2CrGA4O1Zp37pq9N75eqQRM6xlYevly4xlQDS3607FqGqfB6FK9zOyA2TaqqdOvI6/Cs5SlkhGj0oon9AsWtnmpkZgTAsNlNReIbG78EG/n7OE9kUiS8tqa6ENZ5pDVpGOXY97PhK+7hqXizF9RPWTkzAzne9KR3b6qYJiH9iMOE8RkMR0OaT3R1yZGvpYy4VWpreIGl2M+fYR9AUK2//KfLXNMjzkwgZvICoRlHtNFfjnS5T8xX2EcsW+fk1u5wx798UOW2bOcFwEoW4HZyopq56wR4bwklGizj6Asm2U68l0yLT7G3nd5VdL0DTcvfjffKsXh0LsOdZcAA==
x-aspnet-version: 4.0.30319
x-databoundary: NONE
x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
sprequestguid: f0f955a1-90ed-6000-8ac8-89b327b38f75
request-id: f0f955a1-90ed-6000-8ac8-89b327b38f75
ms-cv: oVX58O2QAGCKyImzJ7OPdQ.0
report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0"}]}
nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com app.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
sprequestduration: 270
spiislatency: 5
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.25311
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 3D3C118DDAFC40F19DABDABC9E8DE78C Ref B: LON601060108029 Ref C: 2024-10-02T13:36:23Z
date: Wed, 02 Oct 2024 13:36:23 GMT
GET

https://clinicaputumayo1-my.sharepoint.com/personal/glosas_hacputumayo_com_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments%2F%2D854633%2DDEMANDA%20LABORAL%2D85545%2D%204%2Esvg&parent=%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments&ga=1

chrome.exe

Remote address:

13.107.138.10:443

Request

GET /personal/glosas_hacputumayo_com_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments%2F%2D854633%2DDEMANDA%20LABORAL%2D85545%2D%204%2Esvg&parent=%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments&ga=1 HTTP/2.0
host: clinicaputumayo1-my.sharepoint.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=

Response

HTTP/2.0 200

cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=; path=/; SameSite=None; secure; HttpOnly
x-networkstatistics: 0,1573888,0,0,13206763,0,1573888,105
x-sharepointhealthscore: 1
referrer-policy: no-referrer, strict-origin-when-cross-origin
reporting-endpoints: cspendpoint="https://clinicaputumayo1-my.sharepoint.com/personal/glosas_hacputumayo_com_co/_layouts/15/CSPReporting.aspx"
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.office365.com *.powerapps.com *.yammer.com engage.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com *.powerapps.com *.yammer.com engage.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com *.cloud.microsoft app.powerbi.com;
content-security-policy-report-only: base-uri 'none';;report-to cspendpoint
content-security-policy: worker-src 'self' blob:;script-src https://contentstorage.osi.office.net https://swx.cdn.skype.com https://res.delve.office.com https://lpcres.delve.office.com https://widget.uservoice.com https://by2.uservoice.com https://www.bing.com/api/maps/ https://www.bing.com/rms/ https://fabriciss.azureedge.net https://publiccdn.sharepointonline.com https://ajax.aspnetcdn.com https://res-1.cdn.office.net https://res-1.cdn.office.net https://res-2.cdn.office.net https://webshell.suite.office.com https://amcdn.msftauth.net *.cdn.office.net *.fluidpreview.office.net https://res-1.cdn.office.net https://teams.microsoft.com https://js.monitor.azure.com https://r4.res.office365.com https://c1-excel-15.cdn.office.net https://c1-onenote-15.cdn.office.net https://c1-powerpoint-15.cdn.office.net https://c1-visio-15.cdn.office.net https://c1-word-view-15.cdn.office.net https://loki.delve.office.com https://res.cdn.office.net/midgard/ https://substrate.office.com 'unsafe-eval' 'nonce-8832d239-b33f-43f9-9610-95b2f0326d8e';
content-security-policy-report-only: style-src https://contentstorage.osi.office.net https://swx.cdn.skype.com https://res.delve.office.com https://lpcres.delve.office.com https://widget.uservoice.com https://by2.uservoice.com https://www.bing.com/api/maps/ https://www.bing.com/rms/ https://fabriciss.azureedge.net https://publiccdn.sharepointonline.com https://ajax.aspnetcdn.com https://res-1.cdn.office.net https://res-1.cdn.office.net https://res-2.cdn.office.net https://webshell.suite.office.com https://amcdn.msftauth.net *.cdn.office.net *.fluidpreview.office.net https://res-1.cdn.office.net https://teams.microsoft.com https://js.monitor.azure.com https://r4.res.office365.com https://c1-excel-15.cdn.office.net https://c1-onenote-15.cdn.office.net https://c1-powerpoint-15.cdn.office.net https://c1-visio-15.cdn.office.net https://c1-word-view-15.cdn.office.net https://loki.delve.office.com https://res.cdn.office.net/midgard/ https://substrate.office.com 'self' blob: 'unsafe-inline';connect-src 'self' blob: https://*.bing.com https://*.svc.ms wss://*.svc.ms https://browser.pipe.aria.microsoft.com/Collector/3.0/ https://mobile.events.data.microsoft.com/OneCollector/1.0/ https://contentstorage.osi.office.net https://swx.cdn.skype.com https://res.delve.office.com https://lpcres.delve.office.com https://widget.uservoice.com https://by2.uservoice.com https://www.bing.com/api/maps/ https://www.bing.com/rms/ https://fabriciss.azureedge.net https://publiccdn.sharepointonline.com https://ajax.aspnetcdn.com https://res-1.cdn.office.net https://res-1.cdn.office.net https://res-2.cdn.office.net https://webshell.suite.office.com https://amcdn.msftauth.net *.cdn.office.net *.fluidpreview.office.net https://res-1.cdn.office.net https://teams.microsoft.com https://js.monitor.azure.com https://r4.res.office365.com https://c1-excel-15.cdn.office.net https://c1-onenote-15.cdn.office.net https://c1-powerpoint-15.cdn.office.net https://c1-visio-15.cdn.office.net https://c1-word-view-15.cdn.office.net https://loki.delve.office.com https://res.cdn.office.net/midgard/ https://substrate.office.com graph.microsoft.com graph.microsoft.com https://login.windows.net https://graph.windows.net https://management.core.windows.net https://clinicaputumayo1.sharepoint.com/ https://clinicaputumayo1-my.sharepoint.com/ *.cloud.microsoft graph.microsoft.com substrate.office.com https://ocws.officeapps.live.com https://upload.fp.measure.office.com https://browser.events.data.microsoft.com https://ecs.office.com http://localhost:42050 ws://localhost:42050 http://localhost:42051 ws://localhost:42051 http://localhost:42052 ws://localhost:42052 http://localhost:42053 ws://localhost:42053 http://localhost:42054 ws://localhost:42054 http://localhost:42055 ws://localhost:42055 http://localhost:42056 ws://localhost:42056 http://localhost:42057 ws://localhost:42057 http://localhost:42058 ws://localhost:42058 http://localhost:42059 ws://localhost:42059;font-src https://contentstorage.osi.office.net https://swx.cdn.skype.com https://res.delve.office.com https://lpcres.delve.office.com https://widget.uservoice.com https://by2.uservoice.com https://www.bing.com/api/maps/ https://www.bing.com/rms/ https://fabriciss.azureedge.net https://publiccdn.sharepointonline.com https://ajax.aspnetcdn.com https://res-1.cdn.office.net https://res-1.cdn.office.net https://res-2.cdn.office.net https://webshell.suite.office.com https://amcdn.msftauth.net *.cdn.office.net *.fluidpreview.office.net https://res-1.cdn.office.net https://teams.microsoft.com https://js.monitor.azure.com https://r4.res.office365.com https://c1-excel-15.cdn.office.net https://c1-onenote-15.cdn.office.net https://c1-powerpoint-15.cdn.office.net https://c1-visio-15.cdn.office.net https://c1-word-view-15.cdn.office.net https://loki.delve.office.com https://res.cdn.office.net/midgard/ https://substrate.office.com https://clinicaputumayo1.sharepoint.com/ https://clinicaputumayo1-my.sharepoint.com/ https://static2.sharepointonline.com https://static.sharepointonline.com 'self' blob: data:;img-src https://contentstorage.osi.office.net https://swx.cdn.skype.com https://res.delve.office.com https://lpcres.delve.office.com https://widget.uservoice.com https://by2.uservoice.com https://www.bing.com/api/maps/ https://www.bing.com/rms/ https://fabriciss.azureedge.net https://publiccdn.sharepointonline.com https://ajax.aspnetcdn.com https://res-1.cdn.office.net https://res-1.cdn.office.net https://res-2.cdn.office.net https://webshell.suite.office.com https://amcdn.msftauth.net *.cdn.office.net *.fluidpreview.office.net https://res-1.cdn.office.net https://teams.microsoft.com https://js.monitor.azure.com https://r4.res.office365.com https://c1-excel-15.cdn.office.net https://c1-onenote-15.cdn.office.net https://c1-powerpoint-15.cdn.office.net https://c1-visio-15.cdn.office.net https://c1-word-view-15.cdn.office.net https://loki.delve.office.com https://res.cdn.office.net/midgard/ https://substrate.office.com https://clinicaputumayo1.sharepoint.com/ https://clinicaputumayo1-my.sharepoint.com/ https://static2.sharepointonline.com https://static.sharepointonline.com https://content.powerapps.com https://searchuxcdn.azureedge.net https://ow1.res.office365.com https://*.svc.ms 'self' blob: data:;media-src https://contentstorage.osi.office.net https://swx.cdn.skype.com https://res.delve.office.com https://lpcres.delve.office.com https://widget.uservoice.com https://by2.uservoice.com https://www.bing.com/api/maps/ https://www.bing.com/rms/ https://fabriciss.azureedge.net https://publiccdn.sharepointonline.com https://ajax.aspnetcdn.com https://res-1.cdn.office.net https://res-1.cdn.office.net https://res-2.cdn.office.net https://webshell.suite.office.com https://amcdn.msftauth.net *.cdn.office.net *.fluidpreview.office.net https://res-1.cdn.office.net https://teams.microsoft.com https://js.monitor.azure.com https://r4.res.office365.com https://c1-excel-15.cdn.office.net https://c1-onenote-15.cdn.office.net https://c1-powerpoint-15.cdn.office.net https://c1-visio-15.cdn.office.net https://c1-word-view-15.cdn.office.net https://loki.delve.office.com https://res.cdn.office.net/midgard/ https://substrate.office.com https://clinicaputumayo1.sharepoint.com/ https://clinicaputumayo1-my.sharepoint.com/ https://static2.sharepointonline.com https://static.sharepointonline.com https://*.svc.ms 'self' blob: data:;object-src 'self' blob: data:;frame-src 'self' https://support.office.com https://webshell.suite.office.com/ *.cloud.microsoft;;report-to cspendpoint
x-aspnet-version: 4.0.30319
x-databoundary: NONE
x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
sprequestguid: f1f955a1-2012-6000-8ac8-808c9d54685a
request-id: f1f955a1-2012-6000-8ac8-808c9d54685a
ms-cv: oVX58RIgAGCKyICMnVRoWg.0
report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0"}]}
nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
strict-transport-security: max-age=31536000
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.25311
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: E187CC057E504A5F88627F4464F95B0F Ref B: LON601060108029 Ref C: 2024-10-02T13:36:24Z
date: Wed, 02 Oct 2024 13:36:23 GMT
GET

https://clinicaputumayo1-my.sharepoint.com/personal/glosas_hacputumayo_com_co/_api/web/GetFileByServerRelativePath(DecodedUrl=@a1)/OpenBinaryStream?@a1=%27%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments%2F%2D854633%2DDEMANDA%20LABORAL%2D85545%2D%204%2Esvg%27

chrome.exe

Remote address:

13.107.138.10:443

Request

GET /personal/glosas_hacputumayo_com_co/_api/web/GetFileByServerRelativePath(DecodedUrl=@a1)/OpenBinaryStream?@a1=%27%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments%2F%2D854633%2DDEMANDA%20LABORAL%2D85545%2D%204%2Esvg%27 HTTP/2.0
host: clinicaputumayo1-my.sharepoint.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept: application/json;odata=verbose
sec-ch-ua-platform: "Windows"
collectspperfmetrics: SPSQLQueryCount
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json;odata=verbose
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://clinicaputumayo1-my.sharepoint.com/personal/glosas_hacputumayo_com_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments%2F%2D854633%2DDEMANDA%20LABORAL%2D85545%2D%204%2Esvg&parent=%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments&ga=1
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=
cookie: FeatureOverrides_experiments=[]

Response

HTTP/2.0 200

cache-control: private, max-age=0
content-length: 357458
content-type: application/octet-stream
expires: Tue, 17 Sep 2024 13:36:25 GMT
last-modified: Wed, 02 Oct 2024 13:36:25 GMT
vary: Origin
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=; path=/; SameSite=None; secure; HttpOnly
x-networkstatistics: 0,1573888,0,0,8875341,0,760220,105
x-sharepointhealthscore: 3
x-sp-serverstate: ReadOnly=0
dataserviceversion: 3.0
x-download-options: noopen
content-disposition: attachment
spclientservicerequestduration: 73
sprequestduration: 74
x-aspnet-version: 4.0.30319
x-databoundary: NONE
x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
sprequestguid: f1f955a1-5059-6000-5ec2-11771888c7fe
request-id: f1f955a1-5059-6000-5ec2-11771888c7fe
ms-cv: oVX58VlQAGBewhF3GIjH/g.0
report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0"}]}
nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com app.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.25311
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 3F2A0E1D01DA4029B69080130C6776F5 Ref B: LON601060108029 Ref C: 2024-10-02T13:36:25Z
date: Wed, 02 Oct 2024 13:36:24 GMT
GET

https://clinicaputumayo1-my.sharepoint.com/_layouts/15/images/odbfavicon.ico?rev=47

chrome.exe

Remote address:

13.107.138.10:443

Request

GET /_layouts/15/images/odbfavicon.ico?rev=47 HTTP/2.0
host: clinicaputumayo1-my.sharepoint.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://clinicaputumayo1-my.sharepoint.com/personal/glosas_hacputumayo_com_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments%2F%2D854633%2DDEMANDA%20LABORAL%2D85545%2D%204%2Esvg&parent=%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments&ga=1
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=
cookie: FeatureOverrides_experiments=[]
cookie: MicrosoftApplicationsTelemetryDeviceId=deb0767e-e7fb-467e-a0d6-5a696c3796c5
cookie: ai_session=blw9G2Dgre7x/jJHFur0ku|1727876184639|1727876184648

Response

HTTP/2.0 200

cache-control: max-age=31536000
content-length: 974
content-type: image/x-icon
content-encoding: gzip
last-modified: Wed, 25 Sep 2024 17:59:19 GMT
accept-ranges: bytes
etag: "80f59da474fdb1:0"
vary: Accept-Encoding
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=; path=/; SameSite=None; secure; HttpOnly
x-networkstatistics: 0,6295552,0,726,8874985,0,2615516,101
sprequestduration: 13
spiislatency: 2
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.25311
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B567DF408A1A4290B4BA683126A19396 Ref B: LON601060108029 Ref C: 2024-10-02T13:36:25Z
date: Wed, 02 Oct 2024 13:36:24 GMT
POST

https://clinicaputumayo1-my.sharepoint.com/personal/glosas_hacputumayo_com_co/_api/SP.OAuth.Token/Acquire()

chrome.exe

Remote address:

13.107.138.10:443

Request

POST /personal/glosas_hacputumayo_com_co/_api/SP.OAuth.Token/Acquire() HTTP/2.0
host: clinicaputumayo1-my.sharepoint.com
content-length: 42
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
odata-version: 4.0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json;odata=verbose
collectspperfmetrics: SPSQLQueryCount
accept: application/json;odata.metadata=minimal
x-requestdigest: 0xAF059C14CCFE4CC2A65EFB2E1127CD448AD6534D17600DD799204E7342DA6D972228F21C1838EADD6F948F7AC5F2B3B8E5209509E9B49634C83E9B3440638CF6,02 Oct 2024 13:36:24 -0000
sec-ch-ua-platform: "Windows"
origin: https://clinicaputumayo1-my.sharepoint.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://clinicaputumayo1-my.sharepoint.com/personal/glosas_hacputumayo_com_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments%2F%2D854633%2DDEMANDA%20LABORAL%2D85545%2D%204%2Esvg&parent=%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments&ga=1
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=
cookie: FeatureOverrides_experiments=[]
cookie: MicrosoftApplicationsTelemetryDeviceId=deb0767e-e7fb-467e-a0d6-5a696c3796c5
cookie: ai_session=blw9G2Dgre7x/jJHFur0ku|1727876184639|1727876184648

Response

HTTP/2.0 400

cache-control: private, max-age=0
content-type: application/json;odata.metadata=minimal;odata.streaming=true;IEEE754Compatible=false;charset=utf-8
expires: Tue, 17 Sep 2024 13:36:25 GMT
last-modified: Wed, 02 Oct 2024 13:36:25 GMT
vary: Origin
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=; path=/; SameSite=None; secure; HttpOnly
x-networkstatistics: 0,6295552,0,1403,2949744,0,3238737,105
x-sharepointhealthscore: 1
x-sp-serverstate: ReadOnly=0
odata-version: 4.0
spclientservicerequestduration: 14
sprequestduration: 15
x-aspnet-version: 4.0.30319
x-databoundary: NONE
x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
sprequestguid: f1f955a1-406d-6000-8ac8-8056be1a370b
request-id: f1f955a1-406d-6000-8ac8-8056be1a370b
ms-cv: oVX58W1AAGCKyIBWvho3Cw.0
report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0"}]}
nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
x-requestdigest: 0xBFF76A66B00C8BFF1E8D1F8AC20E25AAB5691C1341CF30D3524C3B95FD34BB500177C08B1FCBF277CF219E36C3EBDA4B330EC13C1E20533E141E6357B81922C7,02 Oct 2024 13:36:25 -0000
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com app.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.25311
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: FC1FA6C78F5A4D28B8428D371E0DC342 Ref B: LON601060108029 Ref C: 2024-10-02T13:36:25Z
date: Wed, 02 Oct 2024 13:36:25 GMT
GET

https://clinicaputumayo1-my.sharepoint.com/personal/glosas_hacputumayo_com_co/_api/sp.FavoriteItemCollection.GetFavoriteItems?top=500

chrome.exe

Remote address:

13.107.138.10:443

Request

GET /personal/glosas_hacputumayo_com_co/_api/sp.FavoriteItemCollection.GetFavoriteItems?top=500 HTTP/2.0
host: clinicaputumayo1-my.sharepoint.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
authorization: Bearer
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json;odata=verbose
collectspperfmetrics: SPSQLQueryCount
accept: application/json;odata=verbose
x-requestdigest: 0xAF059C14CCFE4CC2A65EFB2E1127CD448AD6534D17600DD799204E7342DA6D972228F21C1838EADD6F948F7AC5F2B3B8E5209509E9B49634C83E9B3440638CF6,02 Oct 2024 13:36:24 -0000
caller: ODBWeb
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://clinicaputumayo1-my.sharepoint.com/personal/glosas_hacputumayo_com_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments%2F%2D854633%2DDEMANDA%20LABORAL%2D85545%2D%204%2Esvg&parent=%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments&ga=1
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=
cookie: FeatureOverrides_experiments=[]
cookie: MicrosoftApplicationsTelemetryDeviceId=deb0767e-e7fb-467e-a0d6-5a696c3796c5
cookie: ai_session=blw9G2Dgre7x/jJHFur0ku|1727876184639|1727876184648

Response

HTTP/2.0 500

cache-control: private, max-age=0
content-type: application/json;odata=verbose;charset=utf-8
expires: Tue, 17 Sep 2024 13:36:25 GMT
last-modified: Wed, 02 Oct 2024 13:36:25 GMT
vary: Origin
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=; path=/; SameSite=None; secure; HttpOnly
x-networkstatistics: 0,1573888,0,216,2950847,0,370826,105
x-sharepointhealthscore: 3
x-sp-serverstate: ReadOnly=0
dataserviceversion: 3.0
spclientservicerequestduration: 24
sprequestduration: 24
x-aspnet-version: 4.0.30319
x-databoundary: NONE
x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
sprequestguid: f1f955a1-906d-6000-8ac8-800c278a2d9a
request-id: f1f955a1-906d-6000-8ac8-800c278a2d9a
ms-cv: oVX58W2QAGCKyIAMJ4otmg.0
report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0"}]}
nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com app.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.25311
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 043FB97339CC4DD08692C9AF8244888A Ref B: LON601060108029 Ref C: 2024-10-02T13:36:25Z
date: Wed, 02 Oct 2024 13:36:25 GMT
GET

https://clinicaputumayo1-my.sharepoint.com/_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&enableTheming=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&streamViewServerLoad=true&streamInlineScript=true

chrome.exe

Remote address:

13.107.138.10:443

Request

GET /_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&enableTheming=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&streamViewServerLoad=true&streamInlineScript=true HTTP/2.0
host: clinicaputumayo1-my.sharepoint.com
cache-control: max-age=0
accept: */*
service-worker: script
sec-fetch-site: same-origin
sec-fetch-mode: same-origin
sec-fetch-dest: serviceworker
referer: https://clinicaputumayo1-my.sharepoint.com/personal/glosas_hacputumayo_com_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments%2F%2D854633%2DDEMANDA%20LABORAL%2D85545%2D%204%2Esvg&parent=%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments&ga=1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=
cookie: FeatureOverrides_experiments=[]
cookie: MicrosoftApplicationsTelemetryDeviceId=deb0767e-e7fb-467e-a0d6-5a696c3796c5
cookie: ai_session=blw9G2Dgre7x/jJHFur0ku|1727876184639|1727876184648

Response

HTTP/2.0 200

cache-control: max-age=1800
content-length: 550
content-type: text/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=; path=/; SameSite=None; secure; HttpOnly
x-networkstatistics: 0,1573888,0,0,8876252,0,845135,105
service-worker-allowed: /
strict-transport-security: max-age=31536000
x-aspnet-version: 4.0.30319
sprequestduration: 32
spiislatency: 0
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.25311
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 839A57D022DE4ED180A7C4CC651803A0 Ref B: LON601060108029 Ref C: 2024-10-02T13:36:26Z
date: Wed, 02 Oct 2024 13:36:25 GMT
GET

https://clinicaputumayo1-my.sharepoint.com/_layouts/15/SPComponentRegistry.ashx?projects=[%22STS%22]&languages=%5B%5D

chrome.exe

Remote address:

13.107.138.10:443

Request

GET /_layouts/15/SPComponentRegistry.ashx?projects=[%22STS%22]&languages=%5B%5D HTTP/2.0
host: clinicaputumayo1-my.sharepoint.com
accept: application/json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://clinicaputumayo1-my.sharepoint.com/_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&enableTheming=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&streamViewServerLoad=true&streamInlineScript=true
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=
cookie: FeatureOverrides_experiments=[]
cookie: MicrosoftApplicationsTelemetryDeviceId=deb0767e-e7fb-467e-a0d6-5a696c3796c5
cookie: ai_session=blw9G2Dgre7x/jJHFur0ku|1727876184639|1727876184648

Response

HTTP/2.0 200

cache-control: private
content-type: application/json
content-encoding: gzip
etag: "37330482_spfx_default_en-us"
vary: Accept-Encoding
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=; path=/; SameSite=None; secure; HttpOnly
x-networkstatistics: 0,1573888,0,0,8876664,0,822145,105
x-language: en-US
x-spclient-buildnumber: odsp-web-prod_2024-09-20.006
x-spclient-language: en-US
cachedmanifest: True
x-aspnet-version: 4.0.30319
sprequestduration: 23
spiislatency: 0
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.25311
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 68706A99824341B9BDD1D6A7E95DCFE5 Ref B: LON601060108029 Ref C: 2024-10-02T13:36:26Z
date: Wed, 02 Oct 2024 13:36:25 GMT
GET

https://clinicaputumayo1-my.sharepoint.com/_layouts/15/SPComponentRegistry.ashx?projects=[%22spfx%22]&languages=%5B%5D

chrome.exe

Remote address:

