hxxps://api[.]targetx[.]com/email-interact/redirect?id=MTEwMDAwNDk4IDcwMTYxMDAwMDAxdU1NNUFBTSBhMFY0TjAwMDAwZ1VnaVhVQVMgMDAzNE4wMDAwMzhRZ0VXUUEw&link=hxxps://Siemens[.]steltzer[.]com/lt/a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20=

Analysis

max time kernel
264s
max time network
260s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
18/10/2022, 10:43 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://api.targetx.com/email-interact/redirect?id=MTEwMDAwNDk4IDcwMTYxMDAwMDAxdU1NNUFBTSBhMFY0TjAwMDAwZ1VnaVhVQVMgMDAzNE4wMDAwMzhRZ0VXUUEw&link=https://Siemens.steltzer.com/lt/a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20=

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Suspicious behavior: EnumeratesProcesses 18 IoCs

pid	Process
2732	chrome.exe
2732	chrome.exe
4964	chrome.exe
4964	chrome.exe
4496	chrome.exe
4496	chrome.exe
3896	chrome.exe
3896	chrome.exe
4144	chrome.exe
4144	chrome.exe
1064	chrome.exe
1064	chrome.exe
4188	chrome.exe
4188	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe
2396	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe
4964	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 4964 wrote to memory of 4912	4964	chrome.exe	82
PID 4964 wrote to memory of 4912	4964	chrome.exe	82
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 3664	4964	chrome.exe	85
PID 4964 wrote to memory of 2732	4964	chrome.exe	86
PID 4964 wrote to memory of 2732	4964	chrome.exe	86
PID 4964 wrote to memory of 112	4964	chrome.exe	88
PID 4964 wrote to memory of 112	4964	chrome.exe	88
PID 4964 wrote to memory of 112	4964	chrome.exe	88
PID 4964 wrote to memory of 112	4964	chrome.exe	88
PID 4964 wrote to memory of 112	4964	chrome.exe	88
PID 4964 wrote to memory of 112	4964	chrome.exe	88
PID 4964 wrote to memory of 112	4964	chrome.exe	88
PID 4964 wrote to memory of 112	4964	chrome.exe	88
PID 4964 wrote to memory of 112	4964	chrome.exe	88
PID 4964 wrote to memory of 112	4964	chrome.exe	88
PID 4964 wrote to memory of 112	4964	chrome.exe	88
PID 4964 wrote to memory of 112	4964	chrome.exe	88
PID 4964 wrote to memory of 112	4964	chrome.exe	88
PID 4964 wrote to memory of 112	4964	chrome.exe	88
PID 4964 wrote to memory of 112	4964	chrome.exe	88
PID 4964 wrote to memory of 112	4964	chrome.exe	88
PID 4964 wrote to memory of 112	4964	chrome.exe	88
PID 4964 wrote to memory of 112	4964	chrome.exe	88
PID 4964 wrote to memory of 112	4964	chrome.exe	88
PID 4964 wrote to memory of 112	4964	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" https://api.targetx.com/email-interact/redirect?id=MTEwMDAwNDk4IDcwMTYxMDAwMDAxdU1NNUFBTSBhMFY0TjAwMDAwZ1VnaVhVQVMgMDAzNE4wMDAwMzhRZ0VXUUEw&link=https://Siemens.steltzer.com/lt/a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20=
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb87054f50,0x7ffb87054f60,0x7ffb87054f70
  2⤵
  PID:4912
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1680 /prefetch:2
  2⤵
  PID:3664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=network --mojo-platform-channel-handle=2020 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2316 /prefetch:8
  2⤵
  PID:112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3056 /prefetch:1
  2⤵
  PID:2704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3076 /prefetch:1
  2⤵
  PID:3468
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4360 /prefetch:8
  2⤵
  PID:4348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4700 /prefetch:1
  2⤵
  PID:4692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1
  2⤵
  PID:3096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3404 /prefetch:1
  2⤵
  PID:956
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5032 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5440 /prefetch:8
  2⤵
  PID:3916
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3308 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3896
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3216 /prefetch:8
  2⤵
  PID:532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5488 /prefetch:8
  2⤵
  PID:4120
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3360 /prefetch:8
  2⤵
  PID:1632
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --disable-gpu-compositing --lang=en-US --extension-process --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
  2⤵
  PID:4660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2728 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4144
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2720 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2644 /prefetch:8
  2⤵
  PID:1736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5472 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:4188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4560 /prefetch:8
  2⤵
  PID:1612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5664 /prefetch:8
  2⤵
  PID:4540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3140 /prefetch:8
  2⤵
  PID:1004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=5636 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2396
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1256 /prefetch:8
  2⤵
  PID:3168
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4676 /prefetch:8
  2⤵
  PID:3152
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=916 /prefetch:8
  2⤵
  PID:1804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4556 /prefetch:8
  2⤵
  PID:1324
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4612 /prefetch:8
  2⤵
  PID:4572
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4752 /prefetch:8
  2⤵
  PID:3884
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1648,1611829372237785146,15975537347616257916,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4744 /prefetch:8
  2⤵
  PID:4268

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:528

Network

DNS

accounts.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.251.36.45
DNS

clients2.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

clients2.google.com

IN A

Response

clients2.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

172.217.168.238
DNS

api.targetx.com

chrome.exe

Remote address:

8.8.8.8:53

Request

api.targetx.com

IN A

Response

api.targetx.com

IN A

52.222.139.57

api.targetx.com

IN A

52.222.139.83

api.targetx.com

IN A

52.222.139.72

api.targetx.com

IN A

52.222.139.5
GET

https://api.targetx.com/email-interact/redirect?id=MTEwMDAwNDk4IDcwMTYxMDAwMDAxdU1NNUFBTSBhMFY0TjAwMDAwZ1VnaVhVQVMgMDAzNE4wMDAwMzhRZ0VXUUEw&link=https://Siemens.steltzer.com/lt/a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20=

chrome.exe

Remote address:

52.222.139.57:443

Request

GET /email-interact/redirect?id=MTEwMDAwNDk4IDcwMTYxMDAwMDAxdU1NNUFBTSBhMFY0TjAwMDAwZ1VnaVhVQVMgMDAzNE4wMDAwMzhRZ0VXUUEw&link=https://Siemens.steltzer.com/lt/a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20= HTTP/2.0
host: api.targetx.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-type: application/json
content-length: 2
location: https://Siemens.steltzer.com/lt/a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20=
date: Tue, 18 Oct 2022 10:43:22 GMT
x-amzn-requestid: a65ee7d1-6ade-46a8-8b89-780c63a2c613
x-amz-apigw-id: aMlznHv8IAMF4Dg=
x-amzn-trace-id: Root=1-634e834a-691d7aa7390dc68b349ebf63;Sampled=0
x-cache: Miss from cloudfront
via: 1.1 fc8f1559bec15e56ec52376ce42c7d90.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: wEmBauFu1ks9aV2lY2VYddQp2h9i1ToYjASRhZsqle_KG4vuUr0a7w==
GET

https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=89.0.4389.114&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D47%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D47%2526e%253D1

chrome.exe

Remote address:

172.217.168.238:443

Request

GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=89.0.4389.114&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D47%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D47%2526e%253D1 HTTP/2.0
host: clients2.google.com
x-goog-update-interactivity: fg
x-goog-update-appid: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfm
x-goog-update-updater: chromecrx-89.0.4389.114
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

edgedl.me.gvt1.com

chrome.exe

Remote address:

8.8.8.8:53

Request

edgedl.me.gvt1.com

IN A

Response

edgedl.me.gvt1.com

IN A

34.104.35.123
GET

http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvNzI0QUFXNV9zT2RvdUwyMERESEZGVmJnQQ/1.0.0.6_nmmhkkegccagdldgiimedpiccmgmieda.crx

chrome.exe

Remote address:

34.104.35.123:80

Request

GET /edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvNzI0QUFXNV9zT2RvdUwyMERESEZGVmJnQQ/1.0.0.6_nmmhkkegccagdldgiimedpiccmgmieda.crx HTTP/1.1
Host: edgedl.me.gvt1.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Tue, 18 Oct 2022 08:34:08 GMT
last-modified: Fri, 25 Feb 2022 22:08:36 GMT
etag: "c994e6"
content-type: application/x-chrome-extension
content-length: 248531
age: 7754
x-request-id: bd6f225a-f749-4975-9a5a-520f3388515e
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
DNS

siemens.steltzer.com

chrome.exe

Remote address:

8.8.8.8:53

Request

siemens.steltzer.com

IN A

Response

siemens.steltzer.com

IN A

192.254.232.179
GET

https://siemens.steltzer.com/lt/a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20=

chrome.exe

Remote address:

192.254.232.179:443

Request

GET /lt/a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20= HTTP/2.0
host: siemens.steltzer.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

vary: Accept-Encoding
content-encoding: gzip
content-length: 119
content-type: text/html; charset=UTF-8
date: Tue, 18 Oct 2022 10:43:22 GMT
server: Apache
DNS

chikayb.com

chrome.exe

Remote address:

8.8.8.8:53

Request

chikayb.com

IN A

Response

chikayb.com

IN A

192.185.52.188
GET

https://chikayb.com/wpd/

chrome.exe

Remote address:

192.185.52.188:443

Request

GET /wpd/ HTTP/2.0
host: chikayb.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://siemens.steltzer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=3b89f20dc8af84d3b69b16b5ac9c362a; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 326
content-type: text/html; charset=UTF-8
date: Tue, 18 Oct 2022 10:43:24 GMT
server: Apache
GET

https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/index

chrome.exe

Remote address:

192.185.52.188:443

Request

GET /wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/index HTTP/2.0
host: chikayb.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://chikayb.com/wpd/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=3b89f20dc8af84d3b69b16b5ac9c362a

Response

HTTP/2.0 200

expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
content-length: 501
content-type: text/html; charset=UTF-8
date: Tue, 18 Oct 2022 10:43:27 GMT
server: Apache
GET

https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/capt?L3dwZC9hMTQ0YTY2NDhjOWRlNmExYmFlZmU5YTNhMDYzODdmMjc3Y2QyMzY2MDE1NDA2MTA3MTA1MWI1NWRkZTk1MDdiM2ViMWZkMWE4ODAxMDM0NTAwOTY5ZTBiZTE3MGMwMTU0MDYxMDcxMDUxOGZhODJjMmQxOTRlMzIxOWRlYzEwMmI1OGJlYWZmYzExNjI3OTEwNzAxNTQwNjEwNzEwNTE5ODgwNzM5ZTk4MmYxMjNhNGE5ZDhkNzg4NDdkNWI0ODNjY2Y1NGE0MDE1NDA2MTA3MTA1MS9pbmRleA==78QAC4Fk-4GaT-E2ZY-Ly36-1VUqZhyFQ0Tw_J3I4jt2SKL6BkmZw5H1VcginRlf9CzUpMN0oFOW8XGAyvExDrhJQWO1pKTqNw35movPdl2IiY8gUCFuc4SEy7tB0enk6XzAMrjVsXKkZ48xrFhvHsclJLpTfAGn5S7eEw2iQBgaYoMOI9yNjWV1uUd

chrome.exe

Remote address:

192.185.52.188:443

Request

GET /wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/capt?L3dwZC9hMTQ0YTY2NDhjOWRlNmExYmFlZmU5YTNhMDYzODdmMjc3Y2QyMzY2MDE1NDA2MTA3MTA1MWI1NWRkZTk1MDdiM2ViMWZkMWE4ODAxMDM0NTAwOTY5ZTBiZTE3MGMwMTU0MDYxMDcxMDUxOGZhODJjMmQxOTRlMzIxOWRlYzEwMmI1OGJlYWZmYzExNjI3OTEwNzAxNTQwNjEwNzEwNTE5ODgwNzM5ZTk4MmYxMjNhNGE5ZDhkNzg4NDdkNWI0ODNjY2Y1NGE0MDE1NDA2MTA3MTA1MS9pbmRleA==78QAC4Fk-4GaT-E2ZY-Ly36-1VUqZhyFQ0Tw_J3I4jt2SKL6BkmZw5H1VcginRlf9CzUpMN0oFOW8XGAyvExDrhJQWO1pKTqNw35movPdl2IiY8gUCFuc4SEy7tB0enk6XzAMrjVsXKkZ48xrFhvHsclJLpTfAGn5S7eEw2iQBgaYoMOI9yNjWV1uUd HTTP/2.0
host: chikayb.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/index
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=3b89f20dc8af84d3b69b16b5ac9c362a

Response

HTTP/2.0 200

expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
content-length: 2625
content-type: text/html; charset=UTF-8
date: Tue, 18 Oct 2022 10:43:29 GMT
server: Apache
GET

https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/favicon.ico

chrome.exe

Remote address:

192.185.52.188:443

Request

GET /wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/favicon.ico HTTP/2.0
host: chikayb.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=3b89f20dc8af84d3b69b16b5ac9c362a

Response

HTTP/2.0 200

last-modified: Thu, 22 Sep 2022 22:07:40 GMT
accept-ranges: bytes
content-length: 1150
cache-control: max-age=604800
expires: Tue, 25 Oct 2022 10:43:31 GMT
content-type: image/x-icon
date: Tue, 18 Oct 2022 10:43:31 GMT
server: Apache
DNS

apps.identrust.com

chrome.exe

Remote address:

8.8.8.8:53

Request

apps.identrust.com

IN A

Response

apps.identrust.com

IN CNAME

identrust.edgesuite.net

identrust.edgesuite.net

IN CNAME

a1952.dscq.akamai.net

a1952.dscq.akamai.net

IN A

96.16.53.134

a1952.dscq.akamai.net

IN A

96.16.53.139
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

chrome.exe

Remote address:

96.16.53.134:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.identrust.com
Last-Modified: Mon, 20 Jun 2022 20:24:00 GMT
ETag: "37d-5e1e6e25c9800"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Tue, 18 Oct 2022 11:43:24 GMT
Date: Tue, 18 Oct 2022 10:43:24 GMT
Connection: keep-alive
DNS

dns.google

chrome.exe

Remote address:

8.8.8.8:53

Request

dns.google

IN A

Response

dns.google

IN A

8.8.4.4

dns.google

IN A

8.8.8.8
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.4.4:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABB2NoaWtheWIDY29tAAABAAEAACkQAAAAAAAAWAAMAFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.4.4:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABB2NoaWtheWIDY29tAAABAAEAACkQAAAAAAAAWAAMAFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABB2JlYWNvbnMDZ2NwBGd2dDIDY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.4.4:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABB2JlYWNvbnMDZ2NwBGd2dDIDY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.4.4:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.4.4:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://ssl.gstatic.com/safebrowsing/csd/client_model_v5_variation_6.pb

chrome.exe

Remote address:

216.58.208.99:443

Request

GET /safebrowsing/csd/client_model_v5_variation_6.pb HTTP/2.0
host: ssl.gstatic.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvODkuMC40Mzg5LjExNBIQCWl8za9_LtI6EgUNU1pHxQ==?alt=proto

chrome.exe

Remote address:

216.58.208.106:443

Request

GET /v1/pages/ChRDaHJvbWUvODkuMC40Mzg5LjExNBIQCWl8za9_LtI6EgUNU1pHxQ==?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CJiBywE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.4.4:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
POST

https://update.googleapis.com/service/update2/json?cup2key=10:2144526989&cup2hreq=6e2bc447af64c65912627dd0379140469fea030be0ccddc816e6c3b33dde19ae

chrome.exe

Remote address:

142.250.179.163:443

Request

POST /service/update2/json?cup2key=10:2144526989&cup2hreq=6e2bc447af64c65912627dd0379140469fea030be0ccddc816e6c3b33dde19ae HTTP/2.0
host: update.googleapis.com
content-length: 3017
x-goog-update-appid: eeigpngbgcognadeebkilcpcaedhellh,hnimpnehoodheedghdeeijklkeaacbdc,hfnkpimlhhgieaddgfemjhofmfblmnib,llkgjffcdpffmhiakmfcdcblohccpfmo,giekcmmlnklenlaomppkphknjmnnpneh,gkmgaooipdjhmangpemjhigmamcehddo,bklopemakmnopmghhmccadeonafabnal,khaoiebndkojlmppeemjhbpbandiljpe,jamhcnnkihinmdlkakkaopbjbbcngflc,obedbbhbpmojnkanicioggnmelmoomoc,ggkkehgbnfjpeggfpleeakpidbkibbmn,ehgidpndbllacpjalkiimkbadgjfnnmc,ihnlcenocehgdaegdmhbidjhnhdchfmm,jflookgnkcckhobaglndicnbbgbonegd,ojhpjlocmbogdgmfpkhlaaeamibhnphh,aemomkdncapdnfajjbbcbdebjljbpmpj,cmahhnpholdijhjokonmfdjbfmklppij,gcmjkmgdlgnkkcocmoeiminaijmmjnii,oimompecagnajdejgnnjijobebaeigek
x-goog-update-interactivity: bg
x-goog-update-updater: chrome-89.0.4389.114
content-type: application/json
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
DNS

edgedl.me.gvt1.com

chrome.exe

Remote address:

8.8.8.8:53

Request

edgedl.me.gvt1.com

IN A

Response

edgedl.me.gvt1.com

IN A

34.104.35.123
HEAD

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA

Remote address:

34.104.35.123:80

Request

HEAD /edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 15:51:43 GMT
age: 67957
last-modified: Mon, 02 Nov 2020 15:59:03 GMT
etag: "764869"
content-type: application/octet-stream
content-length: 113772
x-request-id: 0d754803-a3d3-44e7-add1-8c7462c97ba5
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
GET

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA

Remote address:

34.104.35.123:80

Request

GET /edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 02 Nov 2020 15:59:03 GMT
Range: bytes=0-1119
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 206 Partial Content

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 15:51:43 GMT
age: 67957
last-modified: Mon, 02 Nov 2020 15:59:03 GMT
etag: "764869"
content-type: application/octet-stream
content-length: 1120
x-request-id: 16bf83e0-724c-4d51-8e81-8dccfd420b5f
content-range: bytes 0-1119/113772
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
GET

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA

Remote address:

34.104.35.123:80

Request

GET /edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 02 Nov 2020 15:59:03 GMT
Range: bytes=1120-3238
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 206 Partial Content

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 15:51:43 GMT
age: 67960
last-modified: Mon, 02 Nov 2020 15:59:03 GMT
etag: "764869"
content-type: application/octet-stream
content-length: 2119
x-request-id: e3db8197-8d80-483f-9a36-f88c46d12433
content-range: bytes 1120-3238/113772
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
GET

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA

Remote address:

34.104.35.123:80

Request

GET /edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 02 Nov 2020 15:59:03 GMT
Range: bytes=3239-7528
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 206 Partial Content

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 15:51:43 GMT
age: 67961
last-modified: Mon, 02 Nov 2020 15:59:03 GMT
etag: "764869"
content-type: application/octet-stream
content-length: 4290
x-request-id: 804d0eff-5b50-4368-aee6-ee0db1ee29bd
content-range: bytes 3239-7528/113772
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
coprocessor-response: download-server
GET

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA

Remote address:

34.104.35.123:80

Request

GET /edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 02 Nov 2020 15:59:03 GMT
Range: bytes=7529-17896
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 206 Partial Content

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 15:51:43 GMT
age: 67963
last-modified: Mon, 02 Nov 2020 15:59:03 GMT
etag: "764869"
content-type: application/octet-stream
content-length: 10368
x-request-id: a2f1b58f-c8f0-4af1-ba1e-f840324c00e2
content-range: bytes 7529-17896/113772
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
GET

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA

Remote address:

34.104.35.123:80

Request

GET /edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 02 Nov 2020 15:59:03 GMT
Range: bytes=17897-26443
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 206 Partial Content

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 15:51:43 GMT
age: 67964
last-modified: Mon, 02 Nov 2020 15:59:03 GMT
etag: "764869"
content-type: application/octet-stream
content-length: 8547
x-request-id: b684b4d1-a12c-442f-8062-d541bb1893ca
content-range: bytes 17897-26443/113772
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
GET

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA

Remote address:

34.104.35.123:80

Request

GET /edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 02 Nov 2020 15:59:03 GMT
Range: bytes=26444-44993
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 206 Partial Content

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 15:51:43 GMT
age: 67965
last-modified: Mon, 02 Nov 2020 15:59:03 GMT
etag: "764869"
content-type: application/octet-stream
content-length: 18550
x-request-id: 21e8a3c4-e983-46fd-9845-118e6d2efe5c
content-range: bytes 26444-44993/113772
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
GET

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA

Remote address:

34.104.35.123:80

Request

GET /edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 02 Nov 2020 15:59:03 GMT
Range: bytes=44994-83553
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 206 Partial Content

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 15:51:43 GMT
age: 67966
last-modified: Mon, 02 Nov 2020 15:59:03 GMT
etag: "764869"
content-type: application/octet-stream
content-length: 38560
x-request-id: 0d35e157-258f-4b65-8e76-b8a0dc8d02d2
content-range: bytes 44994-83553/113772
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
GET

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA

Remote address:

34.104.35.123:80

Request

GET /edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 02 Nov 2020 15:59:03 GMT
Range: bytes=83554-113771
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 206 Partial Content

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 15:51:43 GMT
age: 67968
last-modified: Mon, 02 Nov 2020 15:59:03 GMT
etag: "764869"
content-type: application/octet-stream
content-length: 30218
x-request-id: ccca48f4-74be-4718-9325-b75d25210946
content-range: bytes 83554-113771/113772
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
coprocessor-response: download-server
HEAD

http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx

Remote address:

34.104.35.123:80

Request

HEAD /edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 11:17:17 GMT
age: 84448
last-modified: Wed, 10 Oct 2018 17:49:21 GMT
etag: "2e2fe7"
content-type: application/x-chrome-extension
content-length: 6760942
x-request-id: 26e601b8-3674-44fe-bd17-72e4af78e434
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
GET

http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx

Remote address:

34.104.35.123:80

Request

GET /edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 10 Oct 2018 17:49:21 GMT
Range: bytes=0-289542
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 206 Partial Content

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 11:17:17 GMT
age: 84448
last-modified: Wed, 10 Oct 2018 17:49:21 GMT
etag: "2e2fe7"
content-type: application/x-chrome-extension
content-length: 289543
x-request-id: a8ac1039-a0e4-4893-8103-126405767d8d
content-range: bytes 0-289542/6760942
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
GET

http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx

Remote address:

34.104.35.123:80

Request

GET /edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 10 Oct 2018 17:49:21 GMT
Range: bytes=289543-601950
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 206 Partial Content

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 11:17:17 GMT
age: 84449
last-modified: Wed, 10 Oct 2018 17:49:21 GMT
etag: "2e2fe7"
content-type: application/x-chrome-extension
content-length: 312408
x-request-id: 28683f26-1fe4-4850-925f-0b860b7c066a
content-range: bytes 289543-601950/6760942
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
GET

http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx

Remote address:

34.104.35.123:80

Request

GET /edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 10 Oct 2018 17:49:21 GMT
Range: bytes=601951-1566235
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 206 Partial Content

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 11:17:17 GMT
age: 84450
last-modified: Wed, 10 Oct 2018 17:49:21 GMT
etag: "2e2fe7"
content-type: application/x-chrome-extension
content-length: 964285
x-request-id: 3fdf156b-7e5c-4658-9541-eb2d59a4fbb2
content-range: bytes 601951-1566235/6760942
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
coprocessor-response: download-server
GET

http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx

Remote address:

34.104.35.123:80

Request

GET /edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 10 Oct 2018 17:49:21 GMT
Range: bytes=1566236-3466328
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 206 Partial Content

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 11:17:17 GMT
age: 84451
last-modified: Wed, 10 Oct 2018 17:49:21 GMT
etag: "2e2fe7"
content-type: application/x-chrome-extension
content-length: 1900093
x-request-id: 765eb58c-0441-4ea6-bb0b-91ca594dcfa7
content-range: bytes 1566236-3466328/6760942
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
GET

http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx

Remote address:

34.104.35.123:80

Request

GET /edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 10 Oct 2018 17:49:21 GMT
Range: bytes=3466329-6760941
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 206 Partial Content

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 11:17:17 GMT
age: 84452
last-modified: Wed, 10 Oct 2018 17:49:21 GMT
etag: "2e2fe7"
content-type: application/x-chrome-extension
content-length: 3294613
x-request-id: f889b431-8fc0-4f5a-8107-e118eb17bb18
content-range: bytes 3466329-6760941/6760942
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
coprocessor-response: download-server
HEAD

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adfpbpukafbuylpxajuughtoh6ha_7647/hfnkpimlhhgieaddgfemjhofmfblmnib_7647_all_ad5zs2tshlm2iqpc645vapkmhlwa.crx3

Remote address:

34.104.35.123:80

Request

HEAD /edgedl/release2/chrome_component/adfpbpukafbuylpxajuughtoh6ha_7647/hfnkpimlhhgieaddgfemjhofmfblmnib_7647_all_ad5zs2tshlm2iqpc645vapkmhlwa.crx3 HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-length: 24668
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "fcaa39"
last-modified: Mon, 17 Oct 2022 20:12:49 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 20:13:39 GMT
x-request-id: 322aa742-98db-4afc-98a3-af84c361bf01
age: 52296
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
coprocessor-response: download-server
GET

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adfpbpukafbuylpxajuughtoh6ha_7647/hfnkpimlhhgieaddgfemjhofmfblmnib_7647_all_ad5zs2tshlm2iqpc645vapkmhlwa.crx3

Remote address:

34.104.35.123:80

Request

GET /edgedl/release2/chrome_component/adfpbpukafbuylpxajuughtoh6ha_7647/hfnkpimlhhgieaddgfemjhofmfblmnib_7647_all_ad5zs2tshlm2iqpc645vapkmhlwa.crx3 HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 17 Oct 2022 20:12:49 GMT
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-length: 24668
content-security-policy: default-src 'none'
content-type: application/octet-stream
etag: "fcaa39"
last-modified: Mon, 17 Oct 2022 20:12:49 GMT
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 20:13:39 GMT
x-request-id: b04d2fe4-6850-4ff3-9f01-cdd1c7cc052d
age: 52296
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
HEAD

http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvODJiQUFYYVJaZ0k5di1hUFlXS1prX2xDZw/1.0.0.13_llkgjffcdpffmhiakmfcdcblohccpfmo.crx

Remote address:

34.104.35.123:80

Request

HEAD /edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvODJiQUFYYVJaZ0k5di1hUFlXS1prX2xDZw/1.0.0.13_llkgjffcdpffmhiakmfcdcblohccpfmo.crx HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-length: 2876
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Tue, 18 Oct 2022 07:59:27 GMT
age: 9977
last-modified: Wed, 23 Mar 2022 16:40:40 GMT
etag: "d1bcdc"
content-type: application/x-chrome-extension
x-request-id: f4ba3f9d-7df7-4d7f-8810-2f3a61424b9c
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
coprocessor-response: download-server
GET

http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvODJiQUFYYVJaZ0k5di1hUFlXS1prX2xDZw/1.0.0.13_llkgjffcdpffmhiakmfcdcblohccpfmo.crx

Remote address:

34.104.35.123:80

Request

GET /edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvODJiQUFYYVJaZ0k5di1hUFlXS1prX2xDZw/1.0.0.13_llkgjffcdpffmhiakmfcdcblohccpfmo.crx HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 23 Mar 2022 16:40:40 GMT
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-length: 2876
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Tue, 18 Oct 2022 07:59:27 GMT
age: 9977
last-modified: Wed, 23 Mar 2022 16:40:40 GMT
etag: "d1bcdc"
content-type: application/x-chrome-extension
x-request-id: 006dbfda-cd88-4480-bc48-980cec16d6d3
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
coprocessor-response: download-server
HEAD