13.107.138.10:443

Request

GET /_layouts/15/SPComponentRegistry.ashx?projects=[%22spfx%22]&languages=%5B%5D HTTP/2.0
host: clinicaputumayo1-my.sharepoint.com
accept: application/json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/json
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://clinicaputumayo1-my.sharepoint.com/_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&enableTheming=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&streamViewServerLoad=true&streamInlineScript=true
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=
cookie: FeatureOverrides_experiments=[]
cookie: MicrosoftApplicationsTelemetryDeviceId=deb0767e-e7fb-467e-a0d6-5a696c3796c5
cookie: ai_session=blw9G2Dgre7x/jJHFur0ku|1727876184639|1727876184648

Response

HTTP/2.0 200

cache-control: private
content-type: application/json
content-encoding: gzip
etag: "37330482_sts_default_en-us"
vary: Accept-Encoding
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=; path=/; SameSite=None; secure; HttpOnly
x-networkstatistics: 0,1573888,0,0,8876396,0,834607,105
x-language: en-US
x-spclient-language: en-US
cachedmanifest: True
x-aspnet-version: 4.0.30319
sprequestduration: 39
spiislatency: 1
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.25311
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 82FFC86CA9C940C2965E445DE0D0111A Ref B: LON601060108029 Ref C: 2024-10-02T13:36:26Z
date: Wed, 02 Oct 2024 13:36:25 GMT
GET

https://clinicaputumayo1-my.sharepoint.com/_layouts/15/userphoto.aspx?size=S

chrome.exe

Remote address:

13.107.138.10:443

Request

GET /_layouts/15/userphoto.aspx?size=S HTTP/2.0
host: clinicaputumayo1-my.sharepoint.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://clinicaputumayo1-my.sharepoint.com/_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&enableTheming=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&streamViewServerLoad=true&streamInlineScript=true
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=
cookie: FeatureOverrides_experiments=[]
cookie: MicrosoftApplicationsTelemetryDeviceId=deb0767e-e7fb-467e-a0d6-5a696c3796c5
cookie: ai_session=blw9G2Dgre7x/jJHFur0ku|1727876184639|1727876184648
cookie: MSFPC=GUID=2f7b339320754b9c97959827f159871d&HASH=2f7b&LV=202410&V=4&LU=1727876188954

Response

HTTP/2.0 200

cache-control: private, max-age=86400
content-length: 1500
content-type: image/png
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=; path=/; SameSite=None; secure; HttpOnly
x-networkstatistics: 0,6295552,0,726,8893486,0,2618382,101
x-sharepointhealthscore: 3
referrer-policy: no-referrer, strict-origin-when-cross-origin
content-disposition: attachment; filename=PersonPlaceholder.96x96x32.png
x-aspnet-version: 4.0.30319
x-databoundary: NONE
x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
sprequestguid: f5f955a1-f0ef-6000-5ec2-1f75a9c07b49
request-id: f5f955a1-f0ef-6000-5ec2-1f75a9c07b49
ms-cv: oVX59e/wAGBewh91qcB7SQ.0
report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0"}]}
nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com app.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.25311
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 1A2C6540477B4536B1A714E40726E51D Ref B: LON601060108029 Ref C: 2024-10-02T13:36:44Z
date: Wed, 02 Oct 2024 13:36:43 GMT
GET

https://clinicaputumayo1-my.sharepoint.com/_layouts/15/userphoto.aspx?size=M

chrome.exe

Remote address:

13.107.138.10:443

Request

GET /_layouts/15/userphoto.aspx?size=M HTTP/2.0
host: clinicaputumayo1-my.sharepoint.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://clinicaputumayo1-my.sharepoint.com/_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&enableTheming=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&streamViewServerLoad=true&streamInlineScript=true
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=
cookie: FeatureOverrides_experiments=[]
cookie: MicrosoftApplicationsTelemetryDeviceId=deb0767e-e7fb-467e-a0d6-5a696c3796c5
cookie: ai_session=blw9G2Dgre7x/jJHFur0ku|1727876184639|1727876184648
cookie: MSFPC=GUID=2f7b339320754b9c97959827f159871d&HASH=2f7b&LV=202410&V=4&LU=1727876188954

Response

HTTP/2.0 200

cache-control: private, max-age=86400
content-length: 1500
content-type: image/png
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=; path=/; SameSite=None; secure; HttpOnly
x-networkstatistics: 0,6295552,0,1403,2968232,0,3242364,105
x-sharepointhealthscore: 0
referrer-policy: no-referrer, strict-origin-when-cross-origin
content-disposition: attachment; filename=PersonPlaceholder.96x96x32.png
x-aspnet-version: 4.0.30319
x-databoundary: NONE
x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
sprequestguid: f5f955a1-90f0-6000-8ac8-8e6f373f9e92
request-id: f5f955a1-90f0-6000-8ac8-8e6f373f9e92
ms-cv: oVX59fCQAGCKyI5vNz+ekg.0
report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0"}]}
nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com app.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.25311
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 3D5660370D714E508704946D31CA751A Ref B: LON601060108029 Ref C: 2024-10-02T13:36:44Z
date: Wed, 02 Oct 2024 13:36:43 GMT
GET

https://clinicaputumayo1-my.sharepoint.com/_layouts/15/userphoto.aspx?size=L

chrome.exe

Remote address:

13.107.138.10:443

Request

GET /_layouts/15/userphoto.aspx?size=L HTTP/2.0
host: clinicaputumayo1-my.sharepoint.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://clinicaputumayo1-my.sharepoint.com/_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&enableTheming=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&streamViewServerLoad=true&streamInlineScript=true
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=
cookie: FeatureOverrides_experiments=[]
cookie: MicrosoftApplicationsTelemetryDeviceId=deb0767e-e7fb-467e-a0d6-5a696c3796c5
cookie: ai_session=blw9G2Dgre7x/jJHFur0ku|1727876184639|1727876184648
cookie: MSFPC=GUID=2f7b339320754b9c97959827f159871d&HASH=2f7b&LV=202410&V=4&LU=1727876188954

Response

HTTP/2.0 200

cache-control: private, max-age=86400
content-length: 2438
content-type: image/png
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=; path=/; SameSite=None; secure; HttpOnly
x-networkstatistics: 0,1573888,0,216,2969376,0,374296,105
x-sharepointhealthscore: 1
referrer-policy: no-referrer, strict-origin-when-cross-origin
content-disposition: attachment; filename=PersonPlaceholder.200x150x32.png
x-aspnet-version: 4.0.30319
x-databoundary: NONE
x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
sprequestguid: f5f955a1-c0f3-6000-8ac8-8ce94d94c130
request-id: f5f955a1-c0f3-6000-8ac8-8ce94d94c130
ms-cv: oVX59fPAAGCKyIzpTZTBMA.0
report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0"}]}
nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com app.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.25311
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: ACAA2297731C41B68B9D92843B3D4144 Ref B: LON601060108029 Ref C: 2024-10-02T13:36:44Z
date: Wed, 02 Oct 2024 13:36:43 GMT
GET

https://clinicaputumayo1-my.sharepoint.com/_layouts/15/spwebworkerproxy.ashx?odsp-web-prod_2024-09-20.006

chrome.exe

Remote address:

13.107.138.10:443

Request

GET /_layouts/15/spwebworkerproxy.ashx?odsp-web-prod_2024-09-20.006 HTTP/2.0
host: clinicaputumayo1-my.sharepoint.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://clinicaputumayo1-my.sharepoint.com/_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&enableTheming=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&streamViewServerLoad=true&streamInlineScript=true
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=
cookie: FeatureOverrides_experiments=[]
cookie: MicrosoftApplicationsTelemetryDeviceId=deb0767e-e7fb-467e-a0d6-5a696c3796c5
cookie: ai_session=blw9G2Dgre7x/jJHFur0ku|1727876184639|1727876184648
cookie: MSFPC=GUID=2f7b339320754b9c97959827f159871d&HASH=2f7b&LV=202410&V=4&LU=1727876188954

Response

HTTP/2.0 200

cache-control: max-age=600
content-type: text/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+VjEzLDBoLmZ8bWVtYmVyc2hpcHx1cm4lM2FzcG8lM2Fhbm9uIzY4M2U2MmY2M2ZhYjhjZmQ0YTdlOTY1ZmU3NzdhZGZlNDg1MWNiYjYzYjYxZDE4YmYwZWExZWNhMDhiMDZlNjUsMCMuZnxtZW1iZXJzaGlwfHVybiUzYXNwbyUzYWFub24jNjgzZTYyZjYzZmFiOGNmZDRhN2U5NjVmZTc3N2FkZmU0ODUxY2JiNjNiNjFkMThiZjBlYTFlY2EwOGIwNmU2NSwxMzM3MjM1MDA4MzAwMDAwMDAsMCwxMzM3MjQzNjE4NDAwMzM2MzAsMC4wLjAuMCwyNTgsZmQ3YWRkMWYtN2I3Mi00M2M0LTg3YWYtNzI3MWM5NzFkNWM2LCwsZjBmOTU1YTEtOTBlZC02MDAwLThhYzgtODliMzI3YjM4Zjc1LGYwZjk1NWExLTkwZWQtNjAwMC04YWM4LTg5YjMyN2IzOGY3NSw0WlROT21DdFdVKy9JaVpLc3VoejlnLDAsMCwwLCwsLDI2NTA0Njc3NDM5OTk5OTk5OTksMCwsLCwsLCwwLCwxOTE2MTYsN0JCTjgxVC01Z1ZVYV84b0tnaTVUN19iT2hvLDBpa0kzVDJDckdBNE8xWnAzN3BxOU43NWVxUVJNNnhsWWV2bHk0eGxRRFMzNjA3RnFHcWZCNkZLOXpPeUEyVGFxcWRPdkk2L0NzNVNsa2hHajBvb245QXNXdG5tcGtaZ1RBc05sTlJlSWJHNzhFRy9uN09FOWtVaVM4dHFhNkVOWjVwRFZwR09YWTk3UGhLKzdocVhpekY5UlBXVGt6QXpuZTlLUjNiNnFZSmlIOWlNT0U4UmtNUjBPYVQzUjF5Wkd2cFl5NFZXcHJlSUdsMk0rZllSOUFVSzIvL0tmTFhOTWp6a3dnWnZJQ29SbEh0TkZmam5TNVQ4eFgyRWNzVytmazF1NXd4Nzk4VU9XMmJPY0Z3RW9XNEhaeW9wcTU2d1I0YndrbEdpemo2QXNtMlU2OGwweUxUN0czbmQ1VmRMMERUY3ZmamZmS3NYaDBMc09kWmNBQT09PC9TUD4=; path=/; SameSite=None; secure; HttpOnly
x-networkstatistics: 0,1573888,0,0,2970312,0,312342,105
x-sharepointhealthscore: 1
x-aspnet-version: 4.0.30319
x-databoundary: NONE
x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/
x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/
sprequestguid: f6f955a1-b01a-6000-5ec2-1befcd5331aa
request-id: f6f955a1-b01a-6000-5ec2-1befcd5331aa
ms-cv: oVX59hqwAGBewhvvzVMxqg.0
report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0"}]}
nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0}
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com teams.cloud.microsoft *.office365.com goals.cloud.microsoft *.powerapps.com app.powerbi.com *.yammer.com engage.cloud.microsoft word.cloud.microsoft excel.cloud.microsoft powerpoint.cloud.microsoft *.officeapps.live.com *.office.com *.microsoft365.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com *.microsoft.com onedrive.live.com *.onedrive.live.com securebroker.sharepointonline.com;
x-powered-by: ASP.NET
microsoftsharepointteamservices: 16.0.0.25311
x-content-type-options: nosniff
x-ms-invokeapp: 1; RequireReadOnly
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 52F62006C9D04E20ADADD1447EA16A03 Ref B: LON601060108029 Ref C: 2024-10-02T13:36:44Z
date: Wed, 02 Oct 2024 13:36:44 GMT
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

234.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.179.250.142.in-addr.arpa

IN PTR

Response

234.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f101e100net
DNS

222.4.227.44.in-addr.arpa

Remote address:

8.8.8.8:53

Request

222.4.227.44.in-addr.arpa

IN PTR

Response

222.4.227.44.in-addr.arpa

IN PTR

ec2-44-227-4-222 us-west-2compute amazonawscom
DNS

0.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

0.159.190.20.in-addr.arpa

IN PTR

Response
DNS

10.138.107.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.138.107.13.in-addr.arpa

IN PTR

Response
DNS

shell.cdn.office.net

chrome.exe

Remote address:

8.8.8.8:53

Request

shell.cdn.office.net

IN A

Response

shell.cdn.office.net

IN CNAME

shell.cdn.office.net-c.edgekey.net

shell.cdn.office.net-c.edgekey.net

IN CNAME

shell.cdn.office.net-c.edgekey.net.globalredir.akadns.net

shell.cdn.office.net-c.edgekey.net.globalredir.akadns.net

IN CNAME

e19254.dscg.akamaiedge.net

e19254.dscg.akamaiedge.net

IN A

104.123.88.104
GET

https://shell.cdn.office.net/api/ShellBootstrapper/business/OneShell

chrome.exe

Remote address:

104.123.88.104:443

Request

GET /api/ShellBootstrapper/business/OneShell HTTP/2.0
host: shell.cdn.office.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://clinicaputumayo1-my.sharepoint.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
server: Kestrel
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
x-o365suiteuxshell-correlationid: a551c694-a6fc-403e-a44c-e0befe8da9e5
x-cache-start: 1727876011
cache-control: max-age=300
date: Wed, 02 Oct 2024 13:36:24 GMT
content-length: 39642
timing-allow-origin: *
x-cdn: 173
access-control-allow-origin: *
GET

https://shell.cdn.office.net/shellux/api/ShellBootInfo/business/OneShell/en-us

chrome.exe

Remote address:

104.123.88.104:443

Request

GET /shellux/api/ShellBootInfo/business/OneShell/en-us HTTP/2.0
host: shell.cdn.office.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: */*
origin: https://clinicaputumayo1-my.sharepoint.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
server: Kestrel
pragma: no-cache
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
x-o365suiteuxshell-correlationid: 7044c4c2-972e-4456-a42e-6e346cbbf3fb
x-cache-start: 1727876069
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
date: Wed, 02 Oct 2024 13:36:44 GMT
content-length: 6055
timing-allow-origin: *
x-cdn: 135
access-control-allow-origin: *
DNS

res-1.cdn.office.net

chrome.exe

Remote address:

8.8.8.8:53

Request

res-1.cdn.office.net

IN A

Response

res-1.cdn.office.net

IN CNAME

res-1.cdn.office.net-c.edgekey.net

res-1.cdn.office.net-c.edgekey.net

IN CNAME

res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net

res-1.cdn.office.net-c.edgekey.net.globalredir.akadns.net

IN CNAME

e40491.dscd.akamaiedge.net

e40491.dscd.akamaiedge.net

IN A

2.22.249.227

e40491.dscd.akamaiedge.net

IN A

2.22.249.212

e40491.dscd.akamaiedge.net

IN A

2.22.249.197

e40491.dscd.akamaiedge.net

IN A

2.22.249.220
GET

https://res-1.cdn.office.net/files/odsp-web-prod_2024-09-20.004/oneuplightspeedwebpack/en-us/initial.resx.js

chrome.exe

Remote address:

2.22.249.227:443

Request

GET /files/odsp-web-prod_2024-09-20.004/oneuplightspeedwebpack/en-us/initial.resx.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://clinicaputumayo1-my.sharepoint.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 129088
last-modified: Sat, 21 Sep 2024 08:48:19 GMT
x-ms-request-id: 5f5bd557-d01e-0030-4d08-0e4158000000
x-ms-meta-sourcebuild: odsp-web-prod_2024-09-20.004
x-ms-meta-sourceid: 596735F2224B41D632F110F06E683F5FD80817704B696D080634BBD08514000800
content-encoding: br
cache-control: public, max-age=630720000
date: Wed, 02 Oct 2024 13:36:24 GMT
akamai-request-bc: [a=92.122.211.163,b=1294638138,c=g,n=GB_EN_LONDON,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876184.4d2a9c3a&TotalRTCDNTime=41&CompressionType=br&FileSize=129088"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=41, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/files/odsp-web-prod_2024-09-20.004/oneuplightspeedwebpack/plt.office-ui-fabric-react.js

chrome.exe

Remote address:

2.22.249.227:443

Request

GET /files/odsp-web-prod_2024-09-20.004/oneuplightspeedwebpack/plt.office-ui-fabric-react.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://clinicaputumayo1-my.sharepoint.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 4280
last-modified: Sat, 21 Sep 2024 08:48:30 GMT
x-ms-request-id: 5c3d7b62-001e-001c-2e08-0eadf7000000
x-ms-meta-sourcebuild: odsp-web-prod_2024-09-20.004
x-ms-meta-sourceid: 949E11083232A310D1746F93885DF2F4272BDE3BB5C65D451B77C9061E42CFBC00
content-encoding: br
cache-control: public, max-age=630720000
date: Wed, 02 Oct 2024 13:36:24 GMT
alt-svc: h3=":443"; ma=93600
akamai-request-bc: [a=92.122.211.163,b=1294638135,c=g,n=GB_EN_LONDON,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876184.4d2a9c37&TotalRTCDNTime=41&CompressionType=br&FileSize=4280"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=41, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/files/odsp-web-prod_2024-09-20.004/oneuplightspeedwebpack/plt.odsp-common.js

chrome.exe

Remote address:

2.22.249.227:443

Request

GET /files/odsp-web-prod_2024-09-20.004/oneuplightspeedwebpack/plt.odsp-common.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://clinicaputumayo1-my.sharepoint.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 126604
last-modified: Sat, 21 Sep 2024 08:48:22 GMT
x-ms-request-id: dc0b192e-e01e-003b-7d08-0eba33000000
x-ms-meta-sourcebuild: odsp-web-prod_2024-09-20.004
x-ms-meta-sourceid: 514E38DB3C457E6621D2784171FC1E21AFDCE84B64DDC20DA125B051DA85112200
content-encoding: br
cache-control: public, max-age=630720000
date: Wed, 02 Oct 2024 13:36:24 GMT
akamai-request-bc: [a=92.122.211.163,b=1294638136,c=g,n=GB_EN_LONDON,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876184.4d2a9c38&TotalRTCDNTime=41&CompressionType=br&FileSize=126604"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=41, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/files/odsp-web-prod_2024-09-20.004/oneuplightspeedwebpack/plt.items-view.js

chrome.exe

Remote address:

2.22.249.227:443

Request

GET /files/odsp-web-prod_2024-09-20.004/oneuplightspeedwebpack/plt.items-view.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://clinicaputumayo1-my.sharepoint.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2127
last-modified: Sat, 21 Sep 2024 08:48:18 GMT
x-ms-request-id: 37bb27b3-501e-0063-2a08-0e626c000000
x-ms-meta-sourcebuild: odsp-web-prod_2024-09-20.004
x-ms-meta-sourceid: F2ACF27CF0D870AB74C647B279CA8BC01E52D3194EC1A6BBAD4A543741A4308E00
content-encoding: br
cache-control: public, max-age=630720000
date: Wed, 02 Oct 2024 13:36:24 GMT
akamai-request-bc: [a=92.122.211.163,b=1294638155,c=g,n=GB_EN_LONDON,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876184.4d2a9c4b&TotalRTCDNTime=41&CompressionType=br&FileSize=2127"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=41, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/files/odsp-web-prod_2024-09-20.004/oneuplightspeedwebpack/oneuplightspeedwebpack.js

chrome.exe

Remote address:

2.22.249.227:443

Request

GET /files/odsp-web-prod_2024-09-20.004/oneuplightspeedwebpack/oneuplightspeedwebpack.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://clinicaputumayo1-my.sharepoint.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 173110
last-modified: Sat, 21 Sep 2024 08:48:27 GMT
x-ms-request-id: 500cd069-b01e-0009-6508-0eba44000000
x-ms-meta-sourcebuild: odsp-web-prod_2024-09-20.004
x-ms-meta-sourceid: CED792E1D2F6FC075D50DC80640BB644B31F47843BCBD9D04B417CE27AC69FBB00
content-encoding: br
cache-control: public, max-age=630720000
date: Wed, 02 Oct 2024 13:36:24 GMT
akamai-request-bc: [a=92.122.211.163,b=1294638156,c=g,n=GB_EN_LONDON,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876184.4d2a9c4c&TotalRTCDNTime=41&CompressionType=br&FileSize=173110"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=41, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/files/sp-client/odsp.react/odsp.react.lib-361c9c69.js

chrome.exe

Remote address:

2.22.249.227:443

Request

GET /files/sp-client/odsp.react/odsp.react.lib-361c9c69.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://clinicaputumayo1-my.sharepoint.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 42639
content-encoding: gzip
last-modified: Fri, 09 Aug 2024 09:31:10 GMT
x-ms-request-id: df6fdbf4-401e-0040-36f3-eaf8af000000
x-ms-meta-sourcebuild: odsp-web-prod_2024-08-09.001
x-ms-meta-sourceid: 8BBDE55798A6859AD51493F89DE30217A6F85C870928A820B04352086322448B00
cache-control: public, max-age=630720000
date: Wed, 02 Oct 2024 13:36:24 GMT
vary: Accept-Encoding
akamai-request-bc: [a=92.122.211.163,b=1294638158,c=g,n=GB_EN_LONDON,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876184.4d2a9c4e&TotalRTCDNTime=41&CompressionType=gzip&FileSize=42639"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=41, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/files/sp-client/odsp.fluentui.core/fui.core-83eff072.js

chrome.exe

Remote address:

2.22.249.227:443

Request

GET /files/sp-client/odsp.fluentui.core/fui.core-83eff072.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://clinicaputumayo1-my.sharepoint.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 46802
content-encoding: gzip
last-modified: Fri, 13 Sep 2024 09:46:55 GMT
x-ms-request-id: 0cd60bcb-901e-0053-799d-08dca3000000
x-ms-meta-sourcebuild: odsp-web-prod_2024-09-13.001
x-ms-meta-sourceid: 7A47DB221534E0C6C2624FC5C36126FE85CEBA4715B7550D6DC6D64A9037427600
cache-control: public, max-age=630720000
date: Wed, 02 Oct 2024 13:36:24 GMT
vary: Accept-Encoding
akamai-request-bc: [a=92.122.211.163,b=1294638160,c=g,n=GB_EN_LONDON,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876184.4d2a9c50&TotalRTCDNTime=41&CompressionType=gzip&FileSize=46802"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=41, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/files/sp-client/odsp.fluentui.utilities/fui.util-153996e1.js

chrome.exe

Remote address:

2.22.249.227:443

Request

GET /files/sp-client/odsp.fluentui.utilities/fui.util-153996e1.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://clinicaputumayo1-my.sharepoint.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 15277
content-encoding: gzip
last-modified: Fri, 09 Aug 2024 09:31:22 GMT
x-ms-request-id: 90940c10-001e-000c-06f4-ea689f000000
x-ms-meta-sourcebuild: odsp-web-prod_2024-08-09.001
x-ms-meta-sourceid: 6A1DC76BAB9FBB4805590BFAAFBAE062A088688CFCD6A53E6E8707543E047A8600
cache-control: public, max-age=630720000
date: Wed, 02 Oct 2024 13:36:24 GMT
vary: Accept-Encoding
akamai-request-bc: [a=92.122.211.163,b=1294638161,c=g,n=GB_EN_LONDON,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876184.4d2a9c51&TotalRTCDNTime=41&CompressionType=gzip&FileSize=15277"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=41, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/files/sp-client/odsp.utilities/odsp.util-a1364309.js

chrome.exe

Remote address:

2.22.249.227:443

Request

GET /files/sp-client/odsp.utilities/odsp.util-a1364309.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://clinicaputumayo1-my.sharepoint.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 13092
content-encoding: gzip
last-modified: Fri, 20 Sep 2024 09:33:19 GMT
x-ms-request-id: c4a4d97f-601e-0057-40dc-0d51a4000000
x-ms-meta-sourcebuild: odsp-web-prod_2024-09-20.001
x-ms-meta-sourceid: 17E5B139993035A5C0ACD3EC874F56FC822BDF6308F51AFC07443DA14D18D2CD00
cache-control: public, max-age=630720000
date: Wed, 02 Oct 2024 13:36:24 GMT
vary: Accept-Encoding
akamai-request-bc: [a=92.122.211.163,b=1294638162,c=g,n=GB_EN_LONDON,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876184.4d2a9c52&TotalRTCDNTime=41&CompressionType=gzip&FileSize=13092"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=41, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/files/sp-client/odsp.tslib/tslib-e9cf7774.js

chrome.exe

Remote address:

2.22.249.227:443

Request

GET /files/sp-client/odsp.tslib/tslib-e9cf7774.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://clinicaputumayo1-my.sharepoint.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2658
content-encoding: gzip
last-modified: Fri, 09 Aug 2024 09:31:12 GMT
x-ms-request-id: cff0179e-001e-0023-1bf4-ea6554000000
x-ms-meta-sourcebuild: odsp-web-prod_2024-08-09.001
x-ms-meta-sourceid: 5E975C9B92E6E03F6DC737DD52BDAC44D6F8CFAA4B03F93192D446BFEFC2DF9100
cache-control: public, max-age=630720000
date: Wed, 02 Oct 2024 13:36:24 GMT
vary: Accept-Encoding
akamai-request-bc: [a=92.122.211.163,b=1294638163,c=g,n=GB_EN_LONDON,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876184.4d2a9c53&TotalRTCDNTime=41&CompressionType=gzip&FileSize=2658"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=41, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/files/odsp-web-prod_2024-09-20.004/oneuplightspeedwebpack/19.js

chrome.exe

Remote address:

2.22.249.227:443

Request

GET /files/odsp-web-prod_2024-09-20.004/oneuplightspeedwebpack/19.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://clinicaputumayo1-my.sharepoint.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 15217
last-modified: Sat, 21 Sep 2024 08:48:06 GMT
x-ms-request-id: b1181ce6-701e-0064-6f08-0e0e0f000000
x-ms-meta-sourcebuild: odsp-web-prod_2024-09-20.004
x-ms-meta-sourceid: 2CB2DEFFD335E2602F9AABBC6A7DC23D926BC1847AA220644777E471071F409A00
content-encoding: br
cache-control: public, max-age=630720000
date: Wed, 02 Oct 2024 13:36:25 GMT
akamai-request-bc: [a=92.122.211.163,b=1294640764,c=g,n=GB_EN_LONDON,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876185.4d2aa67c&TotalRTCDNTime=42&CompressionType=br&FileSize=15217"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=42, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
GET

https://res-1.cdn.office.net/files/sp-client/odsp.1ds/odsp.1ds.lib-67f10919.js

chrome.exe

Remote address:

2.22.249.227:443

Request

GET /files/sp-client/odsp.1ds/odsp.1ds.lib-67f10919.js HTTP/2.0
host: res-1.cdn.office.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://clinicaputumayo1-my.sharepoint.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 48764
content-encoding: gzip
last-modified: Fri, 23 Aug 2024 09:59:30 GMT
x-ms-request-id: cb740555-601e-0047-14e3-f794cc000000
x-ms-meta-sourcebuild: odsp-web-prod_2024-08-23.001
x-ms-meta-sourceid: 255436026DD9F9CDE58B4E3917DBA624B3B3D1C70B060C1A3B577D68A404892D00
cache-control: public, max-age=630720000
date: Wed, 02 Oct 2024 13:36:25 GMT
vary: Accept-Encoding
akamai-request-bc: [a=92.122.211.163,b=1294641293,c=g,n=GB_EN_LONDON,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876185.4d2aa88d&TotalRTCDNTime=44&CompressionType=gzip&FileSize=48764"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=44, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
DNS

104.88.123.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

104.88.123.104.in-addr.arpa

IN PTR

Response

104.88.123.104.in-addr.arpa

IN PTR

a104-123-88-104deploystaticakamaitechnologiescom
DNS

227.249.22.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

227.249.22.2.in-addr.arpa

IN PTR

Response

227.249.22.2.in-addr.arpa

IN PTR

a2-22-249-227deploystaticakamaitechnologiescom
DNS

mobile.events.data.microsoft.com

chrome.exe

Remote address:

8.8.8.8:53

Request

mobile.events.data.microsoft.com

IN A

Response

mobile.events.data.microsoft.com

IN CNAME

mobile.events.data.trafficmanager.net

mobile.events.data.trafficmanager.net

IN CNAME

onedscolprdcus17.centralus.cloudapp.azure.com

onedscolprdcus17.centralus.cloudapp.azure.com

IN A

104.208.16.91
OPTIONS

https://mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

chrome.exe

Remote address:

104.208.16.91:443

Request

OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
host: mobile.events.data.microsoft.com
accept: */*
access-control-request-method: POST
access-control-request-headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
origin: https://clinicaputumayo1-my.sharepoint.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, 3600
content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-max-age: 3600
access-control-allow-origin: https://clinicaputumayo1-my.sharepoint.com
date: Wed, 02 Oct 2024 13:36:27 GMT
OPTIONS

https://mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

chrome.exe

Remote address:

104.208.16.91:443

Request

OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
host: mobile.events.data.microsoft.com
accept: */*
access-control-request-method: POST
access-control-request-headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
origin: https://clinicaputumayo1-my.sharepoint.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, 3600
content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-max-age: 3600
access-control-allow-origin: https://clinicaputumayo1-my.sharepoint.com
date: Wed, 02 Oct 2024 13:36:27 GMT
OPTIONS

https://mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D2f7b339320754b9c97959827f159871d%26HASH%3D2f7b%26LV%3D202410%26V%3D4%26LU%3D1727876188954&w=0

chrome.exe

Remote address:

104.208.16.91:443

Request

OPTIONS /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D2f7b339320754b9c97959827f159871d%26HASH%3D2f7b%26LV%3D202410%26V%3D4%26LU%3D1727876188954&w=0 HTTP/2.0
host: mobile.events.data.microsoft.com
accept: */*
access-control-request-method: POST
access-control-request-headers: apikey,cache-control,client-id,client-version,content-type,time-delta-to-apply-millis,upload-time
origin: https://clinicaputumayo1-my.sharepoint.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, 3600
content-length: 0
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: AuthMsaDeviceTicket,AuthXToken,Content-Encoding,Content-Type,Cache-Control,Client-Id,SDK-Name,sdk-version,apikey,x-apikey,client-version,upload-time,time-delta-to-apply-millis,client-time-epoch-millis,persistence-mode,reliability-mode,NoResponseBody
access-control-max-age: 3600
access-control-allow-origin: https://clinicaputumayo1-my.sharepoint.com
date: Wed, 02 Oct 2024 13:36:48 GMT
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

chrome.exe

Remote address:

104.208.16.91:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
host: mobile.events.data.microsoft.com
content-length: 140962
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
upload-time: 1727876186642
sec-ch-ua-mobile: ?0
client-version: 1DS-Web-JS-3.2.15
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
time-delta-to-apply-millis: use-collector-delta
content-type: application/x-json-stream
cache-control: no-cache, no-store
apikey: af7114704a204580909f08c904c5ac6f-6f6f4c13-294c-4a00-8e55-71180ed7d627-7044
client-id: NO_AUTH
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://clinicaputumayo1-my.sharepoint.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 153
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=0b76c72503a04fe8b70e0006e2988b4c&HASH=0b76&LV=202410&V=4&LU=1727876188954; Domain=.microsoft.com; Expires=Thu, 02 Oct 2025 13:36:28 GMT; Path=/;Secure; SameSite=None
set-cookie: MS0=1bd26f0aae434887ba43fe29c74d821e; Domain=.microsoft.com; Expires=Wed, 02 Oct 2024 14:06:28 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 2297
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://clinicaputumayo1-my.sharepoint.com
access-control-expose-headers: time-delta-millis
date: Wed, 02 Oct 2024 13:36:29 GMT
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

chrome.exe

Remote address:

104.208.16.91:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0 HTTP/2.0
host: mobile.events.data.microsoft.com
content-length: 64211
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
upload-time: 1727876186657
sec-ch-ua-mobile: ?0
client-version: 1DS-Web-JS-3.2.15
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
time-delta-to-apply-millis: use-collector-delta
content-type: application/x-json-stream
cache-control: no-cache, no-store
apikey: af7114704a204580909f08c904c5ac6f-6f6f4c13-294c-4a00-8e55-71180ed7d627-7044
client-id: NO_AUTH
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://clinicaputumayo1-my.sharepoint.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 154
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
set-cookie: MC1=GUID=2f7b339320754b9c97959827f159871d&HASH=2f7b&LV=202410&V=4&LU=1727876188954; Domain=.microsoft.com; Expires=Thu, 02 Oct 2025 13:36:28 GMT; Path=/;Secure; SameSite=None
set-cookie: MS0=2181a9e2a9ed45458a96a7a90ea10e08; Domain=.microsoft.com; Expires=Wed, 02 Oct 2024 14:06:28 GMT; Path=/;Secure; SameSite=None
time-delta-millis: 2312
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://clinicaputumayo1-my.sharepoint.com
access-control-expose-headers: time-delta-millis
date: Wed, 02 Oct 2024 13:36:29 GMT
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D2f7b339320754b9c97959827f159871d%26HASH%3D2f7b%26LV%3D202410%26V%3D4%26LU%3D1727876188954&w=0

chrome.exe

Remote address:

104.208.16.91:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D2f7b339320754b9c97959827f159871d%26HASH%3D2f7b%26LV%3D202410%26V%3D4%26LU%3D1727876188954&w=0 HTTP/2.0
host: mobile.events.data.microsoft.com
content-length: 2964
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
upload-time: 1727876207574
sec-ch-ua-mobile: ?0
client-version: 1DS-Web-JS-3.2.15
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
time-delta-to-apply-millis: 2312
content-type: application/x-json-stream
cache-control: no-cache, no-store
apikey: af7114704a204580909f08c904c5ac6f-6f6f4c13-294c-4a00-8e55-71180ed7d627-7044
client-id: NO_AUTH
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://clinicaputumayo1-my.sharepoint.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: MC1=GUID=2f7b339320754b9c97959827f159871d&HASH=2f7b&LV=202410&V=4&LU=1727876188954
cookie: MS0=2181a9e2a9ed45458a96a7a90ea10e08

Response

HTTP/2.0 200

content-length: 24
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 1349
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://clinicaputumayo1-my.sharepoint.com
access-control-expose-headers: time-delta-millis
date: Wed, 02 Oct 2024 13:36:48 GMT
POST

https://mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D2f7b339320754b9c97959827f159871d%26HASH%3D2f7b%26LV%3D202410%26V%3D4%26LU%3D1727876188954&w=0

chrome.exe

Remote address:

104.208.16.91:443

Request

POST /OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D2f7b339320754b9c97959827f159871d%26HASH%3D2f7b%26LV%3D202410%26V%3D4%26LU%3D1727876188954&w=0 HTTP/2.0
host: mobile.events.data.microsoft.com
content-length: 6193
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
upload-time: 1727876216537
sec-ch-ua-mobile: ?0
client-version: 1DS-Web-JS-3.2.15
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
time-delta-to-apply-millis: 2312
content-type: application/x-json-stream
cache-control: no-cache, no-store
apikey: af7114704a204580909f08c904c5ac6f-6f6f4c13-294c-4a00-8e55-71180ed7d627-7044
client-id: NO_AUTH
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://clinicaputumayo1-my.sharepoint.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: MC1=GUID=2f7b339320754b9c97959827f159871d&HASH=2f7b&LV=202410&V=4&LU=1727876188954
cookie: MS0=2181a9e2a9ed45458a96a7a90ea10e08

Response

HTTP/2.0 200

content-length: 24
content-type: application/json
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
time-delta-millis: 982
access-control-allow-headers: time-delta-millis
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-origin: https://clinicaputumayo1-my.sharepoint.com
access-control-expose-headers: time-delta-millis
date: Wed, 02 Oct 2024 13:36:57 GMT
DNS

91.16.208.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

91.16.208.104.in-addr.arpa

IN PTR

Response
DNS

241.150.49.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

241.150.49.20.in-addr.arpa

IN PTR

Response
DNS

res.cdn.office.net

chrome.exe

Remote address:

8.8.8.8:53

Request

res.cdn.office.net

IN A

Response

res.cdn.office.net

IN CNAME

res-prod.trafficmanager.net

res-prod.trafficmanager.net

IN CNAME

res-1-tls.cdn.office.net

res-1-tls.cdn.office.net

IN CNAME

owamail.public.cdn.office.net.edgekey.net

owamail.public.cdn.office.net.edgekey.net

IN CNAME

owamail.public.cdn.office.net.edgekey.net.globalredir.akadns.net

owamail.public.cdn.office.net.edgekey.net.globalredir.akadns.net

IN CNAME

e40491.dscg.akamaiedge.net

e40491.dscg.akamaiedge.net

IN A

2.22.249.150

e40491.dscg.akamaiedge.net

IN A

2.22.249.147

e40491.dscg.akamaiedge.net

IN A

2.22.249.143

e40491.dscg.akamaiedge.net

IN A

2.22.249.146

e40491.dscg.akamaiedge.net

IN A

2.22.249.145

e40491.dscg.akamaiedge.net

IN A

2.22.249.153

e40491.dscg.akamaiedge.net

IN A

2.22.249.148

e40491.dscg.akamaiedge.net

IN A

2.22.249.149

e40491.dscg.akamaiedge.net

IN A

2.22.249.151
GET

https://res.cdn.office.net/teams-js/2.0.0/js/MicrosoftTeams.min.js

chrome.exe

Remote address:

2.22.249.150:443

Request

GET /teams-js/2.0.0/js/MicrosoftTeams.min.js HTTP/2.0
host: res.cdn.office.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: */*
origin: https://clinicaputumayo1-my.sharepoint.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://clinicaputumayo1-my.sharepoint.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Wed, 18 May 2022 19:55:46 GMT
x-ms-request-id: db7508ad-601e-001a-22f8-9f9e48000000
content-encoding: gzip
content-length: 20979
cache-control: max-age=630720000
date: Wed, 02 Oct 2024 13:36:45 GMT
alt-svc: h3=":443"; ma=93600
vary: Accept-Encoding
akamai-request-bc: [a=92.122.211.115,b=902695518,c=g,n=GB_EN_LONDON,o=20940]
report-to: {"group":"NelM365CDNUpload1","max_age":604800,"endpoints":[{"url":"https://M365CDN.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.73d37a5c.1727876205.35ce0a5e&TotalRTCDNTime=41&CompressionType=gzip&FileSize=20979"}],"include_subdomains ":true}
nel: {"report_to":"NelM365CDNUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
server-timing: clientrtt; dur=41, clienttt; dur=, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
x-content-type-options: nosniff
timing-allow-origin: *
access-control-expose-headers: date,Akamai-Request-BC,X-Cdn-Provider,X-Ms-Request-Id
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-cdn-provider: Akamai
DNS

150.249.22.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

150.249.22.2.in-addr.arpa

IN PTR

Response

150.249.22.2.in-addr.arpa

IN PTR

a2-22-249-150deploystaticakamaitechnologiescom
DNS

183.59.114.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.59.114.20.in-addr.arpa

IN PTR

Response
DNS

206.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.23.85.13.in-addr.arpa

IN PTR

Response
DNS

98.117.19.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

98.117.19.2.in-addr.arpa

IN PTR

Response

98.117.19.2.in-addr.arpa

IN PTR

a2-19-117-98deploystaticakamaitechnologiescom
DNS

spo.nel.measure.office.net

chrome.exe

Remote address:

8.8.8.8:53

Request

spo.nel.measure.office.net

IN A

Response

spo.nel.measure.office.net

IN CNAME

nel.measure.office.net.edgesuite.net

nel.measure.office.net.edgesuite.net

IN CNAME

a1894.dscb.akamai.net

a1894.dscb.akamai.net

IN A

2.19.117.14

a1894.dscb.akamai.net

IN A

2.19.117.15
DNS

m365cdn.nel.measure.office.net

chrome.exe

Remote address:

8.8.8.8:53

Request

m365cdn.nel.measure.office.net

IN A

Response

m365cdn.nel.measure.office.net

IN CNAME

nel.measure.office.net.edgesuite.net

nel.measure.office.net.edgesuite.net

IN CNAME

a1894.dscb.akamai.net

a1894.dscb.akamai.net

IN A

2.19.117.15

a1894.dscb.akamai.net

IN A

2.19.117.14
OPTIONS

https://spo.nel.measure.office.net/api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0

chrome.exe

Remote address:

2.19.117.14:443

Request

OPTIONS /api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0 HTTP/2.0
host: spo.nel.measure.office.net
origin: https://clinicaputumayo1-my.sharepoint.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 7
date: Wed, 02 Oct 2024 13:37:25 GMT
access-control-allow-headers: content-type
access-control-allow-credentials: false
access-control-allow-methods: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
POST

https://spo.nel.measure.office.net/api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0

chrome.exe

Remote address:

2.19.117.14:443

Request

POST /api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0 HTTP/2.0
host: spo.nel.measure.office.net
content-length: 1588
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 429

content-length: 0
request-context: appId=cid-v1:43ccb73c-0dfb-456b-9d4c-ddf7f5584002
date: Wed, 02 Oct 2024 13:37:25 GMT
access-control-allow-credentials: false
access-control-allow-methods: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
OPTIONS

https://spo.nel.measure.office.net/api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0

chrome.exe

Remote address:

2.19.117.14:443

Request

OPTIONS /api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0 HTTP/2.0
host: spo.nel.measure.office.net
origin: https://clinicaputumayo1-my.sharepoint.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 7
date: Wed, 02 Oct 2024 13:38:25 GMT
access-control-allow-headers: content-type
access-control-allow-credentials: false
access-control-allow-methods: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
POST

https://spo.nel.measure.office.net/api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0

chrome.exe

Remote address:

2.19.117.14:443

Request

POST /api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0 HTTP/2.0
host: spo.nel.measure.office.net
content-length: 1590
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 429

content-length: 0
request-context: appId=cid-v1:43ccb73c-0dfb-456b-9d4c-ddf7f5584002
date: Wed, 02 Oct 2024 13:38:25 GMT
access-control-allow-credentials: false
access-control-allow-methods: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
OPTIONS

https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876206.4d2d76f5&TotalRTCDNTime=43&CompressionType=gzip&FileSize=242600

chrome.exe

Remote address:

2.19.117.15:443

Request

OPTIONS /api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876206.4d2d76f5&TotalRTCDNTime=43&CompressionType=gzip&FileSize=242600 HTTP/2.0
host: m365cdn.nel.measure.office.net
origin: https://res-1.cdn.office.net
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 7
date: Wed, 02 Oct 2024 13:37:25 GMT
access-control-allow-headers: content-type
access-control-allow-credentials: false
access-control-allow-methods: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
POST

https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876206.4d2d76f5&TotalRTCDNTime=43&CompressionType=gzip&FileSize=242600

chrome.exe

Remote address:

2.19.117.15:443

Request

POST /api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876206.4d2d76f5&TotalRTCDNTime=43&CompressionType=gzip&FileSize=242600 HTTP/2.0
host: m365cdn.nel.measure.office.net
content-length: 5344
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 429

content-length: 0
request-context: appId=cid-v1:43ccb73c-0dfb-456b-9d4c-ddf7f5584002
date: Wed, 02 Oct 2024 13:37:25 GMT
access-control-allow-credentials: false
access-control-allow-methods: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
OPTIONS

https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876206.4d2d76f5&TotalRTCDNTime=43&CompressionType=gzip&FileSize=242600

chrome.exe

Remote address:

2.19.117.15:443

Request

OPTIONS /api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876206.4d2d76f5&TotalRTCDNTime=43&CompressionType=gzip&FileSize=242600 HTTP/2.0
host: m365cdn.nel.measure.office.net
origin: https://res-1.cdn.office.net
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 7
date: Wed, 02 Oct 2024 13:38:25 GMT
access-control-allow-headers: content-type
access-control-allow-credentials: false
access-control-allow-methods: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
POST

https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876206.4d2d76f5&TotalRTCDNTime=43&CompressionType=gzip&FileSize=242600

chrome.exe

Remote address:

2.19.117.15:443

Request

POST /api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876206.4d2d76f5&TotalRTCDNTime=43&CompressionType=gzip&FileSize=242600 HTTP/2.0
host: m365cdn.nel.measure.office.net
content-length: 5355
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 429

content-length: 0
request-context: appId=cid-v1:c242839f-7b23-4fcd-8b70-f19e1d322576
date: Wed, 02 Oct 2024 13:38:25 GMT
access-control-allow-credentials: false
access-control-allow-methods: *
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: *
DNS

15.117.19.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.117.19.2.in-addr.arpa

IN PTR

Response

15.117.19.2.in-addr.arpa

IN PTR

a2-19-117-15deploystaticakamaitechnologiescom
DNS

14.117.19.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.117.19.2.in-addr.arpa

IN PTR

Response

14.117.19.2.in-addr.arpa

IN PTR

a2-19-117-14deploystaticakamaitechnologiescom
DNS

lens.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

lens.google.com

IN A

Response

lens.google.com

IN A

142.250.187.238
DNS

238.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

238.187.250.142.in-addr.arpa

IN PTR

Response

238.187.250.142.in-addr.arpa

IN PTR

lhr25s34-in-f141e100net
DNS

www.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

216.58.204.68
GET

https://www.google.com/url?q=https://ydray.com/get/t/u17278177381566agQn60fb5c6b1feapd&sa=D&source=editors&ust=1727821676226264&usg=AOvVaw0dXS8Xe0HCROUXJmurMQjp

chrome.exe

Remote address:

216.58.204.68:443

Request

GET /url?q=https://ydray.com/get/t/u17278177381566agQn60fb5c6b1feapd&sa=D&source=editors&ust=1727821676226264&usg=AOvVaw0dXS8Xe0HCROUXJmurMQjp HTTP/2.0
host: www.google.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-model: ""
sec-ch-ua-bitness: "64"
sec-ch-ua-wow64: ?0
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1494
x-content-type-options: nosniff
server: sffe
x-content-type-options: nosniff
date: Wed, 02 Oct 2024 13:25:46 GMT
expires: Thu, 10 Oct 2024 13:25:46 GMT
cache-control: public, max-age=691200
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
content-type: image/x-icon
vary: Accept-Encoding
age: 716
server: sffe
GET

https://www.google.com/favicon.ico

chrome.exe

Remote address:

216.58.204.68:443

Request

GET /favicon.ico HTTP/2.0
host: www.google.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "123.0.6312.123"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-prefers-color-scheme: light
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
x-client-data: CLX4ygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.google.com/url?q=https://ydray.com/get/t/u17278177381566agQn60fb5c6b1feapd&sa=D&source=editors&ust=1727821676226264&usg=AOvVaw0dXS8Xe0HCROUXJmurMQjp
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: __Secure-ENID=22.SE=lDe2y0PGi7V35BHrrDHdYO9iv2FWnNhabppEKtvWWphyepIOh7TEYF2QviXqxxkkXGLPpsInhTN9zKjik0hMHZF-zm2tU5dCFbCu5BUiG2Cb6Kzir61kaASC8r-9To2xIuPWVxE2qhHZKsqn2Un_xt4MjtD8DxByoizmM3-WxpM2uhKJnKxvGTLNC4kmqsmA0KQNjP0
DNS