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AIZk8O7Cv2UUbxc_aaUykKI_7/ALzUVHP-vRgKCzqwbtGugSE

Remote address:

34.104.35.123:80

Request

HEAD /edgedl/release2/chrome_component/AIZk8O7Cv2UUbxc_aaUykKI_7/ALzUVHP-vRgKCzqwbtGugSE HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-length: 5406
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Tue, 18 Oct 2022 04:45:57 GMT
age: 21621
last-modified: Wed, 17 Jul 2019 00:41:02 GMT
etag: "413d8a"
content-type: application/octet-stream
x-request-id: 7b9f2d76-0a6c-42dd-a00d-4769442c5183
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
connection: close
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.4.4:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABDHNhZmVicm93c2luZwpnb29nbGVhcGlzA2NvbQAAAQABAAApEAAAAAAAAEgADABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.4.4:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABDHNhZmVicm93c2luZwpnb29nbGVhcGlzA2NvbQAAAQABAAApEAAAAAAAAEgADABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$req=Ch0KDGdvb2dsZWNocm9tZRINODkuMC40Mzg5LjExNBoMCAUQASIEIAEgAigBGgwIARABIgQgASACKAEaDAgDEAEiBCABIAIoARoMCAcQASIEIAEgAigBGgwIARABIgQgASACKAMaDAgBEAgiBCABIAIoBBoMCAkQASIEIAEgAigGGgwIDxABIgQgASACKAEaDAgKEAgiBCABIAIoARoMCAkQASIEIAEgAigBGgwICBABIgQgASACKAEaDAgNEAEiBCABIAIoARoMCA4QASIEIAEgAigBGgwIEBABIgQgASACKAEiAggB&$ct=application/x-protobuf&key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw

chrome.exe

Remote address:

142.250.179.170:443

Request

GET /v4/threatListUpdates:fetch?$req=Ch0KDGdvb2dsZWNocm9tZRINODkuMC40Mzg5LjExNBoMCAUQASIEIAEgAigBGgwIARABIgQgASACKAEaDAgDEAEiBCABIAIoARoMCAcQASIEIAEgAigBGgwIARABIgQgASACKAMaDAgBEAgiBCABIAIoBBoMCAkQASIEIAEgAigGGgwIDxABIgQgASACKAEaDAgKEAgiBCABIAIoARoMCAkQASIEIAEgAigBGgwICBABIgQgASACKAEaDAgNEAEiBCABIAIoARoMCA4QASIEIAEgAigBGgwIEBABIgQgASACKAEiAggB&$ct=application/x-protobuf&key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/2.0
host: safebrowsing.googleapis.com
x-http-method-override: POST
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
GET

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AIZk8O7Cv2UUbxc_aaUykKI_7/ALzUVHP-vRgKCzqwbtGugSE

Remote address:

34.104.35.123:80

Request

GET /edgedl/release2/chrome_component/AIZk8O7Cv2UUbxc_aaUykKI_7/ALzUVHP-vRgKCzqwbtGugSE HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 17 Jul 2019 00:41:02 GMT
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-length: 5406
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Tue, 18 Oct 2022 04:45:57 GMT
age: 21621
last-modified: Wed, 17 Jul 2019 00:41:02 GMT
etag: "413d8a"
content-type: application/octet-stream
x-request-id: e4616c6d-75e1-4088-b39b-9862c9ee8ca9
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
coprocessor-response: download-server
HEAD

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/YGkwa4MXjfWSuERyWQYP_A_4/aapLKTSZ439A-0g3nqJr3Q

Remote address:

34.104.35.123:80

Request

HEAD /edgedl/release2/chrome_component/YGkwa4MXjfWSuERyWQYP_A_4/aapLKTSZ439A-0g3nqJr3Q HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-length: 3809
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 14:45:47 GMT
last-modified: Thu, 07 Jan 2021 02:23:28 GMT
etag: "81a15c"
content-type: application/octet-stream
age: 72035
x-request-id: 59f68f2e-fb12-40a9-9f19-0b7d4b79ebc0
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
GET

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/YGkwa4MXjfWSuERyWQYP_A_4/aapLKTSZ439A-0g3nqJr3Q

Remote address:

34.104.35.123:80

Request

GET /edgedl/release2/chrome_component/YGkwa4MXjfWSuERyWQYP_A_4/aapLKTSZ439A-0g3nqJr3Q HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Thu, 07 Jan 2021 02:23:28 GMT
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-length: 3809
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 14:45:47 GMT
last-modified: Thu, 07 Jan 2021 02:23:28 GMT
etag: "81a15c"
content-type: application/octet-stream
age: 72035
x-request-id: f5fcdc6c-08a6-4d37-8c52-78c468505abb
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
coprocessor-response: download-server
HEAD

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/accnrqvk2u32p5vftufawsvnlpkq_54/khaoiebndkojlmppeemjhbpbandiljpe_54_win_dmln4upudhgz6z3pcihf7cmpr4.crx3

Remote address:

34.104.35.123:80

Request

HEAD /edgedl/release2/chrome_component/accnrqvk2u32p5vftufawsvnlpkq_54/khaoiebndkojlmppeemjhbpbandiljpe_54_win_dmln4upudhgz6z3pcihf7cmpr4.crx3 HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 12:22:33 GMT
age: 80637
last-modified: Wed, 12 Oct 2022 00:19:04 GMT
etag: "fb7397"
content-type: application/octet-stream
content-length: 5564
x-request-id: b02c2469-a616-4f97-8d4d-0c2a1ed4e71a
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
coprocessor-response: download-server
GET

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/accnrqvk2u32p5vftufawsvnlpkq_54/khaoiebndkojlmppeemjhbpbandiljpe_54_win_dmln4upudhgz6z3pcihf7cmpr4.crx3

Remote address:

34.104.35.123:80

Request

GET /edgedl/release2/chrome_component/accnrqvk2u32p5vftufawsvnlpkq_54/khaoiebndkojlmppeemjhbpbandiljpe_54_win_dmln4upudhgz6z3pcihf7cmpr4.crx3 HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Wed, 12 Oct 2022 00:19:04 GMT
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 12:22:33 GMT
age: 80637
last-modified: Wed, 12 Oct 2022 00:19:04 GMT
etag: "fb7397"
content-type: application/octet-stream
content-length: 5564
x-request-id: ad476e7c-489c-441b-9da7-d899b4c02cb3
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
coprocessor-response: download-server
HEAD

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/mk5f7o5y6llg3qpdlrmtg4inte_109.0.5366.0/jamhcnnkihinmdlkakkaopbjbbcngflc_109.0.5366.0_all_acavryodfzll3heohonga2qbaxca.crx3

Remote address:

34.104.35.123:80

Request

HEAD /edgedl/release2/chrome_component/mk5f7o5y6llg3qpdlrmtg4inte_109.0.5366.0/jamhcnnkihinmdlkakkaopbjbbcngflc_109.0.5366.0_all_acavryodfzll3heohonga2qbaxca.crx3 HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Tue, 18 Oct 2022 06:02:41 GMT
last-modified: Tue, 18 Oct 2022 06:02:03 GMT
etag: "fcd315"
content-type: application/octet-stream
content-length: 818334
age: 17042
x-request-id: c7349328-b6b5-4f4a-933b-d1375f7a2cfb
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
coprocessor-response: download-server
GET

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/mk5f7o5y6llg3qpdlrmtg4inte_109.0.5366.0/jamhcnnkihinmdlkakkaopbjbbcngflc_109.0.5366.0_all_acavryodfzll3heohonga2qbaxca.crx3

Remote address:

34.104.35.123:80

Request

GET /edgedl/release2/chrome_component/mk5f7o5y6llg3qpdlrmtg4inte_109.0.5366.0/jamhcnnkihinmdlkakkaopbjbbcngflc_109.0.5366.0_all_acavryodfzll3heohonga2qbaxca.crx3 HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Tue, 18 Oct 2022 06:02:03 GMT
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Tue, 18 Oct 2022 06:02:41 GMT
last-modified: Tue, 18 Oct 2022 06:02:03 GMT
etag: "fcd315"
content-type: application/octet-stream
content-length: 818334
age: 17042
x-request-id: 82f5fca0-ac60-4da5-81b6-613cd7d47b66
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
coprocessor-response: download-server
HEAD

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/ad2wt4kzsdz6p6enh442u5fjlsia_20221007.480864143/obedbbhbpmojnkanicioggnmelmoomoc_20221007.480864143_all_ENUS_bgupegey6uchlxj2kqfpgo4ega.crx3

Remote address:

34.104.35.123:80

Request

HEAD /edgedl/release2/chrome_component/ad2wt4kzsdz6p6enh442u5fjlsia_20221007.480864143/obedbbhbpmojnkanicioggnmelmoomoc_20221007.480864143_all_ENUS_bgupegey6uchlxj2kqfpgo4ega.crx3 HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 22:02:19 GMT
last-modified: Mon, 17 Oct 2022 22:01:33 GMT
etag: "fcaa6f"
content-type: application/octet-stream
content-length: 1006715
age: 45880
x-request-id: 9245ae8a-e012-476f-b788-faabea568670
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
coprocessor-response: download-server
GET

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/ad2wt4kzsdz6p6enh442u5fjlsia_20221007.480864143/obedbbhbpmojnkanicioggnmelmoomoc_20221007.480864143_all_ENUS_bgupegey6uchlxj2kqfpgo4ega.crx3

Remote address:

34.104.35.123:80

Request

GET /edgedl/release2/chrome_component/ad2wt4kzsdz6p6enh442u5fjlsia_20221007.480864143/obedbbhbpmojnkanicioggnmelmoomoc_20221007.480864143_all_ENUS_bgupegey6uchlxj2kqfpgo4ega.crx3 HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Mon, 17 Oct 2022 22:01:33 GMT
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 22:02:19 GMT
last-modified: Mon, 17 Oct 2022 22:01:33 GMT
etag: "fcaa6f"
content-type: application/octet-stream
content-length: 1006715
age: 45880
x-request-id: 3a993ffa-da00-4e7a-87f9-c12ff284bfe1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
HEAD

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acjv7zhir6jmdb7jzkcjxgs7n24q_2022.9.20.1141/ggkkehgbnfjpeggfpleeakpidbkibbmn_2022.9.20.1141_all_fs6e42p6n4oiiglkfie4nusfri.crx3

Remote address:

34.104.35.123:80

Request

HEAD /edgedl/release2/chrome_component/acjv7zhir6jmdb7jzkcjxgs7n24q_2022.9.20.1141/ggkkehgbnfjpeggfpleeakpidbkibbmn_2022.9.20.1141_all_fs6e42p6n4oiiglkfie4nusfri.crx3 HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-length: 9930
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 12:44:08 GMT
age: 79393
last-modified: Tue, 20 Sep 2022 19:12:00 GMT
etag: "f82296"
content-type: application/octet-stream
x-request-id: 3542b24d-bc87-485b-bfa7-fd020301df98
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
GET

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acjv7zhir6jmdb7jzkcjxgs7n24q_2022.9.20.1141/ggkkehgbnfjpeggfpleeakpidbkibbmn_2022.9.20.1141_all_fs6e42p6n4oiiglkfie4nusfri.crx3

Remote address:

34.104.35.123:80

Request

GET /edgedl/release2/chrome_component/acjv7zhir6jmdb7jzkcjxgs7n24q_2022.9.20.1141/ggkkehgbnfjpeggfpleeakpidbkibbmn_2022.9.20.1141_all_fs6e42p6n4oiiglkfie4nusfri.crx3 HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Tue, 20 Sep 2022 19:12:00 GMT
User-Agent: Microsoft BITS/7.8
Host: edgedl.me.gvt1.com

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-length: 9930
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
date: Mon, 17 Oct 2022 12:44:08 GMT
age: 79393
last-modified: Tue, 20 Sep 2022 19:12:00 GMT
etag: "f82296"
content-type: application/octet-stream
x-request-id: d7833fe0-3ce9-49cd-8725-0abbfc630280
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
coprocessor-response: download-server
DNS

dns.google

chrome.exe

Remote address:

8.8.8.8:53

Request

dns.google

IN A

Response

dns.google

IN A

8.8.4.4

dns.google

IN A

8.8.8.8
POST

https://beacons.gcp.gvt2.com/domainreliability/upload

chrome.exe

Remote address:

142.251.36.35:443

Request

POST /domainreliability/upload HTTP/2.0
host: beacons.gcp.gvt2.com
content-length: 277
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/verify?L3dwZC9hMTQ0YTY2NDhjOWRlNmExYmFlZmU5YTNhMDYzODdmMjc3Y2QyMzY2MDE1NDA2MTA3MTA1MWI1NWRkZTk1MDdiM2ViMWZkMWE4ODAxMDM0NTAwOTY5ZTBiZTE3MGMwMTU0MDYxMDcxMDUxOGZhODJjMmQxOTRlMzIxOWRlYzEwMmI1OGJlYWZmYzExNjI3OTEwNzAxNTQwNjEwNzEwNTE5ODgwNzM5ZTk4MmYxMjNhNGE5ZDhkNzg4NDdkNWI0ODNjY2Y1NGE0MDE1NDA2MTA3MTA1MS9jYXB0P0wzZHdaQzloTVRRMFlUWTJORGhqT1dSbE5tRXhZbUZsWm1VNVlUTmhNRFl6T0RkbU1qYzNZMlF5TXpZMk1ERTFOREEyTVRBM01UQTFNV0kxTldSa1pUazFNRGRpTTJWaU1XWmtNV0U0T0RBeE1ETTBOVEF3T1RZNVpUQmlaVEUzTUdNd01UVTBNRFl4TURjeE1EVXhPR1poT0RKak1tUXhPVFJsTXpJeE9XUmxZekV3TW1JMU9HSmxZV1ptWXpFeE5qSTNPVEV3TnpBeE5UUXdOakV3TnpFd05URTVPRGd3TnpNNVpUazRNbVl4TWpOaE5HRTVaRGhrTnpnNE5EZGtOV0kwT0ROalkyWTFOR0UwTURFMU5EQTJNVEEzTVRBMU1TOXBibVJsZUE9PTc4UUFDNEZrLTRHYVQtRTJaWS1MeTM2LTFWVXFaaHlGUTBUd19KM0k0anQyU0tMNkJrbVp3NUgxVmNnaW5SbGY5Q3pVcE1OMG9GT1c4WEdBeXZFeERyaEpRV08xcEtUcU53MzVtb3ZQZGwySWlZOGdVQ0Z1YzRTRXk3dEIwZW5rNlh6QU1yalZzWEtrWjQ4eHJGaHZIc2NsSkxwVGZBR241UzdlRXcyaVFCZ2FZb01PSTl5TmpXVjF1VWQ=cNTuGtsk-YUdB-FU4C-ig2T-vPedhQW3t1c6_jbBH8naPVvDZMIwCAzi91t7efcEhd3YUXOxqmlLTN6KupyJr2GeX8pmzSc2j4lhgK39UaJyHqxuvFoNbWDRftY7MPrOwni15LEkC21PQwMtEqyFucfxKRHDO9XWLvkTGir4gnAzjBlsIeZNp30b7da&data=kumar.ravi.ext@siemens.com

chrome.exe

Remote address:

192.185.52.188:443

Request

GET /wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/verify?L3dwZC9hMTQ0YTY2NDhjOWRlNmExYmFlZmU5YTNhMDYzODdmMjc3Y2QyMzY2MDE1NDA2MTA3MTA1MWI1NWRkZTk1MDdiM2ViMWZkMWE4ODAxMDM0NTAwOTY5ZTBiZTE3MGMwMTU0MDYxMDcxMDUxOGZhODJjMmQxOTRlMzIxOWRlYzEwMmI1OGJlYWZmYzExNjI3OTEwNzAxNTQwNjEwNzEwNTE5ODgwNzM5ZTk4MmYxMjNhNGE5ZDhkNzg4NDdkNWI0ODNjY2Y1NGE0MDE1NDA2MTA3MTA1MS9jYXB0P0wzZHdaQzloTVRRMFlUWTJORGhqT1dSbE5tRXhZbUZsWm1VNVlUTmhNRFl6T0RkbU1qYzNZMlF5TXpZMk1ERTFOREEyTVRBM01UQTFNV0kxTldSa1pUazFNRGRpTTJWaU1XWmtNV0U0T0RBeE1ETTBOVEF3T1RZNVpUQmlaVEUzTUdNd01UVTBNRFl4TURjeE1EVXhPR1poT0RKak1tUXhPVFJsTXpJeE9XUmxZekV3TW1JMU9HSmxZV1ptWXpFeE5qSTNPVEV3TnpBeE5UUXdOakV3TnpFd05URTVPRGd3TnpNNVpUazRNbVl4TWpOaE5HRTVaRGhrTnpnNE5EZGtOV0kwT0ROalkyWTFOR0UwTURFMU5EQTJNVEEzTVRBMU1TOXBibVJsZUE9PTc4UUFDNEZrLTRHYVQtRTJaWS1MeTM2LTFWVXFaaHlGUTBUd19KM0k0anQyU0tMNkJrbVp3NUgxVmNnaW5SbGY5Q3pVcE1OMG9GT1c4WEdBeXZFeERyaEpRV08xcEtUcU53MzVtb3ZQZGwySWlZOGdVQ0Z1YzRTRXk3dEIwZW5rNlh6QU1yalZzWEtrWjQ4eHJGaHZIc2NsSkxwVGZBR241UzdlRXcyaVFCZ2FZb01PSTl5TmpXVjF1VWQ=cNTuGtsk-YUdB-FU4C-ig2T-vPedhQW3t1c6_jbBH8naPVvDZMIwCAzi91t7efcEhd3YUXOxqmlLTN6KupyJr2GeX8pmzSc2j4lhgK39UaJyHqxuvFoNbWDRftY7MPrOwni15LEkC21PQwMtEqyFucfxKRHDO9XWLvkTGir4gnAzjBlsIeZNp30b7da&data=kumar.ravi.ext@siemens.com HTTP/2.0
host: chikayb.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=3b89f20dc8af84d3b69b16b5ac9c362a

Response

HTTP/2.0 200

expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
content-length: 8327
content-type: text/html; charset=UTF-8
date: Tue, 18 Oct 2022 10:47:01 GMT
server: Apache
GET

https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/css/style.css

chrome.exe

Remote address:

192.185.52.188:443

Request

GET /wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/css/style.css HTTP/2.0
host: chikayb.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=3b89f20dc8af84d3b69b16b5ac9c362a

Response

HTTP/2.0 200

last-modified: Thu, 22 Sep 2022 22:07:38 GMT
accept-ranges: bytes
content-length: 513
content-type: image/svg+xml
date: Tue, 18 Oct 2022 10:47:03 GMT
server: Apache
GET

https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/arrow_left.svg

chrome.exe

Remote address:

192.185.52.188:443

Request

GET /wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/arrow_left.svg HTTP/2.0
host: chikayb.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=3b89f20dc8af84d3b69b16b5ac9c362a

Response

HTTP/2.0 200

last-modified: Thu, 22 Sep 2022 22:07:40 GMT
accept-ranges: bytes
content-length: 7833
content-type: image/png
date: Tue, 18 Oct 2022 10:47:03 GMT
server: Apache
GET

https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/enterpass.png

chrome.exe

Remote address:

192.185.52.188:443

Request

GET /wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/enterpass.png HTTP/2.0
host: chikayb.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=3b89f20dc8af84d3b69b16b5ac9c362a

Response

HTTP/2.0 200

last-modified: Thu, 22 Sep 2022 22:07:40 GMT
accept-ranges: bytes
content-length: 1446
content-type: image/png
date: Tue, 18 Oct 2022 10:47:03 GMT
server: Apache
GET

https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/firstmsg1.png

chrome.exe

Remote address:

192.185.52.188:443

Request

GET /wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/firstmsg1.png HTTP/2.0
host: chikayb.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=3b89f20dc8af84d3b69b16b5ac9c362a

Response

HTTP/2.0 200

last-modified: Thu, 22 Sep 2022 22:07:40 GMT
accept-ranges: bytes
content-length: 915
content-type: image/svg+xml
date: Tue, 18 Oct 2022 10:47:03 GMT
server: Apache
GET

https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/forgpass.png

chrome.exe

Remote address:

192.185.52.188:443

Request

GET /wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/forgpass.png HTTP/2.0
host: chikayb.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=3b89f20dc8af84d3b69b16b5ac9c362a

Response

HTTP/2.0 200

last-modified: Thu, 22 Sep 2022 22:07:40 GMT
accept-ranges: bytes
content-length: 713
content-type: image/png
date: Tue, 18 Oct 2022 10:47:03 GMT
server: Apache
GET

https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/ellipsis_grey.svg

chrome.exe

Remote address:

192.185.52.188:443

Request

GET /wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/ellipsis_grey.svg HTTP/2.0
host: chikayb.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=3b89f20dc8af84d3b69b16b5ac9c362a

Response

HTTP/2.0 200

last-modified: Thu, 22 Sep 2022 22:07:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Tue, 18 Oct 2022 10:47:03 GMT
server: Apache
GET

https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/verify?L3dwZC9hMTQ0YTY2NDhjOWRlNmExYmFlZmU5YTNhMDYzODdmMjc3Y2QyMzY2MDE1NDA2MTA3MTA1MWI1NWRkZTk1MDdiM2ViMWZkMWE4ODAxMDM0NTAwOTY5ZTBiZTE3MGMwMTU0MDYxMDcxMDUxOGZhODJjMmQxOTRlMzIxOWRlYzEwMmI1OGJlYWZmYzExNjI3OTEwNzAxNTQwNjEwNzEwNTE5ODgwNzM5ZTk4MmYxMjNhNGE5ZDhkNzg4NDdkNWI0ODNjY2Y1NGE0MDE1NDA2MTA3MTA1MS9jYXB0P0wzZHdaQzloTVRRMFlUWTJORGhqT1dSbE5tRXhZbUZsWm1VNVlUTmhNRFl6T0RkbU1qYzNZMlF5TXpZMk1ERTFOREEyTVRBM01UQTFNV0kxTldSa1pUazFNRGRpTTJWaU1XWmtNV0U0T0RBeE1ETTBOVEF3T1RZNVpUQmlaVEUzTUdNd01UVTBNRFl4TURjeE1EVXhPR1poT0RKak1tUXhPVFJsTXpJeE9XUmxZekV3TW1JMU9HSmxZV1ptWXpFeE5qSTNPVEV3TnpBeE5UUXdOakV3TnpFd05URTVPRGd3TnpNNVpUazRNbVl4TWpOaE5HRTVaRGhrTnpnNE5EZGtOV0kwT0ROalkyWTFOR0UwTURFMU5EQTJNVEEzTVRBMU1TOXBibVJsZUE9PTc4UUFDNEZrLTRHYVQtRTJaWS1MeTM2LTFWVXFaaHlGUTBUd19KM0k0anQyU0tMNkJrbVp3NUgxVmNnaW5SbGY5Q3pVcE1OMG9GT1c4WEdBeXZFeERyaEpRV08xcEtUcU53MzVtb3ZQZGwySWlZOGdVQ0Z1YzRTRXk3dEIwZW5rNlh6QU1yalZzWEtrWjQ4eHJGaHZIc2NsSkxwVGZBR241UzdlRXcyaVFCZ2FZb01PSTl5TmpXVjF1VWQ=cNTuGtsk-YUdB-FU4C-ig2T-vPedhQW3t1c6_jbBH8naPVvDZMIwCAzi91t7efcEhd3YUXOxqmlLTN6KupyJr2GeX8pmzSc2j4lhgK39UaJyHqxuvFoNbWDRftY7MPrOwni15LEkC21PQwMtEqyFucfxKRHDO9XWLvkTGir4gnAzjBlsIeZNp30b7da&data=kumar.ravi.ext@siemens.com

chrome.exe

Remote address:

192.185.52.188:443

Request

GET /wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/verify?L3dwZC9hMTQ0YTY2NDhjOWRlNmExYmFlZmU5YTNhMDYzODdmMjc3Y2QyMzY2MDE1NDA2MTA3MTA1MWI1NWRkZTk1MDdiM2ViMWZkMWE4ODAxMDM0NTAwOTY5ZTBiZTE3MGMwMTU0MDYxMDcxMDUxOGZhODJjMmQxOTRlMzIxOWRlYzEwMmI1OGJlYWZmYzExNjI3OTEwNzAxNTQwNjEwNzEwNTE5ODgwNzM5ZTk4MmYxMjNhNGE5ZDhkNzg4NDdkNWI0ODNjY2Y1NGE0MDE1NDA2MTA3MTA1MS9jYXB0P0wzZHdaQzloTVRRMFlUWTJORGhqT1dSbE5tRXhZbUZsWm1VNVlUTmhNRFl6T0RkbU1qYzNZMlF5TXpZMk1ERTFOREEyTVRBM01UQTFNV0kxTldSa1pUazFNRGRpTTJWaU1XWmtNV0U0T0RBeE1ETTBOVEF3T1RZNVpUQmlaVEUzTUdNd01UVTBNRFl4TURjeE1EVXhPR1poT0RKak1tUXhPVFJsTXpJeE9XUmxZekV3TW1JMU9HSmxZV1ptWXpFeE5qSTNPVEV3TnpBeE5UUXdOakV3TnpFd05URTVPRGd3TnpNNVpUazRNbVl4TWpOaE5HRTVaRGhrTnpnNE5EZGtOV0kwT0ROalkyWTFOR0UwTURFMU5EQTJNVEEzTVRBMU1TOXBibVJsZUE9PTc4UUFDNEZrLTRHYVQtRTJaWS1MeTM2LTFWVXFaaHlGUTBUd19KM0k0anQyU0tMNkJrbVp3NUgxVmNnaW5SbGY5Q3pVcE1OMG9GT1c4WEdBeXZFeERyaEpRV08xcEtUcU53MzVtb3ZQZGwySWlZOGdVQ0Z1YzRTRXk3dEIwZW5rNlh6QU1yalZzWEtrWjQ4eHJGaHZIc2NsSkxwVGZBR241UzdlRXcyaVFCZ2FZb01PSTl5TmpXVjF1VWQ=cNTuGtsk-YUdB-FU4C-ig2T-vPedhQW3t1c6_jbBH8naPVvDZMIwCAzi91t7efcEhd3YUXOxqmlLTN6KupyJr2GeX8pmzSc2j4lhgK39UaJyHqxuvFoNbWDRftY7MPrOwni15LEkC21PQwMtEqyFucfxKRHDO9XWLvkTGir4gnAzjBlsIeZNp30b7da&data=kumar.ravi.ext@siemens.com HTTP/2.0
host: chikayb.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=3b89f20dc8af84d3b69b16b5ac9c362a

Response

HTTP/2.0 200

last-modified: Thu, 22 Sep 2022 22:07:42 GMT
accept-ranges: bytes
content-length: 736
content-type: image/png
date: Tue, 18 Oct 2022 10:47:03 GMT
server: Apache
GET

https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/sigin.png

chrome.exe

Remote address:

192.185.52.188:443

Request

GET /wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/sigin.png HTTP/2.0
host: chikayb.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/css/style.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=3b89f20dc8af84d3b69b16b5ac9c362a

Response

HTTP/2.0 200

last-modified: Thu, 22 Sep 2022 22:07:42 GMT
accept-ranges: bytes
content-length: 902
content-type: image/png
date: Tue, 18 Oct 2022 10:47:04 GMT
server: Apache
GET

https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/passwrd.png

chrome.exe

Remote address:

192.185.52.188:443

Request

GET /wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/passwrd.png HTTP/2.0
host: chikayb.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=3b89f20dc8af84d3b69b16b5ac9c362a

Response

HTTP/2.0 200

expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
content-length: 8332
content-type: text/html; charset=UTF-8
date: Tue, 18 Oct 2022 10:47:03 GMT
server: Apache
GET

https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/fonts/tsd.woff2

chrome.exe

Remote address:

192.185.52.188:443

Request

GET /wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/fonts/tsd.woff2 HTTP/2.0
host: chikayb.com
origin: https://chikayb.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=3b89f20dc8af84d3b69b16b5ac9c362a

Response

HTTP/2.0 200

last-modified: Thu, 22 Sep 2022 22:07:38 GMT
accept-ranges: bytes
content-length: 2280
content-type: font/woff2
date: Tue, 18 Oct 2022 10:47:06 GMT
server: Apache
POST

https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/remkus?L3dwZC9hMTQ0YTY2NDhjOWRlNmExYmFlZmU5YTNhMDYzODdmMjc3Y2QyMzY2MDE1NDA2MTA3MTA1MWI1NWRkZTk1MDdiM2ViMWZkMWE4ODAxMDM0NTAwOTY5ZTBiZTE3MGMwMTU0MDYxMDcxMDUxOGZhODJjMmQxOTRlMzIxOWRlYzEwMmI1OGJlYWZmYzExNjI3OTEwNzAxNTQwNjEwNzEwNTE5ODgwNzM5ZTk4MmYxMjNhNGE5ZDhkNzg4NDdkNWI0ODNjY2Y1NGE0MDE1NDA2MTA3MTA1MS92ZXJpZnk/TDNkd1pDOWhNVFEwWVRZMk5EaGpPV1JsTm1FeFltRmxabVU1WVROaE1EWXpPRGRtTWpjM1kyUXlNelkyTURFMU5EQTJNVEEzTVRBMU1XSTFOV1JrWlRrMU1EZGlNMlZpTVdaa01XRTRPREF4TURNME5UQXdPVFk1WlRCaVpURTNNR013TVRVME1EWXhNRGN4TURVeE9HWmhPREpqTW1ReE9UUmxNekl4T1dSbFl6RXdNbUkxT0dKbFlXWm1ZekV4TmpJM09URXdOekF4TlRRd05qRXdOekV3TlRFNU9EZ3dOek01WlRrNE1tWXhNak5oTkdFNVpEaGtOemc0TkRka05XSTBPRE5qWTJZMU5HRTBNREUxTkRBMk1UQTNNVEExTVM5allYQjBQMHd6WkhkYVF6bG9UVlJSTUZsVVdUSk9SR2hxVDFkU2JFNXRSWGhaYlVac1dtMVZOVmxVVG1oTlJGbDZUMFJrYlUxcVl6TlpNbEY1VFhwWk1rMUVSVEZPUkVFeVRWUkJNMDFVUVRGTlYwa3hUbGRTYTFwVWF6Rk5SR1JwVFRKV2FVMVhXbXROVjBVMFQwUkJlRTFFVFRCT1ZFRjNUMVJaTlZwVVFtbGFWRVV6VFVkTmQwMVVWVEJOUkZsNFRVUmplRTFFVlhoUFIxcG9UMFJLYWsxdFVYaFBWRkpzVFhwSmVFOVhVbXhaZWtWM1RXMUpNVTlIU214WlYxcHRXWHBGZUU1cVNUTlBWRVYzVG5wQmVFNVVVWGRPYWtWM1RucEZkMDVVUlRWUFJHZDNUbnBOTlZwVWF6Uk5iVmw0VFdwT2FFNUhSVFZhUkdoclRucG5ORTVFWkd0T1Ywa3dUMFJPYWxreVdURk9SMFV3VFVSRk1VNUVRVEpOVkVFelRWUkJNVTFUT1hCaWJWSnNaVUU5UFRjNFVVRkRORVpyTFRSSFlWUXRSVEphV1MxTWVUTTJMVEZXVlhGYWFIbEdVVEJVZDE5S00wazBhblF5VTB0TU5rSnJiVnAzTlVneFZtTm5hVzVTYkdZNVEzcFZjRTFPTUc5R1QxYzRXRWRCZVhaRmVFUnlhRXBSVjA4eGNFdFVjVTUzTXpWdGIzWlFaR3d5U1dsWk9HZFZRMFoxWXpSVFJYazNkRUl3Wlc1ck5saDZRVTF5YWxaeldFdHJXalE0ZUhKR2FIWkljMk5zU2t4d1ZHWkJSMjQxVXpkbFJYY3lhVkZDWjJGWmIwMVBTVGw1VG1wWFZqRjFWV1E9Y05UdUd0c2stWVVkQi1GVTRDLWlnMlQtdlBlZGhRVzN0MWM2X2piQkg4bmFQVnZEWk1Jd0NBemk5MXQ3ZWZjRWhkM1lVWE94cW1sTFRONkt1cHlKcjJHZVg4cG16U2MyajRsaGdLMzlVYUp5SHF4dXZGb05iV0RSZnRZN01Qck93bmkxNUxFa0MyMVBRd010RXF5RnVjZnhLUkhETzlYV0x2a1RHaXI0Z25BempCbHNJZVpOcDMwYjdkYSZkYXRhPWt1bWFyLnJhdmkuZXh0QHNpZW1lbnMuY29tsJgCnedG-0nfP-g56R-AmnC-oQjeRc4gWtS3_KT9zWOPriZ87lCUtgfvSVoxJyIGcXL3unjD1M2ewmFdQ0NaRkbCYmVk8R0Itfuz2ebxslrFypdDQMv5nBHh1jq4TgNJPLA6ZwKo3L2j96ahoR5rVmKzFZfqPvUnpwyY1NMAx4W7OGBsuCEt38eJH0l&data=a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20=&isok=y

chrome.exe

Remote address:

192.185.52.188:443

Request

POST /wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/remkus?L3dwZC9hMTQ0YTY2NDhjOWRlNmExYmFlZmU5YTNhMDYzODdmMjc3Y2QyMzY2MDE1NDA2MTA3MTA1MWI1NWRkZTk1MDdiM2ViMWZkMWE4ODAxMDM0NTAwOTY5ZTBiZTE3MGMwMTU0MDYxMDcxMDUxOGZhODJjMmQxOTRlMzIxOWRlYzEwMmI1OGJlYWZmYzExNjI3OTEwNzAxNTQwNjEwNzEwNTE5ODgwNzM5ZTk4MmYxMjNhNGE5ZDhkNzg4NDdkNWI0ODNjY2Y1NGE0MDE1NDA2MTA3MTA1MS92ZXJpZnk/TDNkd1pDOWhNVFEwWVRZMk5EaGpPV1JsTm1FeFltRmxabVU1WVROaE1EWXpPRGRtTWpjM1kyUXlNelkyTURFMU5EQTJNVEEzTVRBMU1XSTFOV1JrWlRrMU1EZGlNMlZpTVdaa01XRTRPREF4TURNME5UQXdPVFk1WlRCaVpURTNNR013TVRVME1EWXhNRGN4TURVeE9HWmhPREpqTW1ReE9UUmxNekl4T1dSbFl6RXdNbUkxT0dKbFlXWm1ZekV4TmpJM09URXdOekF4TlRRd05qRXdOekV3TlRFNU9EZ3dOek01WlRrNE1tWXhNak5oTkdFNVpEaGtOemc0TkRka05XSTBPRE5qWTJZMU5HRTBNREUxTkRBMk1UQTNNVEExTVM5allYQjBQMHd6WkhkYVF6bG9UVlJSTUZsVVdUSk9SR2hxVDFkU2JFNXRSWGhaYlVac1dtMVZOVmxVVG1oTlJGbDZUMFJrYlUxcVl6TlpNbEY1VFhwWk1rMUVSVEZPUkVFeVRWUkJNMDFVUVRGTlYwa3hUbGRTYTFwVWF6Rk5SR1JwVFRKV2FVMVhXbXROVjBVMFQwUkJlRTFFVFRCT1ZFRjNUMVJaTlZwVVFtbGFWRVV6VFVkTmQwMVVWVEJOUkZsNFRVUmplRTFFVlhoUFIxcG9UMFJLYWsxdFVYaFBWRkpzVFhwSmVFOVhVbXhaZWtWM1RXMUpNVTlIU214WlYxcHRXWHBGZUU1cVNUTlBWRVYzVG5wQmVFNVVVWGRPYWtWM1RucEZkMDVVUlRWUFJHZDNUbnBOTlZwVWF6Uk5iVmw0VFdwT2FFNUhSVFZhUkdoclRucG5ORTVFWkd0T1Ywa3dUMFJPYWxreVdURk9SMFV3VFVSRk1VNUVRVEpOVkVFelRWUkJNVTFUT1hCaWJWSnNaVUU5UFRjNFVVRkRORVpyTFRSSFlWUXRSVEphV1MxTWVUTTJMVEZXVlhGYWFIbEdVVEJVZDE5S00wazBhblF5VTB0TU5rSnJiVnAzTlVneFZtTm5hVzVTYkdZNVEzcFZjRTFPTUc5R1QxYzRXRWRCZVhaRmVFUnlhRXBSVjA4eGNFdFVjVTUzTXpWdGIzWlFaR3d5U1dsWk9HZFZRMFoxWXpSVFJYazNkRUl3Wlc1ck5saDZRVTF5YWxaeldFdHJXalE0ZUhKR2FIWkljMk5zU2t4d1ZHWkJSMjQxVXpkbFJYY3lhVkZDWjJGWmIwMVBTVGw1VG1wWFZqRjFWV1E9Y05UdUd0c2stWVVkQi1GVTRDLWlnMlQtdlBlZGhRVzN0MWM2X2piQkg4bmFQVnZEWk1Jd0NBemk5MXQ3ZWZjRWhkM1lVWE94cW1sTFRONkt1cHlKcjJHZVg4cG16U2MyajRsaGdLMzlVYUp5SHF4dXZGb05iV0RSZnRZN01Qck93bmkxNUxFa0MyMVBRd010RXF5RnVjZnhLUkhETzlYV0x2a1RHaXI0Z25BempCbHNJZVpOcDMwYjdkYSZkYXRhPWt1bWFyLnJhdmkuZXh0QHNpZW1lbnMuY29tsJgCnedG-0nfP-g56R-AmnC-oQjeRc4gWtS3_KT9zWOPriZ87lCUtgfvSVoxJyIGcXL3unjD1M2ewmFdQ0NaRkbCYmVk8R0Itfuz2ebxslrFypdDQMv5nBHh1jq4TgNJPLA6ZwKo3L2j96ahoR5rVmKzFZfqPvUnpwyY1NMAx4W7OGBsuCEt38eJH0l&data=a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20=&isok=y HTTP/2.0
host: chikayb.com
content-length: 16
cache-control: max-age=0
upgrade-insecure-requests: 1
origin: null
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=3b89f20dc8af84d3b69b16b5ac9c362a