68.204.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

68.204.58.216.in-addr.arpa

IN PTR

Response

68.204.58.216.in-addr.arpa

IN PTR

lhr48s49-in-f41e100net

68.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f68�G

68.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f4�G
DNS

ydray.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ydray.com

IN A

Response

ydray.com

IN A

51.91.48.189
GET

https://ydray.com/get/t/u17278177381566agQn60fb5c6b1feapd

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /get/t/u17278177381566agQn60fb5c6b1feapd HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: https://www.google.com/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:47 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:20:53 GMT
ETag: "42b-61d96364a77f2;61d9636be3115-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Frame-Options: sameorigin
Content-Length: 565
Keep-Alive: timeout=3, max=400
Connection: Keep-Alive
Content-Type: text/html
GET

https://ydray.com/static/js/main.c13d8b8e.js

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /static/js/main.c13d8b8e.js HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://ydray.com/get/t/u17278177381566agQn60fb5c6b1feapd
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:47 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:21:02 GMT
ETag: "c0f115-61d9636d2267b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Frame-Options: sameorigin
Keep-Alive: timeout=3, max=399
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
GET

https://ydray.com/static/media/FREE.058d687482229be96a55.svg

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /static/media/FREE.058d687482229be96a55.svg HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ydray.com/static/css/main.f94c34bb.css
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:48 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:21:02 GMT
ETag: "65b-61d9636d9e6dd"
Accept-Ranges: bytes
Content-Length: 1627
X-Frame-Options: sameorigin
Keep-Alive: timeout=3, max=398
Connection: Keep-Alive
Content-Type: image/svg+xml
GET

https://ydray.com/static/media/Mona-Sans-Regular.a47070a36b8d14d04d88.woff2

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /static/media/Mona-Sans-Regular.a47070a36b8d14d04d88.woff2 HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Origin: https://ydray.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://ydray.com/static/css/main.f94c34bb.css
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:21:03 GMT
ETag: "3d28-61d9636e7b221"
Accept-Ranges: bytes
Content-Length: 15656
X-Frame-Options: sameorigin
Keep-Alive: timeout=3, max=397
Connection: Keep-Alive
Content-Type: font/woff2
GET

https://ydray.com/assets/images/avatar1.svg

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /assets/images/avatar1.svg HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ydray.com/get/t/u17278177381566agQn60fb5c6b1feapd
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:20:54 GMT
ETag: "412c-61d96365610b5"
Accept-Ranges: bytes
Content-Length: 16684
X-Frame-Options: sameorigin
Keep-Alive: timeout=3, max=396
Connection: Keep-Alive
Content-Type: image/svg+xml
GET

https://ydray.com/assets/images/next_step.svg

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /assets/images/next_step.svg HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ydray.com/get/t/u17278177381566agQn60fb5c6b1feapd
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:20:55 GMT
ETag: "217-61d963665147a"
Accept-Ranges: bytes
Content-Length: 535
X-Frame-Options: sameorigin
Keep-Alive: timeout=3, max=395
Connection: Keep-Alive
Content-Type: image/svg+xml
GET

https://ydray.com/favicon.svg

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /favicon.svg HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ydray.com/get/t/u17278177381566agQn60fb5c6b1feapd
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9
Cookie: ydray=frnhj4v4q8d1iq84ir141nbe0f9814cs; st_ydy=yfrnhj4v4q8d1iq84ir141nbe0f9814cs.1381992944.aed58ee24c45dbe871fc03a78e9118d2; st_hmac=12b602f636036ca6f17c5287d968933675c2bd2049bc1acbfa4201d8f3a2914b; country=GB; st=13

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:50 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:20:53 GMT
ETag: "42a-61d9636489391"
Accept-Ranges: bytes
Content-Length: 1066
X-Frame-Options: sameorigin
Keep-Alive: timeout=3, max=394
Connection: Keep-Alive
Content-Type: image/svg+xml
GET

https://ydray.com/static/css/main.f94c34bb.css

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /static/css/main.f94c34bb.css HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://ydray.com/get/t/u17278177381566agQn60fb5c6b1feapd
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:47 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:21:01 GMT
ETag: "2d017-61d9636c4b8f7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Frame-Options: sameorigin
Content-Length: 22634
Keep-Alive: timeout=3, max=400
Connection: Keep-Alive
Content-Type: text/css
GET

https://ydray.com/static/media/PRO.1de39d5eba32f217695a.svg

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /static/media/PRO.1de39d5eba32f217695a.svg HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ydray.com/static/css/main.f94c34bb.css
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:48 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:21:04 GMT
ETag: "4e5-61d9636ed4fa3"
Accept-Ranges: bytes
Content-Length: 1253
X-Frame-Options: sameorigin
Keep-Alive: timeout=3, max=399
Connection: Keep-Alive
Content-Type: image/svg+xml
GET

https://ydray.com/static/media/icomoon.108997d1d45086a4fad0.ttf

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /static/media/icomoon.108997d1d45086a4fad0.ttf HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Origin: https://ydray.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://ydray.com/static/css/main.f94c34bb.css
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:21:02 GMT
ETag: "47b0-61d9636db9c5e"
Accept-Ranges: bytes
Content-Length: 18352
X-Frame-Options: sameorigin
Keep-Alive: timeout=3, max=398
Connection: Keep-Alive
Content-Type: font/ttf
GET

https://ydray.com/assets/images/avatar3.svg

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /assets/images/avatar3.svg HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ydray.com/get/t/u17278177381566agQn60fb5c6b1feapd
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:20:54 GMT
ETag: "27d3-61d96365804b6"
Accept-Ranges: bytes
Content-Length: 10195
X-Frame-Options: sameorigin
Keep-Alive: timeout=3, max=397
Connection: Keep-Alive
Content-Type: image/svg+xml
DNS

googleads.g.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

142.250.187.194
DNS

189.48.91.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

189.48.91.51.in-addr.arpa

IN PTR

Response

189.48.91.51.in-addr.arpa

IN PTR

ydraycom
DNS

34.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

34.200.250.142.in-addr.arpa

IN PTR

Response

34.200.250.142.in-addr.arpa

IN PTR

lhr48s30-in-f21e100net
DNS

194.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.187.250.142.in-addr.arpa

IN PTR

Response

194.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f21e100net
DNS

fundingchoicesmessages.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

fundingchoicesmessages.google.com

IN A

Response

fundingchoicesmessages.google.com

IN CNAME

www3.l.google.com

www3.l.google.com

IN A

172.217.16.238
DNS

fundingchoicesmessages.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

fundingchoicesmessages.google.com

IN A

Response

fundingchoicesmessages.google.com

IN CNAME

www3.l.google.com

www3.l.google.com

IN A

172.217.16.238
GET

https://fundingchoicesmessages.google.com/i/ca-pub-7075008344469842?href=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&ers=2

chrome.exe

Remote address:

172.217.16.238:443

Request

GET /i/ca-pub-7075008344469842?href=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&ers=2 HTTP/2.0
host: fundingchoicesmessages.google.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://fundingchoicesmessages.google.com/f/AGSKWxXThx8S7LGi8n-DkmwvIMPW5YX-2QtlicvxDbyrpEb9QlFkg7bg6r22NjCSVovHqtsorgg8IUHj9_sXL9kSdHnDmhw-trDEE-5xQtsN_foQznq8CjWBxRaSyeISBqJBRwVska1UsA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3ODc2MjY4LDg2MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3lkcmF5LmNvbS9nZXQvdC91MTcyNzgxNzczODE1NjZhZ1FuNjBmYjVjNmIxZmVhcGQiLG51bGwsW1s4LCItVTNTM2o1SWVfMCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

chrome.exe

Remote address:

172.217.16.238:443

Request

GET /f/AGSKWxXThx8S7LGi8n-DkmwvIMPW5YX-2QtlicvxDbyrpEb9QlFkg7bg6r22NjCSVovHqtsorgg8IUHj9_sXL9kSdHnDmhw-trDEE-5xQtsN_foQznq8CjWBxRaSyeISBqJBRwVska1UsA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3ODc2MjY4LDg2MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3lkcmF5LmNvbS9nZXQvdC91MTcyNzgxNzczODE1NjZhZ1FuNjBmYjVjNmIxZmVhcGQiLG51bGwsW1s4LCItVTNTM2o1SWVfMCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ HTTP/2.0
host: fundingchoicesmessages.google.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

www3.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

www3.doubleclick.net

IN A

Response

www3.doubleclick.net

IN A

216.58.201.110
DNS

www3.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

www3.doubleclick.net

IN A

Response

www3.doubleclick.net

IN A

216.58.201.110
DNS

api.ydray.com

chrome.exe

Remote address:

8.8.8.8:53

Request

api.ydray.com

IN A

Response

api.ydray.com

IN A

51.91.48.189
DNS

api.ydray.com

chrome.exe

Remote address:

8.8.8.8:53

Request

api.ydray.com

IN A

Response

api.ydray.com

IN A

51.91.48.189
GET

https://ydray.com/static/media/BUSINESS.5dce83fc7b5907ff2460.svg

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /static/media/BUSINESS.5dce83fc7b5907ff2460.svg HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ydray.com/static/css/main.f94c34bb.css
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:48 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:21:02 GMT
ETag: "bf6-61d9636d9e6dd"
Accept-Ranges: bytes
Content-Length: 3062
X-Frame-Options: sameorigin
Keep-Alive: timeout=3, max=400
Connection: Keep-Alive
Content-Type: image/svg+xml
GET

https://ydray.com/static/media/Mona-Sans-SemiBold.df2721eb898b6beb9b2d.woff2

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /static/media/Mona-Sans-SemiBold.df2721eb898b6beb9b2d.woff2 HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Origin: https://ydray.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://ydray.com/static/css/main.f94c34bb.css
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:21:03 GMT
ETag: "3df0-61d9636eb7ae3"
Accept-Ranges: bytes
Content-Length: 15856
X-Frame-Options: sameorigin
Keep-Alive: timeout=3, max=399
Connection: Keep-Alive
Content-Type: font/woff2
GET

https://ydray.com/assets/images/avatar4.svg

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /assets/images/avatar4.svg HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ydray.com/get/t/u17278177381566agQn60fb5c6b1feapd
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:20:54 GMT
ETag: "2d2f-61d96365804b6"
Accept-Ranges: bytes
Content-Length: 11567
X-Frame-Options: sameorigin
Keep-Alive: timeout=3, max=398
Connection: Keep-Alive
Content-Type: image/svg+xml
HEAD

https://www3.doubleclick.net/

chrome.exe

Remote address:

216.58.201.110:443

Request

HEAD / HTTP/2.0
host: www3.doubleclick.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://api.ydray.com/get/transfer/u17278177381566agQn60fb5c6b1feapd

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /get/transfer/u17278177381566agQn60fb5c6b1feapd HTTP/1.1
Host: api.ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Origin: https://ydray.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://ydray.com/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:48 GMT
Server: Apache
Access-Control-Allow-Origin: https://ydray.com
Access-Control-Allow-Credentials: true
Content-Length: 271
Keep-Alive: timeout=3, max=400
Connection: Keep-Alive
Content-Type: application/json
GET

https://api.ydray.com/slider/

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /slider/ HTTP/1.1
Host: api.ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ydray.com/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: https://ydray.com
Access-Control-Allow-Credentials: true
Content-Length: 794
Keep-Alive: timeout=3, max=399
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
GET

https://api.ydray.com/layerslider/css/layerslider.css

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /layerslider/css/layerslider.css HTTP/1.1
Host: api.ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://api.ydray.com/slider/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Wed, 29 Mar 2023 11:45:39 GMT
ETag: "68c2-5f80883d8bec0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: https://ydray.com
Access-Control-Allow-Credentials: true
Content-Length: 4826
Keep-Alive: timeout=3, max=398
Connection: Keep-Alive
Content-Type: text/css
GET

https://api.ydray.com/layerslider/js/layerslider.utils.js

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /layerslider/js/layerslider.utils.js HTTP/1.1
Host: api.ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://api.ydray.com/slider/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Wed, 29 Mar 2023 11:45:38 GMT
ETag: "1e049-5f80883c97c80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: https://ydray.com
Access-Control-Allow-Credentials: true
Content-Length: 41980
Keep-Alive: timeout=3, max=397
Connection: Keep-Alive
Content-Type: application/javascript
GET

https://api.ydray.com/images/2.jpg

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /images/2.jpg HTTP/1.1
Host: api.ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://api.ydray.com/slider/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9
Cookie: ydray=frnhj4v4q8d1iq84ir141nbe0f9814cs; st_ydy=yfrnhj4v4q8d1iq84ir141nbe0f9814cs.1381992944.aed58ee24c45dbe871fc03a78e9118d2; st_hmac=12b602f636036ca6f17c5287d968933675c2bd2049bc1acbfa4201d8f3a2914b; country=GB; st=13

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Wed, 29 Mar 2023 15:52:29 GMT
ETag: "5e260-5f80bf6976940"
Accept-Ranges: bytes
Content-Length: 385632
Access-Control-Allow-Origin: https://ydray.com
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=3, max=396
Connection: Keep-Alive
Content-Type: image/jpeg
GET

https://api.ydray.com/info/

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /info/ HTTP/1.1
Host: api.ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Origin: https://ydray.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://ydray.com/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:48 GMT
Server: Apache
Set-Cookie: ydray=frnhj4v4q8d1iq84ir141nbe0f9814cs; path=/; domain=.ydray.com; secure; HttpOnly; SameSite=Lax
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: st_ydy=yfrnhj4v4q8d1iq84ir141nbe0f9814cs.1381992944.aed58ee24c45dbe871fc03a78e9118d2; path=/; domain=.ydray.com; secure; HttpOnly
Set-Cookie: st_hmac=12b602f636036ca6f17c5287d968933675c2bd2049bc1acbfa4201d8f3a2914b; path=/; domain=.ydray.com; secure; HttpOnly
Set-Cookie: country=GB; path=/; domain=.ydray.com; secure; HttpOnly
Set-Cookie: st=13; path=/; domain=.ydray.com; secure; HttpOnly
Access-Control-Allow-Origin: https://ydray.com
Access-Control-Allow-Credentials: true
Content-Length: 84
Keep-Alive: timeout=3, max=400
Connection: Keep-Alive
Content-Type: application/json
GET

https://api.ydray.com/images/62.jpg

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /images/62.jpg HTTP/1.1
Host: api.ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://api.ydray.com/slider/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Wed, 29 Mar 2023 15:52:29 GMT
ETag: "5c77a-5f80bf6976940"
Accept-Ranges: bytes
Content-Length: 378746
Access-Control-Allow-Origin: https://ydray.com
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=3, max=399
Connection: Keep-Alive
Content-Type: image/jpeg
GET

https://ydray.com/assets/images/ydray-wordmark-black.svg

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /assets/images/ydray-wordmark-black.svg HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ydray.com/get/t/u17278177381566agQn60fb5c6b1feapd
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:20:57 GMT
ETag: "4e4-61d9636836a23"
Accept-Ranges: bytes
Content-Length: 1252
X-Frame-Options: sameorigin
Keep-Alive: timeout=3, max=400
Connection: Keep-Alive
Content-Type: image/svg+xml
GET

https://ydray.com/static/media/Mona-Sans-Medium.1d13d02c97c2fffe114f.woff2

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /static/media/Mona-Sans-Medium.1d13d02c97c2fffe114f.woff2 HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Origin: https://ydray.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://ydray.com/static/css/main.f94c34bb.css
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:21:03 GMT
ETag: "3d50-61d9636e291a0"
Accept-Ranges: bytes
Content-Length: 15696
X-Frame-Options: sameorigin
Keep-Alive: timeout=3, max=399
Connection: Keep-Alive
Content-Type: font/woff2
GET

https://ydray.com/assets/images/logo1.svg

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /assets/images/logo1.svg HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ydray.com/get/t/u17278177381566agQn60fb5c6b1feapd
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:48 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:20:54 GMT
ETag: "430-61d9636618a39"
Accept-Ranges: bytes
Content-Length: 1072
X-Frame-Options: sameorigin
Keep-Alive: timeout=3, max=400
Connection: Keep-Alive
Content-Type: image/svg+xml
GET

https://ydray.com/static/media/Mona-Sans-Bold.396862d9e0d26c04cdc9.woff2

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /static/media/Mona-Sans-Bold.396862d9e0d26c04cdc9.woff2 HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Origin: https://ydray.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://ydray.com/static/css/main.f94c34bb.css
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:21:03 GMT
ETag: "3d78-61d9636e0dc1f"
Accept-Ranges: bytes
Content-Length: 15736
X-Frame-Options: sameorigin
Keep-Alive: timeout=3, max=399
Connection: Keep-Alive
Content-Type: font/woff2
GET

https://ydray.com/assets/images/folder-file-graphic.svg

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /assets/images/folder-file-graphic.svg HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ydray.com/get/t/u17278177381566agQn60fb5c6b1feapd
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:20:54 GMT
ETag: "63c3-61d96365c0bf7"
Accept-Ranges: bytes
Content-Length: 25539
X-Frame-Options: sameorigin
Keep-Alive: timeout=3, max=400
Connection: Keep-Alive
Content-Type: image/svg+xml
GET

https://ydray.com/assets/images/avatar2.svg

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /assets/images/avatar2.svg HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ydray.com/get/t/u17278177381566agQn60fb5c6b1feapd
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:20:54 GMT
ETag: "209b-61d96365610b5"
Accept-Ranges: bytes
Content-Length: 8347
X-Frame-Options: sameorigin
Keep-Alive: timeout=3, max=399
Connection: Keep-Alive
Content-Type: image/svg+xml
GET

https://api.ydray.com/layerslider/js/jquery.js

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /layerslider/js/jquery.js HTTP/1.1
Host: api.ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://api.ydray.com/slider/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Wed, 29 Mar 2023 11:45:38 GMT
ETag: "17b8b-5f80883c97c80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: https://ydray.com
Access-Control-Allow-Credentials: true
Content-Length: 33759
Keep-Alive: timeout=3, max=400
Connection: Keep-Alive
Content-Type: application/javascript
GET

https://api.ydray.com/user/

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /user/ HTTP/1.1
Host: api.ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Origin: https://ydray.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://ydray.com/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9
Cookie: ydray=frnhj4v4q8d1iq84ir141nbe0f9814cs; st_ydy=yfrnhj4v4q8d1iq84ir141nbe0f9814cs.1381992944.aed58ee24c45dbe871fc03a78e9118d2; st_hmac=12b602f636036ca6f17c5287d968933675c2bd2049bc1acbfa4201d8f3a2914b; country=GB; st=13

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: https://ydray.com
Access-Control-Allow-Credentials: true
Content-Length: 59
Keep-Alive: timeout=3, max=399
Connection: Keep-Alive
Content-Type: application/json
DNS

marketingplatform.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

marketingplatform.google.com

IN A

Response

marketingplatform.google.com

IN A

142.250.187.206
DNS

marketingplatform.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

marketingplatform.google.com

IN A

Response

marketingplatform.google.com

IN A

142.250.187.206
HEAD

https://marketingplatform.google.com/about/enterprise/

chrome.exe

Remote address:

142.250.187.206:443

Request

HEAD /about/enterprise/ HTTP/2.0
host: marketingplatform.google.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://api.ydray.com/layerslider/js/layerslider.transitions.js

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /layerslider/js/layerslider.transitions.js HTTP/1.1
Host: api.ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://api.ydray.com/slider/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Wed, 29 Mar 2023 11:45:38 GMT
ETag: "db35-5f80883c97c80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: https://ydray.com
Access-Control-Allow-Credentials: true
Content-Length: 3695
Keep-Alive: timeout=3, max=400
Connection: Keep-Alive
Content-Type: application/javascript
GET

https://api.ydray.com/layerslider/skins/noskin/skin.css

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /layerslider/skins/noskin/skin.css HTTP/1.1
Host: api.ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://api.ydray.com/slider/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9
Cookie: ydray=frnhj4v4q8d1iq84ir141nbe0f9814cs; st_ydy=yfrnhj4v4q8d1iq84ir141nbe0f9814cs.1381992944.aed58ee24c45dbe871fc03a78e9118d2; st_hmac=12b602f636036ca6f17c5287d968933675c2bd2049bc1acbfa4201d8f3a2914b; country=GB; st=13

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Wed, 29 Mar 2023 11:45:32 GMT
ETag: "554-5f808836def00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: https://ydray.com
Access-Control-Allow-Credentials: true
Content-Length: 433
Keep-Alive: timeout=3, max=399
Connection: Keep-Alive
Content-Type: text/css
GET

https://api.ydray.com/layerslider/js/layerslider.kreaturamedia.jquery.js

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /layerslider/js/layerslider.kreaturamedia.jquery.js HTTP/1.1
Host: api.ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://api.ydray.com/slider/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Wed, 29 Mar 2023 11:45:38 GMT
ETag: "3ddcf-5f80883c97c80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: https://ydray.com
Access-Control-Allow-Credentials: true
Content-Length: 59282
Keep-Alive: timeout=3, max=400
Connection: Keep-Alive
Content-Type: application/javascript
GET

https://api.ydray.com/images/55.jpg

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /images/55.jpg HTTP/1.1
Host: api.ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://api.ydray.com/slider/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9
Cookie: ydray=frnhj4v4q8d1iq84ir141nbe0f9814cs; st_ydy=yfrnhj4v4q8d1iq84ir141nbe0f9814cs.1381992944.aed58ee24c45dbe871fc03a78e9118d2; st_hmac=12b602f636036ca6f17c5287d968933675c2bd2049bc1acbfa4201d8f3a2914b; country=GB; st=13

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Wed, 29 Mar 2023 15:52:29 GMT
ETag: "3d3c4-5f80bf6976940"
Accept-Ranges: bytes
Content-Length: 250820
Access-Control-Allow-Origin: https://ydray.com
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=3, max=399
Connection: Keep-Alive
Content-Type: image/jpeg
GET

https://api.ydray.com/images/42.jpg

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /images/42.jpg HTTP/1.1
Host: api.ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://api.ydray.com/slider/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Wed, 29 Mar 2023 15:52:29 GMT
ETag: "5fa18-5f80bf6976940"
Accept-Ranges: bytes
Content-Length: 391704
Access-Control-Allow-Origin: https://ydray.com
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=3, max=400
Connection: Keep-Alive
Content-Type: image/jpeg
GET

https://api.ydray.com/images/28.jpg

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /images/28.jpg HTTP/1.1
Host: api.ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://api.ydray.com/slider/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9
Cookie: ydray=frnhj4v4q8d1iq84ir141nbe0f9814cs; st_ydy=yfrnhj4v4q8d1iq84ir141nbe0f9814cs.1381992944.aed58ee24c45dbe871fc03a78e9118d2; st_hmac=12b602f636036ca6f17c5287d968933675c2bd2049bc1acbfa4201d8f3a2914b; country=GB; st=13

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:49 GMT
Server: Apache
Last-Modified: Wed, 29 Mar 2023 15:52:29 GMT
ETag: "33768-5f80bf6976940"
Accept-Ranges: bytes
Content-Length: 210792
Access-Control-Allow-Origin: https://ydray.com
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=3, max=399
Connection: Keep-Alive
Content-Type: image/jpeg
DNS

lh3.googleusercontent.com

chrome.exe

Remote address:

8.8.8.8:53

Request

lh3.googleusercontent.com

IN A

Response

lh3.googleusercontent.com

IN CNAME

googlehosted.l.googleusercontent.com

googlehosted.l.googleusercontent.com

IN A

142.250.200.33
DNS

238.16.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

238.16.217.172.in-addr.arpa

IN PTR

Response

238.16.217.172.in-addr.arpa

IN PTR

lhr48s28-in-f141e100net

238.16.217.172.in-addr.arpa

IN PTR

mad08s04-in-f14�I
DNS

238.16.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

238.16.217.172.in-addr.arpa

IN PTR

Response

238.16.217.172.in-addr.arpa

IN PTR

mad08s04-in-f141e100net

238.16.217.172.in-addr.arpa

IN PTR

lhr48s28-in-f14�I
DNS

110.201.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

110.201.58.216.in-addr.arpa

IN PTR

Response

110.201.58.216.in-addr.arpa

IN PTR

lhr48s48-in-f141e100net

110.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f110�I

110.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f14�I
DNS

206.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.187.250.142.in-addr.arpa

IN PTR

Response

206.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f141e100net
DNS

206.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.187.250.142.in-addr.arpa

IN PTR

Response

206.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f141e100net
GET

https://lh3.googleusercontent.com/haxuPeTmiozQczayCJj0ZX1XST1fZthZJXOL8wMhrwUeCuNeFaVM7LXpqh0yam5plRBQrueNIRaKdvlNrUQ0w5iC1oldAC4uD1RtljPIx_5N0U5leSPs=h60

chrome.exe

Remote address:

142.250.200.33:443

Request

GET /haxuPeTmiozQczayCJj0ZX1XST1fZthZJXOL8wMhrwUeCuNeFaVM7LXpqh0yam5plRBQrueNIRaKdvlNrUQ0w5iC1oldAC4uD1RtljPIx_5N0U5leSPs=h60 HTTP/2.0
host: lh3.googleusercontent.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

st13.ydray.com

chrome.exe

Remote address:

8.8.8.8:53

Request

st13.ydray.com

IN A

Response

st13.ydray.com

IN A

162.19.57.119
DNS

st13.ydray.com

chrome.exe

Remote address:

8.8.8.8:53

Request

st13.ydray.com

IN A

Response

st13.ydray.com

IN A

162.19.57.119
GET

https://st13.ydray.com/fileupload/

chrome.exe

Remote address:

162.19.57.119:443

Request

GET /fileupload/ HTTP/1.1
Host: st13.ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Origin: https://ydray.com
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://ydray.com/
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9
Cookie: ydray=frnhj4v4q8d1iq84ir141nbe0f9814cs; st_ydy=yfrnhj4v4q8d1iq84ir141nbe0f9814cs.1381992944.aed58ee24c45dbe871fc03a78e9118d2; st_hmac=12b602f636036ca6f17c5287d968933675c2bd2049bc1acbfa4201d8f3a2914b; country=GB; st=13

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:50 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Content-Disposition: inline; filename="files.json"
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: https://ydray.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: OPTIONS, HEAD, GET, POST, PUT, DELETE, PATCH
Access-Control-Allow-Headers: Content-Type, Content-Range, Content-Disposition, Content-Description
Vary: Accept
Content-Length: 12
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/plain;charset=UTF-8
DNS

202.212.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.212.58.216.in-addr.arpa

IN PTR

Response

202.212.58.216.in-addr.arpa

IN PTR

lhr25s27-in-f101e100net

202.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f202�I

202.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f10�I
DNS

202.212.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.212.58.216.in-addr.arpa

IN PTR

Response

202.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f2021e100net

202.212.58.216.in-addr.arpa

IN PTR

lhr25s27-in-f10�J

202.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f10�J
DNS

33.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

33.200.250.142.in-addr.arpa

IN PTR

Response

33.200.250.142.in-addr.arpa

IN PTR

lhr48s30-in-f11e100net
DNS

33.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

33.200.250.142.in-addr.arpa

IN PTR

Response

33.200.250.142.in-addr.arpa

IN PTR

lhr48s30-in-f11e100net
DNS

119.57.19.162.in-addr.arpa

Remote address:

8.8.8.8:53

Request

119.57.19.162.in-addr.arpa

IN PTR

Response

119.57.19.162.in-addr.arpa

IN PTR

ns31583664ip-162-19-57eu
DNS

119.57.19.162.in-addr.arpa

Remote address:

8.8.8.8:53

Request

119.57.19.162.in-addr.arpa

IN PTR

Response

119.57.19.162.in-addr.arpa

IN PTR

ns31583664ip-162-19-57eu
GET

https://ydray.com/manifest.json

chrome.exe

Remote address:

51.91.48.189:443

Request

GET /manifest.json HTTP/1.1
Host: ydray.com
Connection: keep-alive
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: manifest
Referer: https://ydray.com/get/t/u17278177381566agQn60fb5c6b1feapd
Accept-Encoding: gzip, deflate, br, zstd
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Date: Wed, 02 Oct 2024 13:37:50 GMT
Server: Apache
Last-Modified: Fri, 19 Jul 2024 09:20:53 GMT
ETag: "148-61d96364ba0d2"
Accept-Ranges: bytes
Content-Length: 328
X-Frame-Options: sameorigin
Keep-Alive: timeout=3, max=400
Connection: Keep-Alive
Content-Type: application/json
DNS

14.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.227.111.52.in-addr.arpa

IN PTR

Response
DNS

14.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.227.111.52.in-addr.arpa

IN PTR

Response
GET

https://googleads.g.doubleclick.net/pagead/html/r20240930/r20190131/zrt_lookup_fy2021.html

chrome.exe

Remote address:

142.250.187.194:443

Request

GET /pagead/html/r20240930/r20190131/zrt_lookup_fy2021.html HTTP/2.0
host: googleads.g.doubleclick.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: iframe
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CQF3YIAQF3YIAEsACBENBJFoAP_gAEPgAAiQINJB7C7FbSFCwH5zaLsAMAhHRsAAQoQAAASBAmABQAKQIAQCgkAQFASgBAACAAAAICZBIQIECAAACUAAQAAAAAAEAAAAAAAIIAAAgAEAAAAIAAACAIAAEAAIAAAAEAAAmAgAAIIACAAAhAAAAAAAAAAAAAAAAgCAAAAAAAAAAAAAAAAAAQOhSD2F2K2kKFkPCmwXYAYBCujYAAhQgAAAkCBMACgAUgQAgFJIAgCIFAAAAAAAAAQEiCQAAQABAAEIACgAAAAAAIAAAAAAAQQAABAAIAAAAAAAAEAQAAIAAQAAAAIAABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAA&addtl_consent=2~70.89.93.108.122.149.196.236.259.311.313.323.358.415.449.486.494.495.540.574.609.827.864.981.1029.1048.1051.1095.1097.1126.1205.1276.1301.1365.1415.1449.1514.1570.1577.1598.1651.1716.1735.1753.1765.1870.1878.1889.1958.2072.2253.2299.2373.2415.2506.2526.2568.2571.2575.2624.2677~dv.&client=ca-pub-7075008344469842&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1721380853&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aipecl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTIzLjAuNjMxMi4xMjMiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuMTIzIl0sWyJOb3Q6QS1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTIzLjAuNjMxMi4xMjMiXV0sMF0.&dt=1727876267186&bpp=2&bdt=312&idt=354&shv=r20240930&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7590751832260&frm=20&pv=2&u_tz=0&u_his=2&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1280&bih=593&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343852%2C31087429%2C31087432%2C31087659%2C42531705%2C44795922%2C95341936%2C95342016%2C95343328%2C31087683%2C95339678%2C31061690&oid=2&pvsid=1248799672057360&tmod=393857985&uas=3&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C593&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=33672

chrome.exe

Remote address:

142.250.187.194:443

Request

GET /pagead/ads?gdpr=1&gdpr_consent=CQF3YIAQF3YIAEsACBENBJFoAP_gAEPgAAiQINJB7C7FbSFCwH5zaLsAMAhHRsAAQoQAAASBAmABQAKQIAQCgkAQFASgBAACAAAAICZBIQIECAAACUAAQAAAAAAEAAAAAAAIIAAAgAEAAAAIAAACAIAAEAAIAAAAEAAAmAgAAIIACAAAhAAAAAAAAAAAAAAAAgCAAAAAAAAAAAAAAAAAAQOhSD2F2K2kKFkPCmwXYAYBCujYAAhQgAAAkCBMACgAUgQAgFJIAgCIFAAAAAAAAAQEiCQAAQABAAEIACgAAAAAAIAAAAAAAQQAABAAIAAAAAAAAEAQAAIAAQAAAAIAABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAA&addtl_consent=2~70.89.93.108.122.149.196.236.259.311.313.323.358.415.449.486.494.495.540.574.609.827.864.981.1029.1048.1051.1095.1097.1126.1205.1276.1301.1365.1415.1449.1514.1570.1577.1598.1651.1716.1735.1753.1765.1870.1878.1889.1958.2072.2253.2299.2373.2415.2506.2526.2568.2571.2575.2624.2677~dv.&client=ca-pub-7075008344469842&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1721380853&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aipecl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTIzLjAuNjMxMi4xMjMiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuMTIzIl0sWyJOb3Q6QS1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTIzLjAuNjMxMi4xMjMiXV0sMF0.&dt=1727876267186&bpp=2&bdt=312&idt=354&shv=r20240930&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7590751832260&frm=20&pv=2&u_tz=0&u_his=2&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1280&bih=593&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343852%2C31087429%2C31087432%2C31087659%2C42531705%2C44795922%2C95341936%2C95342016%2C95343328%2C31087683%2C95339678%2C31061690&oid=2&pvsid=1248799672057360&tmod=393857985&uas=3&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C593&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=33672 HTTP/2.0
host: googleads.g.doubleclick.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: iframe
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CQF3YIAQF3YIAEsACBENBJFoAP_gAEPgAAiQINJB7C7FbSFCwH5zaLsAMAhHRsAAQoQAAASBAmABQAKQIAQCgkAQFASgBAACAAAAICZBIQIECAAACUAAQAAAAAAEAAAAAAAIIAAAgAEAAAAIAAACAIAAEAAIAAAAEAAAmAgAAIIACAAAhAAAAAAAAAAAAAAAAgCAAAAAAAAAAAAAAAAAAQOhSD2F2K2kKFkPCmwXYAYBCujYAAhQgAAAkCBMACgAUgQAgFJIAgCIFAAAAAAAAAQEiCQAAQABAAEIACgAAAAAAIAAAAAAAQQAABAAIAAAAAAAAEAQAAIAAQAAAAIAABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAA&addtl_consent=2~70.89.93.108.122.149.196.236.259.311.313.323.358.415.449.486.494.495.540.574.609.827.864.981.1029.1048.1051.1095.1097.1126.1205.1276.1301.1365.1415.1449.1514.1570.1577.1598.1651.1716.1735.1753.1765.1870.1878.1889.1958.2072.2253.2299.2373.2415.2506.2526.2568.2571.2575.2624.2677~dv.&client=ca-pub-7075008344469842&output=html&h=80&slotname=6459658371&adk=2606696175&adf=2176751540&pi=t.ma~as.6459658371&w=280&abgtt=6&lmt=1721380853&format=280x80&url=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTIzLjAuNjMxMi4xMjMiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuMTIzIl0sWyJOb3Q6QS1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTIzLjAuNjMxMi4xMjMiXV0sMF0.&dt=1727876304668&bpp=4&bdt=37794&idt=4&shv=r20240930&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7590751832260&frm=20&pv=1&u_tz=0&u_his=2&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=48&ady=259&biw=1280&bih=593&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343852%2C31087429%2C31087432%2C31087659%2C42531705%2C44795922%2C95341936%2C95342016%2C95343328%2C31087683%2C95339678%2C31061690&oid=2&pvsid=1248799672057360&tmod=393857985&uas=3&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C593&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=53

chrome.exe

Remote address:

142.250.187.194:443

Request

GET /pagead/ads?gdpr=1&gdpr_consent=CQF3YIAQF3YIAEsACBENBJFoAP_gAEPgAAiQINJB7C7FbSFCwH5zaLsAMAhHRsAAQoQAAASBAmABQAKQIAQCgkAQFASgBAACAAAAICZBIQIECAAACUAAQAAAAAAEAAAAAAAIIAAAgAEAAAAIAAACAIAAEAAIAAAAEAAAmAgAAIIACAAAhAAAAAAAAAAAAAAAAgCAAAAAAAAAAAAAAAAAAQOhSD2F2K2kKFkPCmwXYAYBCujYAAhQgAAAkCBMACgAUgQAgFJIAgCIFAAAAAAAAAQEiCQAAQABAAEIACgAAAAAAIAAAAAAAQQAABAAIAAAAAAAAEAQAAIAAQAAAAIAABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAA&addtl_consent=2~70.89.93.108.122.149.196.236.259.311.313.323.358.415.449.486.494.495.540.574.609.827.864.981.1029.1048.1051.1095.1097.1126.1205.1276.1301.1365.1415.1449.1514.1570.1577.1598.1651.1716.1735.1753.1765.1870.1878.1889.1958.2072.2253.2299.2373.2415.2506.2526.2568.2571.2575.2624.2677~dv.&client=ca-pub-7075008344469842&output=html&h=80&slotname=6459658371&adk=2606696175&adf=2176751540&pi=t.ma~as.6459658371&w=280&abgtt=6&lmt=1721380853&format=280x80&url=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTIzLjAuNjMxMi4xMjMiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuMTIzIl0sWyJOb3Q6QS1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTIzLjAuNjMxMi4xMjMiXV0sMF0.&dt=1727876304668&bpp=4&bdt=37794&idt=4&shv=r20240930&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7590751832260&frm=20&pv=1&u_tz=0&u_his=2&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=48&ady=259&biw=1280&bih=593&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343852%2C31087429%2C31087432%2C31087659%2C42531705%2C44795922%2C95341936%2C95342016%2C95343328%2C31087683%2C95339678%2C31061690&oid=2&pvsid=1248799672057360&tmod=393857985&uas=3&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C593&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=53 HTTP/2.0
host: googleads.g.doubleclick.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: iframe
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: test_cookie=CheckForPermission
DNS

tpc.googlesyndication.com

chrome.exe

Remote address:

8.8.8.8:53

Request

tpc.googlesyndication.com

IN A

Response

tpc.googlesyndication.com

IN A

216.58.201.97
DNS

tpc.googlesyndication.com

chrome.exe

Remote address:

8.8.8.8:53

Request

tpc.googlesyndication.com

IN A

Response

tpc.googlesyndication.com

IN A

216.58.201.97
GET

https://tpc.googlesyndication.com/sodar/sodar2.js

chrome.exe

Remote address:

216.58.201.97:443

Request

GET /sodar/sodar2.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

97.201.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.201.58.216.in-addr.arpa

IN PTR

Response

97.201.58.216.in-addr.arpa

IN PTR

lhr48s48-in-f11e100net

97.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f1�G

97.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f97�G
DNS

97.201.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

97.201.58.216.in-addr.arpa

IN PTR

Response

97.201.58.216.in-addr.arpa

IN PTR

lhr48s48-in-f11e100net

97.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f1�G

97.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f97�G
GET

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

chrome.exe

Remote address:

216.58.201.97:443

Request

GET /sodar/sodar2/232/runner.html HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: iframe
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/pagead/js/r20240930/r20110914/client/load_preloaded_resource_fy2021.js

chrome.exe

Remote address:

216.58.201.97:443

Request

GET /pagead/js/r20240930/r20110914/client/load_preloaded_resource_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/pagead/js/r20240930/r20110914/abg_lite_fy2021.js

chrome.exe

Remote address:

216.58.201.97:443

Request

GET /pagead/js/r20240930/r20110914/abg_lite_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/pagead/js/r20240930/r20110914/client/qs_click_protection_fy2021.js

chrome.exe

Remote address:

216.58.201.97:443

Request

GET /pagead/js/r20240930/r20110914/client/qs_click_protection_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/pagead/js/r20240930/r20110914/client/window_focus_fy2021.js

chrome.exe

Remote address:

216.58.201.97:443

Request

GET /pagead/js/r20240930/r20110914/client/window_focus_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://www.google.com/recaptcha/api2/aframe

chrome.exe

Remote address:

216.58.204.68:443

Request

GET /recaptcha/api2/aframe HTTP/2.0
host: www.google.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: iframe
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6UjtDCyLV7igJRGBwhCOht-QCkkBD4F_D_Y8c7QalCQvAlkGP-fEmisZ2g1LhzB9oCJIh53gswx5DAm1X9tXp6XxfYw

chrome.exe

Remote address:

216.58.204.68:443

Request

GET /ads/measurement/l?ebcid=ALh7CaS6UjtDCyLV7igJRGBwhCOht-QCkkBD4F_D_Y8c7QalCQvAlkGP-fEmisZ2g1LhzB9oCJIh53gswx5DAm1X9tXp6XxfYw HTTP/2.0
host: www.google.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://www.google.com/pagead/drt/ui

chrome.exe

Remote address:

216.58.204.68:443

Request

GET /pagead/drt/ui HTTP/2.0
host: www.google.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

spo.nel.measure.office.net

chrome.exe

Remote address:

8.8.8.8:53

Request

spo.nel.measure.office.net

IN A

Response

spo.nel.measure.office.net

IN CNAME

nel.measure.office.net.edgesuite.net

nel.measure.office.net.edgesuite.net

IN CNAME

a1894.dscb.akamai.net

a1894.dscb.akamai.net

IN A

2.19.117.14

a1894.dscb.akamai.net

IN A

2.19.117.15
DNS

spo.nel.measure.office.net

chrome.exe

Remote address:

8.8.8.8:53

Request

spo.nel.measure.office.net

IN A

Response

spo.nel.measure.office.net

IN CNAME

nel.measure.office.net.edgesuite.net

nel.measure.office.net.edgesuite.net

IN CNAME

a1894.dscb.akamai.net

a1894.dscb.akamai.net

IN A

2.19.117.15

a1894.dscb.akamai.net

IN A

2.19.117.14
DNS

m365cdn.nel.measure.office.net

chrome.exe

Remote address:

8.8.8.8:53

Request

m365cdn.nel.measure.office.net

IN A

Response

m365cdn.nel.measure.office.net

IN CNAME

nel.measure.office.net.edgesuite.net

nel.measure.office.net.edgesuite.net

IN CNAME

a1894.dscb.akamai.net

a1894.dscb.akamai.net

IN A

2.19.117.15

a1894.dscb.akamai.net

IN A

2.19.117.14
DNS

m365cdn.nel.measure.office.net

chrome.exe

Remote address:

8.8.8.8:53

Request

m365cdn.nel.measure.office.net

IN A

Response

m365cdn.nel.measure.office.net

IN CNAME

nel.measure.office.net.edgesuite.net

nel.measure.office.net.edgesuite.net

IN CNAME

a1894.dscb.akamai.net

a1894.dscb.akamai.net

IN A

2.19.117.14

a1894.dscb.akamai.net

IN A

2.19.117.15
DNS

200.212.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.212.58.216.in-addr.arpa

IN PTR

Response

200.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f2001e100net

200.212.58.216.in-addr.arpa

IN PTR

lhr25s27-in-f8�J

200.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f8�J
DNS

200.212.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.212.58.216.in-addr.arpa

IN PTR

Response

200.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f81e100net

200.212.58.216.in-addr.arpa

IN PTR

ams16s21-in-f200�H

200.212.58.216.in-addr.arpa

IN PTR

lhr25s27-in-f8�H
GET

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/924997581/?random=1727876307375&cv=11&fst=1727876307375&bg=ffffff&guid=ON&async=1&gtm=45je4a10v899614608za200zb9123520070&gcd=13l3l3l3l1l1&dma=0&tcfd=10000&tag_exp=101671035~101747727&u_w=1280&u_h=720&url=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&npa=0&pscdl=noapi&auid=1757944890.1727876307&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

chrome.exe

Remote address:

142.250.187.194:443

Request

GET /pagead/viewthroughconversion/924997581/?random=1727876307375&cv=11&fst=1727876307375&bg=ffffff&guid=ON&async=1&gtm=45je4a10v899614608za200zb9123520070&gcd=13l3l3l3l1l1&dma=0&tcfd=10000&tag_exp=101671035~101747727&u_w=1280&u_h=720&url=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&npa=0&pscdl=noapi&auid=1757944890.1727876307&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/2.0
host: googleads.g.doubleclick.net
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUk-6nYBHz7xYY2ciuL43bPUiVw_YlQB7ZQBibIg_ZZbqRckiVvbXMKCrmHYTCw
DNS

region1.analytics.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

region1.analytics.google.com

IN A

Response

region1.analytics.google.com

IN A

216.239.32.36

region1.analytics.google.com

IN A

216.239.34.36
DNS

region1.analytics.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

region1.analytics.google.com

IN A

Response

region1.analytics.google.com

IN A

216.239.32.36

region1.analytics.google.com

IN A

216.239.34.36
DNS

stats.g.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

stats.g.doubleclick.net

IN A

Response

stats.g.doubleclick.net

IN A

108.177.15.157

stats.g.doubleclick.net

IN A

108.177.15.155

stats.g.doubleclick.net

IN A

108.177.15.156

stats.g.doubleclick.net

IN A

108.177.15.154
DNS

www.google.co.uk

chrome.exe

Remote address:

8.8.8.8:53

Request

www.google.co.uk

IN A

Response

www.google.co.uk

IN A

172.217.16.227
DNS

www.google.co.uk

chrome.exe

Remote address:

8.8.8.8:53

Request

www.google.co.uk

IN A

Response

www.google.co.uk

IN A

216.58.212.227
POST

https://stats.g.doubleclick.net/g/collect?v=2&tid=G-J8HJDE2R7C&cid=1153493590.1727876307&gtm=45je4a10v899614608za200zb9123520070&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101747727

chrome.exe

Remote address:

108.177.15.157:443

Request

POST /g/collect?v=2&tid=G-J8HJDE2R7C&cid=1153493590.1727876307&gtm=45je4a10v899614608za200zb9123520070&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101747727 HTTP/2.0
host: stats.g.doubleclick.net
content-length: 0
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://ydray.com
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUk-6nYBHz7xYY2ciuL43bPUiVw_YlQB7ZQBibIg_ZZbqRckiVvbXMKCrmHYTCw
DNS

227.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

227.179.250.142.in-addr.arpa

IN PTR

Response

227.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f31e100net
DNS

227.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

227.179.250.142.in-addr.arpa

IN PTR

Response

227.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f31e100net
DNS

98.201.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

98.201.58.216.in-addr.arpa

IN PTR

Response

98.201.58.216.in-addr.arpa

IN PTR

lhr48s48-in-f21e100net

98.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f2�G

98.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f98�G
DNS

98.201.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

98.201.58.216.in-addr.arpa

IN PTR

Response

98.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f21e100net

98.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f98�G

98.201.58.216.in-addr.arpa

IN PTR

lhr48s48-in-f2�G
POST

https://region1.analytics.google.com/g/collect?v=2&tid=G-J8HJDE2R7C&gtm=45je4a10v899614608za200zb9123520070&_p=1727876304657&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=1153493590.1727876307&ul=en-us&sr=1280x720&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1727876307&sct=1&seg=0&dl=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&dr=https%3A%2F%2Fwww.google.com%2F&dt=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&en=scroll&epn.percent_scrolled=90&_et=20&tfd=40824

chrome.exe

Remote address:

216.239.32.36:443

Request

POST /g/collect?v=2&tid=G-J8HJDE2R7C&gtm=45je4a10v899614608za200zb9123520070&_p=1727876304657&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=1153493590.1727876307&ul=en-us&sr=1280x720&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1727876307&sct=1&seg=0&dl=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&dr=https%3A%2F%2Fwww.google.com%2F&dt=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&en=scroll&epn.percent_scrolled=90&_et=20&tfd=40824 HTTP/2.0
host: region1.analytics.google.com
content-length: 0
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://ydray.com
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
POST

https://region1.analytics.google.com/g/collect?v=2&tid=G-J8HJDE2R7C&gtm=45je4a10v899614608za200zb9123520070&_p=1727876304657&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=1153493590.1727876307&ul=en-us&sr=1280x720&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=Ag&_s=1&sid=1727876307&sct=1&seg=0&dl=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&dr=https%3A%2F%2Fwww.google.com%2F&dt=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=40649

chrome.exe

Remote address:

216.239.32.36:443

Request

POST /g/collect?v=2&tid=G-J8HJDE2R7C&gtm=45je4a10v899614608za200zb9123520070&_p=1727876304657&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=1153493590.1727876307&ul=en-us&sr=1280x720&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=Ag&_s=1&sid=1727876307&sct=1&seg=0&dl=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&dr=https%3A%2F%2Fwww.google.com%2F&dt=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=40649 HTTP/2.0
host: region1.analytics.google.com
content-length: 0
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://ydray.com
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
POST

https://region1.analytics.google.com/g/collect?v=2&tid=G-J8HJDE2R7C&gtm=45je4a10v899614608za200zb9123520070&_p=1727876304657&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=1153493590.1727876307&ul=en-us&sr=1280x720&frm=0&pscdl=noapi&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&_eu=AAg&_s=2&sid=1727876307&sct=1&seg=0&dl=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&dr=https%3A%2F%2Fwww.google.com%2F&dt=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&cu=USD&en=creaci%C3%B3n_de_una_cuenta&_c=1&epn.value=0&tfd=40649

chrome.exe

Remote address:

216.239.32.36:443

Request

POST /g/collect?v=2&tid=G-J8HJDE2R7C&gtm=45je4a10v899614608za200zb9123520070&_p=1727876304657&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=1153493590.1727876307&ul=en-us&sr=1280x720&frm=0&pscdl=noapi&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&_eu=AAg&_s=2&sid=1727876307&sct=1&seg=0&dl=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&dr=https%3A%2F%2Fwww.google.com%2F&dt=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&cu=USD&en=creaci%C3%B3n_de_una_cuenta&_c=1&epn.value=0&tfd=40649 HTTP/2.0
host: region1.analytics.google.com
content-length: 0
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://ydray.com
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
POST

https://region1.analytics.google.com/g/collect?v=2&tid=G-J8HJDE2R7C&gtm=45je4a10v899614608za200zb9123520070&_p=1727876304657&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=1153493590.1727876307&ul=en-us&sr=1280x720&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEI&_s=4&sid=1727876307&sct=1&seg=0&dl=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&dr=https%3A%2F%2Fwww.google.com%2F&dt=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&en=ad_impression&ep.query_id=CPmK0-vo74gDFZex0QQdXYgdPA&_et=56&tfd=45887

chrome.exe

Remote address:

216.239.32.36:443

Request

POST /g/collect?v=2&tid=G-J8HJDE2R7C&gtm=45je4a10v899614608za200zb9123520070&_p=1727876304657&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=1153493590.1727876307&ul=en-us&sr=1280x720&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEI&_s=4&sid=1727876307&sct=1&seg=0&dl=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&dr=https%3A%2F%2Fwww.google.com%2F&dt=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&en=ad_impression&ep.query_id=CPmK0-vo74gDFZex0QQdXYgdPA&_et=56&tfd=45887 HTTP/2.0
host: region1.analytics.google.com
content-length: 0
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://ydray.com
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-J8HJDE2R7C&cid=1153493590.1727876307&gtm=45je4a10v899614608za200zb9123520070&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101747727&tag_exp=101671035~101747727&z=1714366180

chrome.exe

Remote address:

172.217.16.227:443

Request

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-J8HJDE2R7C&cid=1153493590.1727876307&gtm=45je4a10v899614608za200zb9123520070&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101747727&tag_exp=101671035~101747727&z=1714366180 HTTP/2.0
host: www.google.co.uk
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://www.google.co.uk/pagead/1p-user-list/924997581/?random=1727876307375&cv=11&fst=1727874000000&bg=ffffff&guid=ON&async=1&gtm=45je4a10v899614608za200zb9123520070&gcd=13l3l3l3l1l1&dma=0&tcfd=10000&tag_exp=101671035~101747727&u_w=1280&u_h=720&url=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&npa=0&pscdl=noapi&auid=1757944890.1727876307&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfokWswKuDYbNnSfTEfx4dhhBUtQwsyz_qDOB85LH6AVKyrCy_&random=1975083964&rmt_tld=1&ipr=y

chrome.exe

Remote address:

172.217.16.227:443

Request

GET /pagead/1p-user-list/924997581/?random=1727876307375&cv=11&fst=1727874000000&bg=ffffff&guid=ON&async=1&gtm=45je4a10v899614608za200zb9123520070&gcd=13l3l3l3l1l1&dma=0&tcfd=10000&tag_exp=101671035~101747727&u_w=1280&u_h=720&url=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&npa=0&pscdl=noapi&auid=1757944890.1727876307&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfokWswKuDYbNnSfTEfx4dhhBUtQwsyz_qDOB85LH6AVKyrCy_&random=1975083964&rmt_tld=1&ipr=y HTTP/2.0
host: www.google.co.uk
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

157.15.177.108.in-addr.arpa

Remote address:

8.8.8.8:53

Request

157.15.177.108.in-addr.arpa

IN PTR

Response

157.15.177.108.in-addr.arpa

IN PTR

wr-in-f1571e100net
DNS

227.16.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

227.16.217.172.in-addr.arpa

IN PTR

Response

227.16.217.172.in-addr.arpa

IN PTR

lhr48s28-in-f31e100net

227.16.217.172.in-addr.arpa

IN PTR

mad08s04-in-f3�H
DNS

227.16.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

227.16.217.172.in-addr.arpa

IN PTR

Response

227.16.217.172.in-addr.arpa

IN PTR

lhr48s28-in-f31e100net

227.16.217.172.in-addr.arpa

IN PTR

mad08s04-in-f3�H
GET

https://www.google.com/pagead/1p-user-list/924997581/?random=1727876307375&cv=11&fst=1727874000000&bg=ffffff&guid=ON&async=1&gtm=45je4a10v899614608za200zb9123520070&gcd=13l3l3l3l1l1&dma=0&tcfd=10000&tag_exp=101671035~101747727&u_w=1280&u_h=720&url=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&npa=0&pscdl=noapi&auid=1757944890.1727876307&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfokWswKuDYbNnSfTEfx4dhhBUtQwsyz_qDOB85LH6AVKyrCy_&random=1975083964&rmt_tld=0&ipr=y

chrome.exe

Remote address:

216.58.204.68:443

Request

GET /pagead/1p-user-list/924997581/?random=1727876307375&cv=11&fst=1727874000000&bg=ffffff&guid=ON&async=1&gtm=45je4a10v899614608za200zb9123520070&gcd=13l3l3l3l1l1&dma=0&tcfd=10000&tag_exp=101671035~101747727&u_w=1280&u_h=720&url=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&npa=0&pscdl=noapi&auid=1757944890.1727876307&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfokWswKuDYbNnSfTEfx4dhhBUtQwsyz_qDOB85LH6AVKyrCy_&random=1975083964&rmt_tld=0&ipr=y HTTP/2.0
host: www.google.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
x-client-data: CLX4ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ydray.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

36.32.239.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

36.32.239.216.in-addr.arpa

IN PTR

Response
DNS

36.32.239.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

36.32.239.216.in-addr.arpa

IN PTR

Response
DNS

beacons.gcp.gvt2.com

Remote address:

8.8.8.8:53

Request

beacons.gcp.gvt2.com

IN A

Response

beacons.gcp.gvt2.com

IN CNAME

beacons-handoff.gcp.gvt2.com

beacons-handoff.gcp.gvt2.com

IN A

172.217.169.3
DNS

beacons.gcp.gvt2.com

Remote address:

8.8.8.8:53

Request

beacons.gcp.gvt2.com

IN A

Response

beacons.gcp.gvt2.com

IN CNAME

beacons-handoff.gcp.gvt2.com

beacons-handoff.gcp.gvt2.com

IN A

172.217.16.227
DNS

3.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.169.217.172.in-addr.arpa

IN PTR

Response

3.169.217.172.in-addr.arpa

IN PTR

lhr25s26-in-f31e100net

44.227.4.222:443

https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fclinicaputumayo1%2dmy.sharepoint.com%2f%3au%3a%2fg%2fpersonal%2fglosas%5fhacputumayo%5fcom%5fco%2fEeSbIX4nBzlEratSxjF5En0BtRbz3z5rzETeCuhxmMNFeA&umid=912af1ac-d7ef-4576-94a9-899446b43f0c&auth=8c38a99fbfb8ee9ad7cfc9db516a19b3e760bd1c-0c37e5947901c96c5dce1bbe3ca4ad211d2ea523

tls, http2

chrome.exe

2.2kB
5.0kB
14
15

HTTP Request

GET https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fclinicaputumayo1%2dmy.sharepoint.com%2f%3au%3a%2fg%2fpersonal%2fglosas%5fhacputumayo%5fcom%5fco%2fEeSbIX4nBzlEratSxjF5En0BtRbz3z5rzETeCuhxmMNFeA&umid=912af1ac-d7ef-4576-94a9-899446b43f0c&auth=8c38a99fbfb8ee9ad7cfc9db516a19b3e760bd1c-0c37e5947901c96c5dce1bbe3ca4ad211d2ea523

HTTP Response

302
13.107.138.10:443

https://clinicaputumayo1-my.sharepoint.com/_layouts/15/spwebworkerproxy.ashx?odsp-web-prod_2024-09-20.006

tls, http2

chrome.exe

98.2kB
5.1MB
1964
3729

HTTP Request

GET https://clinicaputumayo1-my.sharepoint.com/:u:/g/personal/glosas_hacputumayo_com_co/EeSbIX4nBzlEratSxjF5En0BtRbz3z5rzETeCuhxmMNFeA

HTTP Response

302

HTTP Request

GET https://clinicaputumayo1-my.sharepoint.com/personal/glosas_hacputumayo_com_co/_layouts/15/onedrive.aspx?id=%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments%2F%2D854633%2DDEMANDA%20LABORAL%2D85545%2D%204%2Esvg&parent=%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments&ga=1

HTTP Response

200

HTTP Request

GET https://clinicaputumayo1-my.sharepoint.com/personal/glosas_hacputumayo_com_co/_api/web/GetFileByServerRelativePath(DecodedUrl=@a1)/OpenBinaryStream?@a1=%27%2Fpersonal%2Fglosas%5Fhacputumayo%5Fcom%5Fco%2FDocuments%2FAttachments%2F%2D854633%2DDEMANDA%20LABORAL%2D85545%2D%204%2Esvg%27

HTTP Response

200

HTTP Request

GET https://clinicaputumayo1-my.sharepoint.com/_layouts/15/images/odbfavicon.ico?rev=47

HTTP Request

POST https://clinicaputumayo1-my.sharepoint.com/personal/glosas_hacputumayo_com_co/_api/SP.OAuth.Token/Acquire()

HTTP Request

GET https://clinicaputumayo1-my.sharepoint.com/personal/glosas_hacputumayo_com_co/_api/sp.FavoriteItemCollection.GetFavoriteItems?top=500

HTTP Response

200

HTTP Response

400

HTTP Response

500

HTTP Request

GET https://clinicaputumayo1-my.sharepoint.com/_layouts/15/odspserviceworkerproxy.aspx?swManifestName=spserviceworker&debug=false&bypass=false&navigationPreloadHeaderValue=%7B%22supportsFeatures%22%3A%5B1855%2C61313%5D%7D&dataHost=Nucleus&applications=%5B%7B%22id%22%3A%22STS%22%2C%22swPrefetchManifestName%22%3A%22stsserviceworkerprefetch%22%7D%2C%7B%22id%22%3A%22SPHome%22%7D%2C%7B%22id%22%3A%22SitePages%22%7D%2C%7B%22id%22%3A%22Embed%22%7D%2C%7B%22id%22%3A%22CreateGroup%22%7D%2C%7B%22id%22%3A%22SingleWebPart%22%7D%2C%7B%22id%22%3A%22VivaHome%22%7D%2C%7B%22id%22%3A%22BrokerLogon%22%7D%2C%7B%22id%22%3A%22Clipchamp%22%7D%2C%7B%22id%22%3A%22MeeBridge%22%7D%2C%7B%22id%22%3A%22SPStart%22%7D%2C%7B%22id%22%3A%22Agreements%22%7D%5D&list=v2&prefetchListData=true&defaultBrotli=true&authenticateFast=true&inlineAuth=v2&wwData=true&enableTheming=true&prefetchFilebrowserPageInTeams=true&FUIV9Flights=[-83099905,3]&spStartApplicationWebBundle=true&enableIntegrities=true&streamViewServerLoad=true&streamInlineScript=true

HTTP Response

200

HTTP Request

GET https://clinicaputumayo1-my.sharepoint.com/_layouts/15/SPComponentRegistry.ashx?projects=[%22STS%22]&languages=%5B%5D

HTTP Request

GET https://clinicaputumayo1-my.sharepoint.com/_layouts/15/SPComponentRegistry.ashx?projects=[%22spfx%22]&languages=%5B%5D

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://clinicaputumayo1-my.sharepoint.com/_layouts/15/userphoto.aspx?size=S

HTTP Request

GET https://clinicaputumayo1-my.sharepoint.com/_layouts/15/userphoto.aspx?size=M

HTTP Request

GET https://clinicaputumayo1-my.sharepoint.com/_layouts/15/userphoto.aspx?size=L

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://clinicaputumayo1-my.sharepoint.com/_layouts/15/spwebworkerproxy.ashx?odsp-web-prod_2024-09-20.006

HTTP Response

200
104.123.88.104:443

https://shell.cdn.office.net/shellux/api/ShellBootInfo/business/OneShell/en-us

tls, http2

chrome.exe

3.4kB
52.7kB
45
55

HTTP Request

GET https://shell.cdn.office.net/api/ShellBootstrapper/business/OneShell

HTTP Response

200

HTTP Request

GET https://shell.cdn.office.net/shellux/api/ShellBootInfo/business/OneShell/en-us

HTTP Response

200
2.22.249.227:443

res-1.cdn.office.net

tls

chrome.exe

1.1kB
7.1kB
12
12
2.22.249.227:443

res-1.cdn.office.net

tls

chrome.exe

1.2kB
7.1kB
12
12
2.22.249.227:443

https://res-1.cdn.office.net/files/sp-client/odsp.1ds/odsp.1ds.lib-67f10919.js

tls, http2

chrome.exe

14.8kB
659.7kB
273
492

HTTP Request

GET https://res-1.cdn.office.net/files/odsp-web-prod_2024-09-20.004/oneuplightspeedwebpack/en-us/initial.resx.js

HTTP Request

GET https://res-1.cdn.office.net/files/odsp-web-prod_2024-09-20.004/oneuplightspeedwebpack/plt.office-ui-fabric-react.js

HTTP Request

GET https://res-1.cdn.office.net/files/odsp-web-prod_2024-09-20.004/oneuplightspeedwebpack/plt.odsp-common.js

HTTP Request

GET https://res-1.cdn.office.net/files/odsp-web-prod_2024-09-20.004/oneuplightspeedwebpack/plt.items-view.js

HTTP Request

GET https://res-1.cdn.office.net/files/odsp-web-prod_2024-09-20.004/oneuplightspeedwebpack/oneuplightspeedwebpack.js

HTTP Request

GET https://res-1.cdn.office.net/files/sp-client/odsp.react/odsp.react.lib-361c9c69.js

HTTP Request

GET https://res-1.cdn.office.net/files/sp-client/odsp.fluentui.core/fui.core-83eff072.js

HTTP Request

GET https://res-1.cdn.office.net/files/sp-client/odsp.fluentui.utilities/fui.util-153996e1.js

HTTP Request

GET https://res-1.cdn.office.net/files/sp-client/odsp.utilities/odsp.util-a1364309.js

HTTP Request

GET https://res-1.cdn.office.net/files/sp-client/odsp.tslib/tslib-e9cf7774.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/files/odsp-web-prod_2024-09-20.004/oneuplightspeedwebpack/19.js

HTTP Response

200

HTTP Request

GET https://res-1.cdn.office.net/files/sp-client/odsp.1ds/odsp.1ds.lib-67f10919.js

HTTP Response

200
2.22.249.227:443

res-1.cdn.office.net

tls

chrome.exe

1.2kB
7.1kB
12
12
2.22.249.227:443

res-1.cdn.office.net

tls

chrome.exe

1.2kB
7.1kB
12
12
2.22.249.227:443

res-1.cdn.office.net

tls

chrome.exe

1.2kB
7.1kB
12
13
2.22.249.227:443

res-1.cdn.office.net

tls, http2

chrome.exe

1.3kB
986 B
8
9
104.208.16.91:443

mobile.events.data.microsoft.com

tls, http2

chrome.exe

1.6kB
7.1kB
10
10
104.208.16.91:443

https://mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D2f7b339320754b9c97959827f159871d%26HASH%3D2f7b%26LV%3D202410%26V%3D4%26LU%3D1727876188954&w=0

tls, http2

chrome.exe

3.2kB
8.0kB
19
18

HTTP Request

OPTIONS https://mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

HTTP Request

OPTIONS https://mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

HTTP Response

200

HTTP Response

200

HTTP Request

OPTIONS https://mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D2f7b339320754b9c97959827f159871d%26HASH%3D2f7b%26LV%3D202410%26V%3D4%26LU%3D1727876188954&w=0

HTTP Response

200
104.208.16.91:443

https://mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D2f7b339320754b9c97959827f159871d%26HASH%3D2f7b%26LV%3D202410%26V%3D4%26LU%3D1727876188954&w=0

tls, http2

chrome.exe

225.1kB
13.1kB
184
119

HTTP Request

POST https://mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

HTTP Request

POST https://mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&w=0

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D2f7b339320754b9c97959827f159871d%26HASH%3D2f7b%26LV%3D202410%26V%3D4%26LU%3D1727876188954&w=0

HTTP Response

200

HTTP Request

POST https://mobile.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&ext.intweb.msfpc=GUID%3D2f7b339320754b9c97959827f159871d%26HASH%3D2f7b%26LV%3D202410%26V%3D4%26LU%3D1727876188954&w=0

HTTP Response

200
104.208.16.91:443

mobile.events.data.microsoft.com

tls

chrome.exe

846 B
231 B
5
3
2.22.249.150:443

https://res.cdn.office.net/teams-js/2.0.0/js/MicrosoftTeams.min.js

tls, http2

chrome.exe

2.4kB
30.1kB
29
37

HTTP Request

GET https://res.cdn.office.net/teams-js/2.0.0/js/MicrosoftTeams.min.js

HTTP Response

200
2.19.117.14:443

https://spo.nel.measure.office.net/api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0

tls, http2

chrome.exe

6.4kB
6.8kB
30
30

HTTP Request

OPTIONS https://spo.nel.measure.office.net/api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0

HTTP Response

200

HTTP Request

POST https://spo.nel.measure.office.net/api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0

HTTP Response

429

HTTP Request

OPTIONS https://spo.nel.measure.office.net/api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0

HTTP Response

200

HTTP Request

POST https://spo.nel.measure.office.net/api/report?tenantId=fd7add1f-7b72-43c4-87af-7271c971d5c6&destinationEndpoint=Edge-Prod-LON60r5d&frontEnd=AFD&RemoteIP=138.199.29.0

HTTP Response

429
2.19.117.15:443

https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876206.4d2d76f5&TotalRTCDNTime=43&CompressionType=gzip&FileSize=242600

tls, http2

chrome.exe

14.2kB
6.7kB
33
28

HTTP Request

OPTIONS https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876206.4d2d76f5&TotalRTCDNTime=43&CompressionType=gzip&FileSize=242600

HTTP Response

200

HTTP Request

POST https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876206.4d2d76f5&TotalRTCDNTime=43&CompressionType=gzip&FileSize=242600

HTTP Response

429

HTTP Request

OPTIONS https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876206.4d2d76f5&TotalRTCDNTime=43&CompressionType=gzip&FileSize=242600

HTTP Response

200

HTTP Request

POST https://m365cdn.nel.measure.office.net/api/report?FrontEnd=AkamaiCDNWorldWide&DestinationEndpoint=LONDON&ASN=20940&Country=GB&Region=EN&RequestIdentifier=0.a3d37a5c.1727876206.4d2d76f5&TotalRTCDNTime=43&CompressionType=gzip&FileSize=242600

HTTP Response

429
142.250.187.238:443

lens.google.com

tls, http2

chrome.exe

1.0kB
8.1kB
10
10
216.58.204.68:443

https://www.google.com/favicon.ico

tls, http2

chrome.exe

2.9kB
9.7kB
17
23

HTTP Request

GET https://www.google.com/url?q=https://ydray.com/get/t/u17278177381566agQn60fb5c6b1feapd&sa=D&source=editors&ust=1727821676226264&usg=AOvVaw0dXS8Xe0HCROUXJmurMQjp

HTTP Request

GET https://www.google.com/favicon.ico

HTTP Response

200
51.91.48.189:443

https://ydray.com/favicon.svg

tls, http

chrome.exe

69.8kB
2.1MB
1185
1523

HTTP Request

GET https://ydray.com/get/t/u17278177381566agQn60fb5c6b1feapd

HTTP Response

200

HTTP Request

GET https://ydray.com/static/js/main.c13d8b8e.js

HTTP Response

200

HTTP Request

GET https://ydray.com/static/media/FREE.058d687482229be96a55.svg

HTTP Response

200

HTTP Request

GET https://ydray.com/static/media/Mona-Sans-Regular.a47070a36b8d14d04d88.woff2

HTTP Response

200

HTTP Request

GET https://ydray.com/assets/images/avatar1.svg

HTTP Response

200

HTTP Request

GET https://ydray.com/assets/images/next_step.svg

HTTP Response

200

HTTP Request

GET https://ydray.com/favicon.svg

HTTP Response

200
51.91.48.189:443

https://ydray.com/assets/images/avatar3.svg

tls, http

chrome.exe

4.7kB
59.9kB
35
52

HTTP Request

GET https://ydray.com/static/css/main.f94c34bb.css

HTTP Response

200

HTTP Request

GET https://ydray.com/static/media/PRO.1de39d5eba32f217695a.svg

HTTP Response

200

HTTP Request

GET https://ydray.com/static/media/icomoon.108997d1d45086a4fad0.ttf

HTTP Response

200

HTTP Request

GET https://ydray.com/assets/images/avatar3.svg

HTTP Response

200
142.250.187.194:443

googleads.g.doubleclick.net

tls, http2

chrome.exe

983 B
5.8kB
8
8
172.217.16.238:443

https://fundingchoicesmessages.google.com/f/AGSKWxXThx8S7LGi8n-DkmwvIMPW5YX-2QtlicvxDbyrpEb9QlFkg7bg6r22NjCSVovHqtsorgg8IUHj9_sXL9kSdHnDmhw-trDEE-5xQtsN_foQznq8CjWBxRaSyeISBqJBRwVska1UsA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3ODc2MjY4LDg2MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3lkcmF5LmNvbS9nZXQvdC91MTcyNzgxNzczODE1NjZhZ1FuNjBmYjVjNmIxZmVhcGQiLG51bGwsW1s4LCItVTNTM2o1SWVfMCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

tls, http2

chrome.exe

5.0kB
147.8kB
71
115

HTTP Request

GET https://fundingchoicesmessages.google.com/i/ca-pub-7075008344469842?href=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&ers=2

HTTP Request

GET https://fundingchoicesmessages.google.com/f/AGSKWxXThx8S7LGi8n-DkmwvIMPW5YX-2QtlicvxDbyrpEb9QlFkg7bg6r22NjCSVovHqtsorgg8IUHj9_sXL9kSdHnDmhw-trDEE-5xQtsN_foQznq8CjWBxRaSyeISBqJBRwVska1UsA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI3ODc2MjY4LDg2MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3lkcmF5LmNvbS9nZXQvdC91MTcyNzgxNzczODE1NjZhZ1FuNjBmYjVjNmIxZmVhcGQiLG51bGwsW1s4LCItVTNTM2o1SWVfMCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ
51.91.48.189:443

https://ydray.com/assets/images/avatar4.svg

tls, http

chrome.exe

4.0kB
33.3kB
24
31

HTTP Request

GET https://ydray.com/static/media/BUSINESS.5dce83fc7b5907ff2460.svg

HTTP Response

200

HTTP Request

GET https://ydray.com/static/media/Mona-Sans-SemiBold.df2721eb898b6beb9b2d.woff2

HTTP Response

200

HTTP Request

GET https://ydray.com/assets/images/avatar4.svg

HTTP Response

200
216.58.201.110:443

https://www3.doubleclick.net/

tls, http2

chrome.exe

1.7kB
6.3kB
12
12

HTTP Request

HEAD https://www3.doubleclick.net/
51.91.48.189:443

https://api.ydray.com/images/2.jpg

tls, http

chrome.exe

13.0kB
453.4kB
192
334

HTTP Request

GET https://api.ydray.com/get/transfer/u17278177381566agQn60fb5c6b1feapd

HTTP Response

200

HTTP Request

GET https://api.ydray.com/slider/

HTTP Response

200

HTTP Request

GET https://api.ydray.com/layerslider/css/layerslider.css

HTTP Response

200

HTTP Request

GET https://api.ydray.com/layerslider/js/layerslider.utils.js

HTTP Response

200

HTTP Request

GET https://api.ydray.com/images/2.jpg

HTTP Response

200
51.91.48.189:443

https://api.ydray.com/images/62.jpg

tls, http

chrome.exe

9.8kB
396.3kB
170
293

HTTP Request

GET https://api.ydray.com/info/

HTTP Response

200

HTTP Request

GET https://api.ydray.com/images/62.jpg

HTTP Response

200
51.91.48.189:443

https://ydray.com/static/media/Mona-Sans-Medium.1d13d02c97c2fffe114f.woff2

tls, http

chrome.exe

2.7kB
22.5kB
19
25

HTTP Request

GET https://ydray.com/assets/images/ydray-wordmark-black.svg

HTTP Response

200

HTTP Request

GET https://ydray.com/static/media/Mona-Sans-Medium.1d13d02c97c2fffe114f.woff2

HTTP Response

200
51.91.48.189:443

https://ydray.com/static/media/Mona-Sans-Bold.396862d9e0d26c04cdc9.woff2

tls, http

chrome.exe

3.0kB
18.9kB
17
21

HTTP Request

GET https://ydray.com/assets/images/logo1.svg

HTTP Response

200

HTTP Request

GET https://ydray.com/static/media/Mona-Sans-Bold.396862d9e0d26c04cdc9.woff2

HTTP Response

200
51.91.48.189:443

https://ydray.com/assets/images/avatar2.svg

tls, http

chrome.exe

3.1kB
40.0kB
26
38

HTTP Request

GET https://ydray.com/assets/images/folder-file-graphic.svg

HTTP Response

200

HTTP Request

GET https://ydray.com/assets/images/avatar2.svg

HTTP Response

200
51.91.48.189:443

https://api.ydray.com/user/

tls, http

chrome.exe

3.5kB
36.7kB
25
34

HTTP Request

GET https://api.ydray.com/layerslider/js/jquery.js

HTTP Response

200

HTTP Request

GET https://api.ydray.com/user/

HTTP Response

200
142.250.187.206:443

https://marketingplatform.google.com/about/enterprise/

tls, http2

chrome.exe

1.8kB
9.2kB
13
15

HTTP Request

HEAD https://marketingplatform.google.com/about/enterprise/
51.91.48.189:443

https://api.ydray.com/layerslider/skins/noskin/skin.css

tls, http

chrome.exe

2.8kB
9.6kB
16
16

HTTP Request

GET https://api.ydray.com/layerslider/js/layerslider.transitions.js

HTTP Response

200

HTTP Request

GET https://api.ydray.com/layerslider/skins/noskin/skin.css

HTTP Response

200
51.91.48.189:443

https://api.ydray.com/images/55.jpg

tls, http

chrome.exe

9.3kB
321.6kB
147
238

HTTP Request

GET https://api.ydray.com/layerslider/js/layerslider.kreaturamedia.jquery.js

HTTP Response

200

HTTP Request

GET https://api.ydray.com/images/55.jpg

HTTP Response

200
51.91.48.189:443

https://api.ydray.com/images/28.jpg

tls, http

chrome.exe

15.1kB
622.8kB
267
454

HTTP Request

GET https://api.ydray.com/images/42.jpg

HTTP Response

200

HTTP Request

GET https://api.ydray.com/images/28.jpg

HTTP Response

200
142.250.200.33:443

https://lh3.googleusercontent.com/haxuPeTmiozQczayCJj0ZX1XST1fZthZJXOL8wMhrwUeCuNeFaVM7LXpqh0yam5plRBQrueNIRaKdvlNrUQ0w5iC1oldAC4uD1RtljPIx_5N0U5leSPs=h60

tls, http2

chrome.exe

2.0kB
17.9kB
17
21

HTTP Request

GET https://lh3.googleusercontent.com/haxuPeTmiozQczayCJj0ZX1XST1fZthZJXOL8wMhrwUeCuNeFaVM7LXpqh0yam5plRBQrueNIRaKdvlNrUQ0w5iC1oldAC4uD1RtljPIx_5N0U5leSPs=h60
162.19.57.119:443

https://st13.ydray.com/fileupload/

tls, http

chrome.exe

2.0kB
5.0kB
12
12

HTTP Request

GET https://st13.ydray.com/fileupload/

HTTP Response

200
51.91.48.189:443

https://ydray.com/manifest.json

tls, http

chrome.exe

1.7kB
5.0kB
12
12

HTTP Request

GET https://ydray.com/manifest.json

HTTP Response

200
142.250.187.194:443

https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CQF3YIAQF3YIAEsACBENBJFoAP_gAEPgAAiQINJB7C7FbSFCwH5zaLsAMAhHRsAAQoQAAASBAmABQAKQIAQCgkAQFASgBAACAAAAICZBIQIECAAACUAAQAAAAAAEAAAAAAAIIAAAgAEAAAAIAAACAIAAEAAIAAAAEAAAmAgAAIIACAAAhAAAAAAAAAAAAAAAAgCAAAAAAAAAAAAAAAAAAQOhSD2F2K2kKFkPCmwXYAYBCujYAAhQgAAAkCBMACgAUgQAgFJIAgCIFAAAAAAAAAQEiCQAAQABAAEIACgAAAAAAIAAAAAAAQQAABAAIAAAAAAAAEAQAAIAAQAAAAIAABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAA&addtl_consent=2~70.89.93.108.122.149.196.236.259.311.313.323.358.415.449.486.494.495.540.574.609.827.864.981.1029.1048.1051.1095.1097.1126.1205.1276.1301.1365.1415.1449.1514.1570.1577.1598.1651.1716.1735.1753.1765.1870.1878.1889.1958.2072.2253.2299.2373.2415.2506.2526.2568.2571.2575.2624.2677~dv.&client=ca-pub-7075008344469842&output=html&h=80&slotname=6459658371&adk=2606696175&adf=2176751540&pi=t.ma~as.6459658371&w=280&abgtt=6&lmt=1721380853&format=280x80&url=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTIzLjAuNjMxMi4xMjMiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuMTIzIl0sWyJOb3Q6QS1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTIzLjAuNjMxMi4xMjMiXV0sMF0.&dt=1727876304668&bpp=4&bdt=37794&idt=4&shv=r20240930&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7590751832260&frm=20&pv=1&u_tz=0&u_his=2&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=48&ady=259&biw=1280&bih=593&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343852%2C31087429%2C31087432%2C31087659%2C42531705%2C44795922%2C95341936%2C95342016%2C95343328%2C31087683%2C95339678%2C31061690&oid=2&pvsid=1248799672057360&tmod=393857985&uas=3&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C593&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=53

tls, http2

chrome.exe

6.6kB
56.7kB
40
58

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/html/r20240930/r20190131/zrt_lookup_fy2021.html

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CQF3YIAQF3YIAEsACBENBJFoAP_gAEPgAAiQINJB7C7FbSFCwH5zaLsAMAhHRsAAQoQAAASBAmABQAKQIAQCgkAQFASgBAACAAAAICZBIQIECAAACUAAQAAAAAAEAAAAAAAIIAAAgAEAAAAIAAACAIAAEAAIAAAAEAAAmAgAAIIACAAAhAAAAAAAAAAAAAAAAgCAAAAAAAAAAAAAAAAAAQOhSD2F2K2kKFkPCmwXYAYBCujYAAhQgAAAkCBMACgAUgQAgFJIAgCIFAAAAAAAAAQEiCQAAQABAAEIACgAAAAAAIAAAAAAAQQAABAAIAAAAAAAAEAQAAIAAQAAAAIAABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAA&addtl_consent=2~70.89.93.108.122.149.196.236.259.311.313.323.358.415.449.486.494.495.540.574.609.827.864.981.1029.1048.1051.1095.1097.1126.1205.1276.1301.1365.1415.1449.1514.1570.1577.1598.1651.1716.1735.1753.1765.1870.1878.1889.1958.2072.2253.2299.2373.2415.2506.2526.2568.2571.2575.2624.2677~dv.&client=ca-pub-7075008344469842&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1721380853&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aipecl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTIzLjAuNjMxMi4xMjMiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuMTIzIl0sWyJOb3Q6QS1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTIzLjAuNjMxMi4xMjMiXV0sMF0.&dt=1727876267186&bpp=2&bdt=312&idt=354&shv=r20240930&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7590751832260&frm=20&pv=2&u_tz=0&u_his=2&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1280&bih=593&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343852%2C31087429%2C31087432%2C31087659%2C42531705%2C44795922%2C95341936%2C95342016%2C95343328%2C31087683%2C95339678%2C31061690&oid=2&pvsid=1248799672057360&tmod=393857985&uas=3&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C593&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=33672

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CQF3YIAQF3YIAEsACBENBJFoAP_gAEPgAAiQINJB7C7FbSFCwH5zaLsAMAhHRsAAQoQAAASBAmABQAKQIAQCgkAQFASgBAACAAAAICZBIQIECAAACUAAQAAAAAAEAAAAAAAIIAAAgAEAAAAIAAACAIAAEAAIAAAAEAAAmAgAAIIACAAAhAAAAAAAAAAAAAAAAgCAAAAAAAAAAAAAAAAAAQOhSD2F2K2kKFkPCmwXYAYBCujYAAhQgAAAkCBMACgAUgQAgFJIAgCIFAAAAAAAAAQEiCQAAQABAAEIACgAAAAAAIAAAAAAAQQAABAAIAAAAAAAAEAQAAIAAQAAAAIAABEhCAAQQAEAAAAAAAQAAAAAAAAAAABAAA&addtl_consent=2~70.89.93.108.122.149.196.236.259.311.313.323.358.415.449.486.494.495.540.574.609.827.864.981.1029.1048.1051.1095.1097.1126.1205.1276.1301.1365.1415.1449.1514.1570.1577.1598.1651.1716.1735.1753.1765.1870.1878.1889.1958.2072.2253.2299.2373.2415.2506.2526.2568.2571.2575.2624.2677~dv.&client=ca-pub-7075008344469842&output=html&h=80&slotname=6459658371&adk=2606696175&adf=2176751540&pi=t.ma~as.6459658371&w=280&abgtt=6&lmt=1721380853&format=280x80&url=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTIzLjAuNjMxMi4xMjMiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuMTIzIl0sWyJOb3Q6QS1CcmFuZCIsIjguMC4wLjAiXSxbIkNocm9taXVtIiwiMTIzLjAuNjMxMi4xMjMiXV0sMF0.&dt=1727876304668&bpp=4&bdt=37794&idt=4&shv=r20240930&mjsv=m202410010101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7590751832260&frm=20&pv=1&u_tz=0&u_his=2&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=48&ady=259&biw=1280&bih=593&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343852%2C31087429%2C31087432%2C31087659%2C42531705%2C44795922%2C95341936%2C95342016%2C95343328%2C31087683%2C95339678%2C31061690&oid=2&pvsid=1248799672057360&tmod=393857985&uas=3&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C593&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=53
142.250.187.194:443

googleads.g.doubleclick.net

tls

chrome.exe

934 B
4.9kB
9
8
216.58.201.97:443

https://tpc.googlesyndication.com/sodar/sodar2.js

tls, http2

chrome.exe

1.8kB
13.1kB
14
17

HTTP Request

GET https://tpc.googlesyndication.com/sodar/sodar2.js
216.58.201.97:443

https://tpc.googlesyndication.com/pagead/js/r20240930/r20110914/client/window_focus_fy2021.js

tls, http2

chrome.exe

3.2kB
34.2kB
31
39

HTTP Request

GET https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

HTTP Request

GET https://tpc.googlesyndication.com/pagead/js/r20240930/r20110914/client/load_preloaded_resource_fy2021.js

HTTP Request

GET https://tpc.googlesyndication.com/pagead/js/r20240930/r20110914/abg_lite_fy2021.js

HTTP Request

GET https://tpc.googlesyndication.com/pagead/js/r20240930/r20110914/client/qs_click_protection_fy2021.js

HTTP Request

GET https://tpc.googlesyndication.com/pagead/js/r20240930/r20110914/client/window_focus_fy2021.js
216.58.204.68:443

https://www.google.com/pagead/drt/ui

tls, http2

chrome.exe

2.5kB
8.2kB
19
25

HTTP Request

GET https://www.google.com/recaptcha/api2/aframe

HTTP Request

GET https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6UjtDCyLV7igJRGBwhCOht-QCkkBD4F_D_Y8c7QalCQvAlkGP-fEmisZ2g1LhzB9oCJIh53gswx5DAm1X9tXp6XxfYw

HTTP Request

GET https://www.google.com/pagead/drt/ui
142.250.187.194:443

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/924997581/?random=1727876307375&cv=11&fst=1727876307375&bg=ffffff&guid=ON&async=1&gtm=45je4a10v899614608za200zb9123520070&gcd=13l3l3l3l1l1&dma=0&tcfd=10000&tag_exp=101671035~101747727&u_w=1280&u_h=720&url=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&npa=0&pscdl=noapi&auid=1757944890.1727876307&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

tls, http2

chrome.exe

2.3kB
9.3kB
14
16

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/viewthroughconversion/924997581/?random=1727876307375&cv=11&fst=1727876307375&bg=ffffff&guid=ON&async=1&gtm=45je4a10v899614608za200zb9123520070&gcd=13l3l3l3l1l1&dma=0&tcfd=10000&tag_exp=101671035~101747727&u_w=1280&u_h=720&url=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&npa=0&pscdl=noapi&auid=1757944890.1727876307&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
108.177.15.157:443

https://stats.g.doubleclick.net/g/collect?v=2&tid=G-J8HJDE2R7C&cid=1153493590.1727876307&gtm=45je4a10v899614608za200zb9123520070&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101747727

tls, http2

chrome.exe

2.0kB
6.7kB
12
13

HTTP Request

POST https://stats.g.doubleclick.net/g/collect?v=2&tid=G-J8HJDE2R7C&cid=1153493590.1727876307&gtm=45je4a10v899614608za200zb9123520070&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101747727
216.239.32.36:443

region1.analytics.google.com

tls, http2

chrome.exe

1.0kB
6.2kB
9
8
216.239.32.36:443

https://region1.analytics.google.com/g/collect?v=2&tid=G-J8HJDE2R7C&gtm=45je4a10v899614608za200zb9123520070&_p=1727876304657&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=1153493590.1727876307&ul=en-us&sr=1280x720&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEI&_s=4&sid=1727876307&sct=1&seg=0&dl=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&dr=https%3A%2F%2Fwww.google.com%2F&dt=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&en=ad_impression&ep.query_id=CPmK0-vo74gDFZex0QQdXYgdPA&_et=56&tfd=45887

tls, http2

chrome.exe

4.2kB
7.5kB
18
17

HTTP Request

POST https://region1.analytics.google.com/g/collect?v=2&tid=G-J8HJDE2R7C&gtm=45je4a10v899614608za200zb9123520070&_p=1727876304657&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=1153493590.1727876307&ul=en-us&sr=1280x720&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1727876307&sct=1&seg=0&dl=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&dr=https%3A%2F%2Fwww.google.com%2F&dt=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&en=scroll&epn.percent_scrolled=90&_et=20&tfd=40824

HTTP Request

POST https://region1.analytics.google.com/g/collect?v=2&tid=G-J8HJDE2R7C&gtm=45je4a10v899614608za200zb9123520070&_p=1727876304657&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=1153493590.1727876307&ul=en-us&sr=1280x720&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=Ag&_s=1&sid=1727876307&sct=1&seg=0&dl=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&dr=https%3A%2F%2Fwww.google.com%2F&dt=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=40649

HTTP Request

POST https://region1.analytics.google.com/g/collect?v=2&tid=G-J8HJDE2R7C&gtm=45je4a10v899614608za200zb9123520070&_p=1727876304657&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=1153493590.1727876307&ul=en-us&sr=1280x720&frm=0&pscdl=noapi&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&_eu=AAg&_s=2&sid=1727876307&sct=1&seg=0&dl=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&dr=https%3A%2F%2Fwww.google.com%2F&dt=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&cu=USD&en=creaci%C3%B3n_de_una_cuenta&_c=1&epn.value=0&tfd=40649

HTTP Request

POST https://region1.analytics.google.com/g/collect?v=2&tid=G-J8HJDE2R7C&gtm=45je4a10v899614608za200zb9123520070&_p=1727876304657&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=101671035~101747727&cid=1153493590.1727876307&ul=en-us&sr=1280x720&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEI&_s=4&sid=1727876307&sct=1&seg=0&dl=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&dr=https%3A%2F%2Fwww.google.com%2F&dt=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&en=ad_impression&ep.query_id=CPmK0-vo74gDFZex0QQdXYgdPA&_et=56&tfd=45887
216.239.32.36:443

region1.analytics.google.com

tls, http2

chrome.exe

1.1kB
6.2kB
9
8
172.217.16.227:443

https://www.google.co.uk/pagead/1p-user-list/924997581/?random=1727876307375&cv=11&fst=1727874000000&bg=ffffff&guid=ON&async=1&gtm=45je4a10v899614608za200zb9123520070&gcd=13l3l3l3l1l1&dma=0&tcfd=10000&tag_exp=101671035~101747727&u_w=1280&u_h=720&url=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&npa=0&pscdl=noapi&auid=1757944890.1727876307&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfokWswKuDYbNnSfTEfx4dhhBUtQwsyz_qDOB85LH6AVKyrCy_&random=1975083964&rmt_tld=1&ipr=y

tls, http2

chrome.exe

2.8kB
6.8kB
17
20

HTTP Request

GET https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-J8HJDE2R7C&cid=1153493590.1727876307&gtm=45je4a10v899614608za200zb9123520070&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035~101747727&tag_exp=101671035~101747727&z=1714366180

HTTP Request

GET https://www.google.co.uk/pagead/1p-user-list/924997581/?random=1727876307375&cv=11&fst=1727874000000&bg=ffffff&guid=ON&async=1&gtm=45je4a10v899614608za200zb9123520070&gcd=13l3l3l3l1l1&dma=0&tcfd=10000&tag_exp=101671035~101747727&u_w=1280&u_h=720&url=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&npa=0&pscdl=noapi&auid=1757944890.1727876307&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfokWswKuDYbNnSfTEfx4dhhBUtQwsyz_qDOB85LH6AVKyrCy_&random=1975083964&rmt_tld=1&ipr=y
216.239.32.36:443

region1.analytics.google.com

tls, http2

chrome.exe

970 B
6.2kB
7
7
216.58.204.68:443

https://www.google.com/pagead/1p-user-list/924997581/?random=1727876307375&cv=11&fst=1727874000000&bg=ffffff&guid=ON&async=1&gtm=45je4a10v899614608za200zb9123520070&gcd=13l3l3l3l1l1&dma=0&tcfd=10000&tag_exp=101671035~101747727&u_w=1280&u_h=720&url=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&npa=0&pscdl=noapi&auid=1757944890.1727876307&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfokWswKuDYbNnSfTEfx4dhhBUtQwsyz_qDOB85LH6AVKyrCy_&random=1975083964&rmt_tld=0&ipr=y

tls, http2

chrome.exe

2.4kB
6.4kB
13
14

HTTP Request

GET https://www.google.com/pagead/1p-user-list/924997581/?random=1727876307375&cv=11&fst=1727874000000&bg=ffffff&guid=ON&async=1&gtm=45je4a10v899614608za200zb9123520070&gcd=13l3l3l3l1l1&dma=0&tcfd=10000&tag_exp=101671035~101747727&u_w=1280&u_h=720&url=https%3A%2F%2Fydray.com%2Fget%2Ft%2Fu17278177381566agQn60fb5c6b1feapd&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=YDRAY%20-%20Send%20and%20share%20large%20and%20big%20files%20up%20to%2010%20GB%20for%20free&npa=0&pscdl=noapi&auid=1757944890.1727876307&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfokWswKuDYbNnSfTEfx4dhhBUtQwsyz_qDOB85LH6AVKyrCy_&random=1975083964&rmt_tld=0&ipr=y
172.217.169.3:443

beacons.gcp.gvt2.com

tls

2.0kB
6.9kB
15
14

8.8.8.8:53

232.168.11.51.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

232.168.11.51.in-addr.arpa
8.8.8.8:53

ddec1-0-en-ctp.trendmicro.com

dns

chrome.exe

75 B
178 B
1
1

DNS Request

ddec1-0-en-ctp.trendmicro.com

DNS Response

44.227.4.222

54.187.74.250

54.245.116.215
8.8.8.8:53

clinicaputumayo1-my.sharepoint.com

dns

chrome.exe

80 B
411 B
1
1

DNS Request

clinicaputumayo1-my.sharepoint.com

DNS Response

13.107.138.10

13.107.136.10
8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.210.232.199.in-addr.arpa
8.8.8.8:53

234.179.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

234.179.250.142.in-addr.arpa
8.8.8.8:53

222.4.227.44.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

222.4.227.44.in-addr.arpa
8.8.8.8:53

0.159.190.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

0.159.190.20.in-addr.arpa
8.8.8.8:53

10.138.107.13.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

10.138.107.13.in-addr.arpa
8.8.8.8:53

shell.cdn.office.net

dns

chrome.exe

66 B
232 B
1
1

DNS Request

shell.cdn.office.net

DNS Response

104.123.88.104
8.8.8.8:53

res-1.cdn.office.net

dns

chrome.exe

66 B
280 B
1
1

DNS Request

res-1.cdn.office.net

DNS Response

2.22.249.227

2.22.249.212

2.22.249.197

2.22.249.220
2.22.249.227:443

res-1.cdn.office.net

https

chrome.exe

269.0kB
15.3MB
2918
14274
2.22.249.227:443

res-1.cdn.office.net

https

chrome.exe

6.0kB
136.6kB
60
122
8.8.8.8:53

104.88.123.104.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

104.88.123.104.in-addr.arpa
8.8.8.8:53

227.249.22.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

227.249.22.2.in-addr.arpa
8.8.8.8:53

mobile.events.data.microsoft.com

dns

chrome.exe

78 B
201 B
1
1

DNS Request

mobile.events.data.microsoft.com

DNS Response

104.208.16.91
224.0.0.251:5353

chrome.exe

204 B
3
8.8.8.8:53

91.16.208.104.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

91.16.208.104.in-addr.arpa
8.8.8.8:53

241.150.49.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

241.150.49.20.in-addr.arpa
8.8.8.8:53

res.cdn.office.net

dns

chrome.exe

64 B
434 B
1
1

DNS Request

res.cdn.office.net

DNS Response

2.22.249.150

2.22.249.147

2.22.249.143

2.22.249.146

2.22.249.145

2.22.249.153

2.22.249.148

2.22.249.149

2.22.249.151
8.8.8.8:53

150.249.22.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

150.249.22.2.in-addr.arpa
8.8.8.8:53

183.59.114.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

183.59.114.20.in-addr.arpa
8.8.8.8:53

206.23.85.13.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

206.23.85.13.in-addr.arpa
8.8.8.8:53

98.117.19.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

98.117.19.2.in-addr.arpa
8.8.8.8:53

spo.nel.measure.office.net

dns

chrome.exe

72 B
183 B
1
1

DNS Request

spo.nel.measure.office.net

DNS Response

2.19.117.14

2.19.117.15
8.8.8.8:53

m365cdn.nel.measure.office.net

dns

chrome.exe

76 B
187 B
1
1

DNS Request

m365cdn.nel.measure.office.net

DNS Response

2.19.117.15

2.19.117.14
8.8.8.8:53

15.117.19.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

15.117.19.2.in-addr.arpa
8.8.8.8:53

14.117.19.2.in-addr.arpa

dns

70 B
133 B
1
1

DNS Request

14.117.19.2.in-addr.arpa
8.8.8.8:53

lens.google.com

dns

chrome.exe

61 B
77 B
1
1

DNS Request

lens.google.com

DNS Response

142.250.187.238
8.8.8.8:53

238.187.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

238.187.250.142.in-addr.arpa
8.8.8.8:53

www.google.com

dns

chrome.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

216.58.204.68
216.58.204.68:443

www.google.com

https

chrome.exe

3.0kB
7.1kB
8
8
8.8.8.8:53

68.204.58.216.in-addr.arpa

dns

72 B
169 B
1
1

DNS Request

68.204.58.216.in-addr.arpa
8.8.8.8:53

ydray.com

dns

chrome.exe

55 B
71 B
1
1

DNS Request

ydray.com

DNS Response

51.91.48.189
8.8.8.8:53

googleads.g.doubleclick.net

dns

chrome.exe

73 B
89 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

142.250.187.194
8.8.8.8:53

189.48.91.51.in-addr.arpa

dns

71 B
94 B
1
1

DNS Request

189.48.91.51.in-addr.arpa
8.8.8.8:53

34.200.250.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

34.200.250.142.in-addr.arpa
8.8.8.8:53

194.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

194.187.250.142.in-addr.arpa
8.8.8.8:53

fundingchoicesmessages.google.com

dns

chrome.exe

158 B
232 B
2
2

DNS Request

fundingchoicesmessages.google.com

DNS Request

fundingchoicesmessages.google.com

DNS Response

172.217.16.238

DNS Response

172.217.16.238
8.8.8.8:53

www3.doubleclick.net

dns

chrome.exe

132 B
164 B
2
2

DNS Request

www3.doubleclick.net

DNS Request

www3.doubleclick.net

DNS Response

216.58.201.110

DNS Response

216.58.201.110
8.8.8.8:53

api.ydray.com

dns

chrome.exe

118 B
150 B
2
2

DNS Request

api.ydray.com

DNS Request

api.ydray.com

DNS Response

51.91.48.189

DNS Response

51.91.48.189
172.217.16.238:443

fundingchoicesmessages.google.com

https

chrome.exe

3.1kB
8.5kB
7
10
8.8.8.8:53

marketingplatform.google.com

dns

chrome.exe

148 B
180 B
2
2

DNS Request

marketingplatform.google.com

DNS Request

marketingplatform.google.com

DNS Response

142.250.187.206

DNS Response

142.250.187.206
8.8.8.8:53

lh3.googleusercontent.com

dns

chrome.exe

71 B
116 B
1
1

DNS Request

lh3.googleusercontent.com

DNS Response

142.250.200.33
8.8.8.8:53

238.16.217.172.in-addr.arpa

dns

146 B
284 B
2
2

DNS Request

238.16.217.172.in-addr.arpa

DNS Request

238.16.217.172.in-addr.arpa
8.8.8.8:53

110.201.58.216.in-addr.arpa

dns

73 B
173 B
1
1

DNS Request

110.201.58.216.in-addr.arpa
8.8.8.8:53

206.187.250.142.in-addr.arpa

dns

148 B
226 B
2
2

DNS Request

206.187.250.142.in-addr.arpa

DNS Request

206.187.250.142.in-addr.arpa
172.217.16.238:443

fundingchoicesmessages.google.com

https

chrome.exe

4.1kB
9.0kB
10
13
8.8.8.8:53

st13.ydray.com

dns

chrome.exe

120 B
152 B
2
2

DNS Request

st13.ydray.com

DNS Response

162.19.57.119

DNS Request

st13.ydray.com

DNS Response

162.19.57.119
8.8.8.8:53

202.212.58.216.in-addr.arpa

dns

146 B
346 B
2
2

DNS Request

202.212.58.216.in-addr.arpa

DNS Request

202.212.58.216.in-addr.arpa
8.8.8.8:53

33.200.250.142.in-addr.arpa

dns

146 B
222 B
2
2

DNS Request

33.200.250.142.in-addr.arpa

DNS Request

33.200.250.142.in-addr.arpa
8.8.8.8:53

119.57.19.162.in-addr.arpa

dns

144 B
224 B
2
2

DNS Request

119.57.19.162.in-addr.arpa

DNS Request

119.57.19.162.in-addr.arpa
8.8.8.8:53

14.227.111.52.in-addr.arpa

dns

144 B
316 B
2
2

DNS Request

14.227.111.52.in-addr.arpa

DNS Request

14.227.111.52.in-addr.arpa
172.217.16.238:443

fundingchoicesmessages.google.com

https

chrome.exe

6.2kB
8.5kB
30
35
172.217.16.238:443

fundingchoicesmessages.google.com

https

chrome.exe

5.4kB
13.6kB
18
24
8.8.8.8:53

tpc.googlesyndication.com

dns

chrome.exe

142 B
174 B
2
2

DNS Request

tpc.googlesyndication.com

DNS Response

216.58.201.97

DNS Request

tpc.googlesyndication.com

DNS Response

216.58.201.97
8.8.8.8:53

97.201.58.216.in-addr.arpa

dns

144 B
338 B
2
2

DNS Request

97.201.58.216.in-addr.arpa

DNS Request

97.201.58.216.in-addr.arpa
8.8.8.8:53

spo.nel.measure.office.net

dns

chrome.exe

144 B
366 B
2
2

DNS Request

spo.nel.measure.office.net

DNS Request

spo.nel.measure.office.net

DNS Response

2.19.117.14

2.19.117.15

DNS Response

2.19.117.15

2.19.117.14
8.8.8.8:53

m365cdn.nel.measure.office.net

dns

chrome.exe

152 B
374 B
2
2

DNS Request

m365cdn.nel.measure.office.net

DNS Request

m365cdn.nel.measure.office.net

DNS Response

2.19.117.15

2.19.117.14

DNS Response

2.19.117.14

2.19.117.15
142.250.187.194:443

googleads.g.doubleclick.net

https

chrome.exe

5.8kB
9.5kB
18
20
8.8.8.8:53

200.212.58.216.in-addr.arpa

dns

146 B
342 B
2
2

DNS Request

200.212.58.216.in-addr.arpa

DNS Request

200.212.58.216.in-addr.arpa
216.58.201.97:443

tpc.googlesyndication.com

https

chrome.exe

2.3kB
6.7kB
9
10
216.58.204.68:443

www.google.com

https

chrome.exe

1.6kB
7.1kB
4
8
8.8.8.8:53

region1.analytics.google.com

dns

chrome.exe

148 B
212 B
2
2

DNS Request

region1.analytics.google.com

DNS Response

216.239.32.36

216.239.34.36

DNS Request

region1.analytics.google.com

DNS Response

216.239.32.36

216.239.34.36
8.8.8.8:53

stats.g.doubleclick.net

dns

chrome.exe

69 B
133 B
1
1

DNS Request

stats.g.doubleclick.net

DNS Response

108.177.15.157

108.177.15.155

108.177.15.156

108.177.15.154
8.8.8.8:53

www.google.co.uk

dns

chrome.exe

124 B
156 B
2
2

DNS Request

www.google.co.uk

DNS Response

172.217.16.227

DNS Request

www.google.co.uk

DNS Response

216.58.212.227
8.8.8.8:53

227.179.250.142.in-addr.arpa

dns

148 B
224 B
2
2

DNS Request

227.179.250.142.in-addr.arpa

DNS Request

227.179.250.142.in-addr.arpa
8.8.8.8:53

98.201.58.216.in-addr.arpa

dns

144 B
338 B
2
2

DNS Request

98.201.58.216.in-addr.arpa

DNS Request

98.201.58.216.in-addr.arpa
8.8.8.8:53

157.15.177.108.in-addr.arpa

dns

73 B
107 B
1
1

DNS Request

157.15.177.108.in-addr.arpa
172.217.16.227:443

www.google.co.uk

https

chrome.exe

2.0kB
8.9kB
10
10
8.8.8.8:53

227.16.217.172.in-addr.arpa

dns

146 B
280 B
2
2

DNS Request

227.16.217.172.in-addr.arpa

DNS Request

227.16.217.172.in-addr.arpa
8.8.8.8:53

36.32.239.216.in-addr.arpa

dns

144 B
264 B
2
2

DNS Request

36.32.239.216.in-addr.arpa

DNS Request

36.32.239.216.in-addr.arpa
216.239.32.36:443

region1.analytics.google.com

https

chrome.exe

1.7kB
7.8kB
5
9
8.8.8.8:53

beacons.gcp.gvt2.com

dns

132 B
224 B
2
2

DNS Request

beacons.gcp.gvt2.com

DNS Request

beacons.gcp.gvt2.com

DNS Response

172.217.169.3

DNS Response

172.217.16.227
8.8.8.8:53

3.169.217.172.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

3.169.217.172.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Network Share Discovery

T1135

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\2d4a84c9-56dc-40b5-a414-aced79f66b73.tmp

Filesize
99KB

MD5
4713d09b9f1bec164b88e3ecab071382

SHA1
5da7f97c413b78c29dc1653ce1380885fcca4be3

SHA256
bac55a84d1adff8ecbb696e64137285f89c28e9186bd7f72088194f021757dd8

SHA512
031d909b036e3eccb40b9141b0ad16dc8c139db632870c0d818af9e64711e38c3901e04b63fb7b7b4df93f4e85e2e728aa3f98ecb0ccc967d99beac1fa19bd87

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
8cddac6bc7c0af0751effc383657a7e2

SHA1
830e51fae029090002633e48920fff667322d981

SHA256
efc57454a39783918361ba9c4653ed8d0547b135a482b7225eb377c2d37de9f6

SHA512
033f56590496196b4d1e6f6e105a50f1d37a82b8b428a830d4af7c65bd41040dbcba5b01c2d283dbf6900fb99f3badf5bde11cdfe5293accc11cd7386b9afe21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
38KB

MD5
cb11905b89c942fc11598eaad854f94b

SHA1
ed6b661ce6fb4eaebaf61b19eaebebe4cec586b5

SHA256
7c1503e287076b8242ebc74802de376c704fed35ff20929cf792faafe097a5dd

SHA512
a4410b8f4ab552bc02bef32d8482f6176238ed33070055029043c2cbcba968975fac058a7446c4f95cd4351386e9b20871cc372755e6e102762e1be897be357b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
816B

MD5
09069e53938e1490226b1e7dbcd62c70

SHA1
3124ca445255b3302b86c83c65ad24ed885b36b0

SHA256
23aadf5dd6161c5cf71bbbaffb7b61beb9f5c226f4d1c4fe57e1253378620e4e

SHA512
839e7286f25b387e958c388efd18e10a15992669995620cccc3bca25b8a2f6f4f36445c2995694bf377fac25b0f7767a62f636501aa2ef3695537c6aad854412

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
576B

MD5
89f27693d868e0d8154cb449a6ddb070

SHA1
727d7c055fbab1c718f016ac13b3832835123628

SHA256
2e58664c5d20c6b79ea7b10477f00306b1881a6c06a5e920cea529ee235433c7

SHA512
75cf08526b044ac9337b1ae63ab396135b26fe05b2193e0339d0a9073c2839c8115b75c60f5c5456294f8afb69ab71a6dd22a3b5d61e63891b4ee7b55d750b4d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
e00478f8389de840823b6b04b53d32c8

SHA1
5bfb7446ce1b361d2d1caf52d3c7092353ed5645

SHA256
199f650cccc8149324a70715dc68471d2b662e067745fbb362611b4d628a92e1

SHA512
2196f531af7219acf8f417752cc7e61d623870c672a82a2705622cf20b47eafcc269d2ed75d426ca0cc409bf9670824e7d968662616c8f7dbd3eb316851cd08f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
1308594db0c44eb7fc4712d87c4f75b1

SHA1
b421a33621b3b8075e7ee967177ccaff3d4c8c05

SHA256
ac661d2eab863f44b6bc5b20e8511920b0f78e680630edd9de644bf911188fbe

SHA512
1954875f4d194c2994c0167afe80dd68735f1bb16feb6afddd2b6d6c32983df5b431381121974aa3f859732a916d796c6fef51a09ca7f978621bf618d735ba9d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1eff3d1c4e35be5394cba9878ffed6fa

SHA1
77ec397217c0cf944c83c9436d380c475e80eba0

SHA256
538adfa2df69d842a75e27d972c2c56e67f66a70f5ff6568849b0645531b8079

SHA512
aa3a56d467050567a3f0efe413da052aee639bf1946bfa72da372c2c38d066cccc5d6431c1c17b8f0f708342d7715f9ee891db23782dfd69c5e6acfd9ae08118

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
42977d0c34b1ffec1e969a9582759172

SHA1
827157723b8d19a32f7628aac6346368d19dca73

SHA256
6e8ef1d439494b35586dde167530142741ea3c63734840525d450729e887a2bd

SHA512
a017eef84698b4e99d3df1cec9e83f3bd06930323f78d81735123aca034893141518acc2d4d6de9c13e8f758a29cd91b1005089ad782b85e66d2d9a7ffe07950

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
44c050b2fe6cd4955f8e1006bbfe5fd7

SHA1
9e524e6b08cb6ea3071ae9874bea3f63786dd306

SHA256
60a06bb9c76c87c48e8ccf947169895a4539a0f6d4a5ee342cc1dc9a68ff5725

SHA512
b0a3e70ea34efbf82e6943227dd3d802f12a4dac096bde19e4b0afc49b64a9ce88a8beeff63ddc74e316885b5b47e25d0506fe216252067c5735b3e7269978d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2e9a0339bfffb24fc03e70ba601b357e

SHA1
a8f7056346674a7b6cd06962c28fdc4f6b3cddbc

SHA256
52a82807e76b9a6ef401a6bb589eb11939cdaa940a388b7c3487619b7034dc8e

SHA512
d81dfd031deeac02525349c1d5a84f92353456cb48f2ef753c4049ae1df3450113b68dcf4cee03fdc794a2fdfbb3d1bcc49ab0b2c846d1fb484b5c80bd8e4a0f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
62e42f69d2179d82a95a879eb970f756

SHA1
db4c1a5b9a21f77d4ef0439ea841d4955862b57c

SHA256
fe8633464b38c7f8230c2c070f00794ec9fe6a853e61cd1c3cb14a9ae0db320c

SHA512
630520011bedfab9c5665ca564481f3fd60dfa2e49f68e905f281ac7c220b0abc7f15a028d6756d2d786f88c9165c62dc7a6f5f9574fb0010f6c0bfa4a91a559

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
3e537c542627e7d963c6c802f7e828ce

SHA1
d99418996db672ca6cf8b6d3f878be30354f8c9f

SHA256
a98572d19ff8d97217261f4dadeaef0c9571daf20a402b6ff40e9461735cfe2b

SHA512
cf21fd72ae8ae66e2978a98f6610adc35a6ca2e2272ae2e8fa0da58bc43fb00f4e01ba76f1f6708a3ba950277d94c57a72707ea2dcb6c112ef9b4e0509fda36f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
46351361990db24693a73a9a14fcceec

SHA1
029317d7dfde497e3faa79a22b146c4a63906024

SHA256
6fa2bcb8f5a5385f113b38833b464ec771a41445ab4bd4b9e3edbdf8ceb5c60d

SHA512
fa3eb4a1bf3aae4abb25b517b886fa6da7c5c0a1add8fd0aba53ad052ae4b053bf94647f91839cd0a17025dc6a62cc6ce2c11ca86f610ba6223d337739bfb113

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
16790c389781c1dd5b43da34b3d80687

SHA1
bc421f8e138fbbdae325223dbc6ca73a0414fa50

SHA256
2b8db631411f73daad5df1b0511eee0e4bfe7867a424a1643f200047b928d9f1

SHA512
76c246f66d6c42ea8c8c3ef5922d1b93e5e104b9977ebc3532b75581eceece667ace1152b8d94402812a039b27c8d79746a08ec99da6b8d256a5b0642d7976d0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
375d4363f85a55d20bd835e6a7ff4981

SHA1
179ba60df1cbb4cac7b40cd138433d72a6acbefe

SHA256
1ebfb5e56a8d5704097cc814268681fb998d2efac8538a15a769507c2d314deb

SHA512
fdbad9a7b7452c4f41ca1525fac4dcd30f8642c667e720d39ee2bf57d3224edbf6cb593f0f896bba89db40781c88ffb8dd1161218352abb98018ec03beb73bfc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
715a78cc08c6a4b2e9a5d29167a22a46

SHA1
6349d4d2f3db2b2182d533b7e00a7b217537e7ec

SHA256
759365c689a3fb67736c0c6e24334922eff4185b898680873ef288661488c0eb

SHA512
426bf0b2a75a174d27074561f9a68e592d542abcba2e87495db014de85defdf286f76e5b447912241af6241fff6059fee7f6e457def476cae16384be8a356db1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
5ed4edad0b5f08a049245b813984b803

SHA1
4caa9cb8093de14cec9268af7a52500ed2505c16

SHA256
e979bfd9c046d5df8bdca11a7a8aa2690035133be56d56f57d428aca0c3cc04b

SHA512
4de62aa77ccaf9a5339762bb51888beb941746f582c6eebe4fc120cbde2823169770ce9d00f4f36655511cc74aaec9996235350e1f95f9b70c1dd7a0eb0917c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
91b36f4d3c022b1892792ee2e480877c

SHA1
50d2181ca97dafe78092942a68dd3ec8f762cc8d

SHA256
43d38ae75e81190f41ccfa26556d64a49698a3b7be46b834f0ff352accddac6f

SHA512
24b7d0bc05aea057a9eabbcb316fee60b2b46d74001c2bcfa0ba7d5d3dccc75157fcdfc7cb55a53c2fed780aee0eb0cfb7c2d15b39615e6c5b9eefe5485c82da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
5fbeedf838a42602e65a9e59f6cffe8a

SHA1
09c3c3110a0b1473851dc0c976104f4fb84200ee

SHA256
ea15841ae50d50216cd7c9029c857d7de6c5d242acca539e39c48d47eb9830c1

SHA512
24ac9ea0c4b38c57d8ded5e901efee1bd26f3ec30996e005b2f7bc91476860e83ccba81025d006a1fed364de3f742d10c081a4972ebe84671fafef5dcad4f00b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
f295bebec0111b56a74de838ae1b6f1a

SHA1
55d3cc5022dd2111a49ca2a6504ba62efd2914c4

SHA256
70c8dbacdace362dbba3a464022fb72b3727316ddec94252916a53689172ae2d

SHA512
3bca3a9162bd89f8d28cb7db149682f4884fc573b1a2078cbf65aee6659186f49d37fec099d3bf81728ca120aa6fccf7b534ce6d32a427390504c5a48a59cf04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e502a59ee025a395cee2366ecd009b4c

SHA1
0e199175ea107a500b92dbb5c84fae78e117b880

SHA256
d1218b9d7802e49ef2d53d7899cc0b3dad53c3845b29fc3142cc5858fe129c1e

SHA512
b903ff8e7439e84d0ba54c3a1ff11dd4c2c018bf1b1b0e58672f31c9b736b0be16d0218c09add45f8439c62d18dafdbf26dbad839b30d1b90fdc89c230cac32f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
9528d9f845f43e2ebb8697798c6b02d6

SHA1
d4c972e3a1db045408d589736e118c01f6094052

SHA256
0e54337660715164a1d3f17df54218d43196973b900f33998d02c165a72206f4

SHA512
4fc2886eb963a83267ab197addc572415c49687496c11404c90c9af1d2843ebc297cdfaf3ce6e8a6fd82438c917708ba1dc40b98d55ebd5926f9691e6be93d20

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\a7b9ce6b83ae11951b1c6b71b06f6f8ab9478c64\0964a567-8eed-4a44-88c1-681e5cf7ca6f\index-dir\the-real-index

Filesize
17KB

MD5
2117b9826810e0a61ce17692a6233453

SHA1
20856d753092e25944d2b8dd2aff9302e353eba9

SHA256
0f0b2949e2f0af4034597a82e1a65c45a81299248b59a0acfe081d62232fec8f

SHA512
161bb7b1fa0cbdd4bb8f4b2808a799fa4b8968f0707cff5bbdd5f41334b03f55a7d118c3fcea1310e1caf3f61e4df98a7f3fef71094381db5b4a3810a2512f7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\a7b9ce6b83ae11951b1c6b71b06f6f8ab9478c64\0964a567-8eed-4a44-88c1-681e5cf7ca6f\index-dir\the-real-index~RFe582c3b.TMP

Filesize
48B

MD5
857a6cb846356d1d0bf52be0272cb0ef

SHA1
c61528557243d7d7631b1690e33b02ca7f12e09d

SHA256
92f9967a638823708288b003bbf598bded83d72c7c43c28e7dc490b3c743583d

SHA512
6e316059245116c3271c810a52df840a8a262fca0065810df587d8f4db7f7d39eefd232d1971a21ab4e439d00671f843c84848671555a6063bd7a30054adc528

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\a7b9ce6b83ae11951b1c6b71b06f6f8ab9478c64\0964a567-8eed-4a44-88c1-681e5cf7ca6f\todelete_7a48c130a6a40c0e_0_2

Filesize
142KB

MD5
9ad662a0f3d59af64031719541e1d59d

SHA1
9d1981cadbecbb5d47d1d0d337003ff0c7c7176d

SHA256
218a2ac97fecb4a95a5c087f4c426e57331d8fd7784f6273974990ff4a266612

SHA512
3049b0da1295451c8ba0e5a1a9fc59251559987e8cdb812386d04a3412cc775b1c22fecae975b8199140630e8d176c1d3c1715d49b72aaa2fa499d6843baf9f4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\a7b9ce6b83ae11951b1c6b71b06f6f8ab9478c64\0964a567-8eed-4a44-88c1-681e5cf7ca6f\todelete_7a48c130a6a40c0e_1_2

Filesize
322KB

MD5
3b6f18806373f56a82021f68a80da48a

SHA1
34aa55194756b3ad328c4218c13605a6d473a5f6

SHA256
4652e10cb90fbbf055c3a6512ef8538871173dd390ee3bd78e207d38d3337751

SHA512
d2012668bd6231ad1565f3f28ec8bd9f8d70600d7ade0bf818f78bc0e59f88958c94039641540d146f33dc0482d3ab1444048e56df6f5e90065a4749e394e524

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\a7b9ce6b83ae11951b1c6b71b06f6f8ab9478c64\5c02b1f9-213d-4816-b90b-fab09144ca09\index-dir\the-real-index

Filesize
768B

MD5
113b6d792127665f7c11d6f794ff3d7d

SHA1
4affc1c7618cb1fd3b11d95ef43583d53fe02056

SHA256
b52cd40d06d19e929ca0cdcd3441b0f51d2143bd685e4a22c4e8387df06d7fc1

SHA512
375e580788515d9ee19cc06164cf34013c1b77a95faab6da535a38e857e868d580eaf20ab3adcfb0d9c800ee5e180ed484c5883e3943a921fde1ee13646f727e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\a7b9ce6b83ae11951b1c6b71b06f6f8ab9478c64\5c02b1f9-213d-4816-b90b-fab09144ca09\index-dir\the-real-index~RFe582d26.TMP

Filesize
48B

MD5
405fc199d6127282559ab305aaeebaa3

SHA1
68e495b277fb061f5980515e6a1a6074eea3cc81

SHA256
e361bb1ee957a42445cff6f89aab860954cab4a7a4f6978d38d51a5bba374318

SHA512
ef2907a5278c307475f1d90635dfb82102b2f8964b6e061240ca81f4328a48a31f866444adff6cdea44501d2c8e21fc5adbc4b3294e9bafaf799313a9aed3ddb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\a7b9ce6b83ae11951b1c6b71b06f6f8ab9478c64\index.txt

Filesize
235B

MD5
d8ee6794f88c0bfd8b83b2ecf648b466

SHA1
a989e46b07933fea51da54b33e75cb076b15fa88

SHA256
3f1d350a464794a1be76032dec54ab0f51d51b4a2deadfa090ca08e5a8a84247

SHA512
66ee80a6c4f75545ea9ce8bcbdc8c78018b52104245cc9928f6bec85eefe1e2f3503184a91cb3d566d140b8c50b42dabe1b083e4c87be2f410a2279c6127e49d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\a7b9ce6b83ae11951b1c6b71b06f6f8ab9478c64\index.txt

Filesize
231B

MD5
ab41300e522e4df823548680c29c3c89

SHA1
dc98644939d1058ff2ceb10d350836d789badda3

SHA256
b783a1c9425f92dfbd00e16990b2ed663bfd064a59551c409f5bd4fd17b74b62

SHA512
fb6eb8d799f68ca8148c4de363b788f8823fa8a1ef9cd5feba2638382feb7554176bb1682abf9efd2be2ff5595c249fea4802cdbd1824ccaaeffef3ff5475c6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\a7b9ce6b83ae11951b1c6b71b06f6f8ab9478c64\index.txt~RFe57d8fb.TMP

Filesize
164B

MD5
192975f3474b5ad6df562d46df59886a

SHA1
a1f9090905326cfd7594daa67825040816bc33ef

SHA256
1c7d847024c19358b54bf959044cdd1da5aa895020dd274c67c2dfb3318bbc22

SHA512
6b9010abdec19e5bbddbf558ab8394824821945e853f290357eb08c16b33eb97fae8a0fa64fedae9ad743ae07066a72a44c30812e2cf2b8850b515a61fccbe4d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
144B

MD5
1ad9ed1749d30d6e8b4928ae95db41ba

SHA1
c186978704bb9a49c58dfa7082c77a61931f67d8

SHA256
03f0456e97319fb9e77c049cfb6d8cc69066d507c75312a35bd2fe082c3fbbd8

SHA512
24aa09d61334aed7a9f537269327f05d86118cb5766539500200bc065e59633137461dbc63a0a07d9d53f1dcf994aacc6dc67895c6909448bcca6ae4a464f474

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
a794eb2f0e28610f5e66a29e31757320

SHA1
bd7e1c88e8122d0da3e1d3c3d0c816ff2ba6d6db

SHA256
398ddcfdceffbba556ada6a41362a20cde67025a534561ef337836f2675dfea0

SHA512
64d90192aa07b98d2588f98f63a0587642c371f847f19a6cf28c4ee2db6b925f420c5d80144d503c4f2f93741f9b08cb9d520f565cfd8fb018b02d2dbeabcd52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
99KB

MD5
513558e59935eac7cf355c7b4c2185d4

SHA1
d257068ee2878b796b71b00892e6c6a5f4b23691

SHA256
a234510eee15cc26c47e90d517d6012af2d6824849b98cb69b95ce5896e17a7b

SHA512
228b010aeec329de2a55f130293db3f7f111e9a850edfd89385ae230ae43fe322d61ed3a39b61f48eda1b25c0b2a21817df0122cd99a7c1ad36b1e9e1baa9055

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response