Response

HTTP/2.0 200

expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
content-length: 279
content-type: text/html; charset=UTF-8
date: Tue, 18 Oct 2022 10:47:08 GMT
server: Apache
GET

https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/verify?wYjVkL7RPcADtrHOXNyBvlnKqM8FJh0ZIeEdQg3uTUfWa62GSbZ4AeP8agu61G9DL7mviy3qwKnJdYHcksRXFbBOQ5lfzIpNo2VUg8zlLcJbQs3UvjuaxmiMRHKkGZq4AC6YEpVFDnIth50doSOyr2&status=error&string=signin&data=a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20=

chrome.exe

Remote address:

192.185.52.188:443

Request

GET /wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/verify?wYjVkL7RPcADtrHOXNyBvlnKqM8FJh0ZIeEdQg3uTUfWa62GSbZ4AeP8agu61G9DL7mviy3qwKnJdYHcksRXFbBOQ5lfzIpNo2VUg8zlLcJbQs3UvjuaxmiMRHKkGZq4AC6YEpVFDnIth50doSOyr2&status=error&string=signin&data=a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20= HTTP/2.0
host: chikayb.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/remkus?L3dwZC9hMTQ0YTY2NDhjOWRlNmExYmFlZmU5YTNhMDYzODdmMjc3Y2QyMzY2MDE1NDA2MTA3MTA1MWI1NWRkZTk1MDdiM2ViMWZkMWE4ODAxMDM0NTAwOTY5ZTBiZTE3MGMwMTU0MDYxMDcxMDUxOGZhODJjMmQxOTRlMzIxOWRlYzEwMmI1OGJlYWZmYzExNjI3OTEwNzAxNTQwNjEwNzEwNTE5ODgwNzM5ZTk4MmYxMjNhNGE5ZDhkNzg4NDdkNWI0ODNjY2Y1NGE0MDE1NDA2MTA3MTA1MS92ZXJpZnk/TDNkd1pDOWhNVFEwWVRZMk5EaGpPV1JsTm1FeFltRmxabVU1WVROaE1EWXpPRGRtTWpjM1kyUXlNelkyTURFMU5EQTJNVEEzTVRBMU1XSTFOV1JrWlRrMU1EZGlNMlZpTVdaa01XRTRPREF4TURNME5UQXdPVFk1WlRCaVpURTNNR013TVRVME1EWXhNRGN4TURVeE9HWmhPREpqTW1ReE9UUmxNekl4T1dSbFl6RXdNbUkxT0dKbFlXWm1ZekV4TmpJM09URXdOekF4TlRRd05qRXdOekV3TlRFNU9EZ3dOek01WlRrNE1tWXhNak5oTkdFNVpEaGtOemc0TkRka05XSTBPRE5qWTJZMU5HRTBNREUxTkRBMk1UQTNNVEExTVM5allYQjBQMHd6WkhkYVF6bG9UVlJSTUZsVVdUSk9SR2hxVDFkU2JFNXRSWGhaYlVac1dtMVZOVmxVVG1oTlJGbDZUMFJrYlUxcVl6TlpNbEY1VFhwWk1rMUVSVEZPUkVFeVRWUkJNMDFVUVRGTlYwa3hUbGRTYTFwVWF6Rk5SR1JwVFRKV2FVMVhXbXROVjBVMFQwUkJlRTFFVFRCT1ZFRjNUMVJaTlZwVVFtbGFWRVV6VFVkTmQwMVVWVEJOUkZsNFRVUmplRTFFVlhoUFIxcG9UMFJLYWsxdFVYaFBWRkpzVFhwSmVFOVhVbXhaZWtWM1RXMUpNVTlIU214WlYxcHRXWHBGZUU1cVNUTlBWRVYzVG5wQmVFNVVVWGRPYWtWM1RucEZkMDVVUlRWUFJHZDNUbnBOTlZwVWF6Uk5iVmw0VFdwT2FFNUhSVFZhUkdoclRucG5ORTVFWkd0T1Ywa3dUMFJPYWxreVdURk9SMFV3VFVSRk1VNUVRVEpOVkVFelRWUkJNVTFUT1hCaWJWSnNaVUU5UFRjNFVVRkRORVpyTFRSSFlWUXRSVEphV1MxTWVUTTJMVEZXVlhGYWFIbEdVVEJVZDE5S00wazBhblF5VTB0TU5rSnJiVnAzTlVneFZtTm5hVzVTYkdZNVEzcFZjRTFPTUc5R1QxYzRXRWRCZVhaRmVFUnlhRXBSVjA4eGNFdFVjVTUzTXpWdGIzWlFaR3d5U1dsWk9HZFZRMFoxWXpSVFJYazNkRUl3Wlc1ck5saDZRVTF5YWxaeldFdHJXalE0ZUhKR2FIWkljMk5zU2t4d1ZHWkJSMjQxVXpkbFJYY3lhVkZDWjJGWmIwMVBTVGw1VG1wWFZqRjFWV1E9Y05UdUd0c2stWVVkQi1GVTRDLWlnMlQtdlBlZGhRVzN0MWM2X2piQkg4bmFQVnZEWk1Jd0NBemk5MXQ3ZWZjRWhkM1lVWE94cW1sTFRONkt1cHlKcjJHZVg4cG16U2MyajRsaGdLMzlVYUp5SHF4dXZGb05iV0RSZnRZN01Qck93bmkxNUxFa0MyMVBRd010RXF5RnVjZnhLUkhETzlYV0x2a1RHaXI0Z25BempCbHNJZVpOcDMwYjdkYSZkYXRhPWt1bWFyLnJhdmkuZXh0QHNpZW1lbnMuY29tsJgCnedG-0nfP-g56R-AmnC-oQjeRc4gWtS3_KT9zWOPriZ87lCUtgfvSVoxJyIGcXL3unjD1M2ewmFdQ0NaRkbCYmVk8R0Itfuz2ebxslrFypdDQMv5nBHh1jq4TgNJPLA6ZwKo3L2j96ahoR5rVmKzFZfqPvUnpwyY1NMAx4W7OGBsuCEt38eJH0l&data=a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20=&isok=y
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=3b89f20dc8af84d3b69b16b5ac9c362a

Response

HTTP/2.0 200

expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
content-length: 7338
content-type: text/html; charset=UTF-8
date: Tue, 18 Oct 2022 10:47:14 GMT
server: Apache
GET

https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/verify?wYjVkL7RPcADtrHOXNyBvlnKqM8FJh0ZIeEdQg3uTUfWa62GSbZ4AeP8agu61G9DL7mviy3qwKnJdYHcksRXFbBOQ5lfzIpNo2VUg8zlLcJbQs3UvjuaxmiMRHKkGZq4AC6YEpVFDnIth50doSOyr2&status=error&string=signin&data=a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20=

chrome.exe

Remote address:

192.185.52.188:443

Request

GET /wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/verify?wYjVkL7RPcADtrHOXNyBvlnKqM8FJh0ZIeEdQg3uTUfWa62GSbZ4AeP8agu61G9DL7mviy3qwKnJdYHcksRXFbBOQ5lfzIpNo2VUg8zlLcJbQs3UvjuaxmiMRHKkGZq4AC6YEpVFDnIth50doSOyr2&status=error&string=signin&data=a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20= HTTP/2.0
host: chikayb.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: PHPSESSID=3b89f20dc8af84d3b69b16b5ac9c362a

Response

HTTP/2.0 200

expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
content-length: 7379
content-type: text/html; charset=UTF-8
date: Tue, 18 Oct 2022 10:47:17 GMT
server: Apache

142.251.36.45:443

accounts.google.com

tls, https

chrome.exe

2.0kB
7.6kB
21
22
172.217.168.238:443

clients2.google.com

chrome.exe

260 B
5
52.222.139.57:443

api.targetx.com

chrome.exe

260 B
5
52.222.139.57:443

https://api.targetx.com/email-interact/redirect?id=MTEwMDAwNDk4IDcwMTYxMDAwMDAxdU1NNUFBTSBhMFY0TjAwMDAwZ1VnaVhVQVMgMDAzNE4wMDAwMzhRZ0VXUUEw&link=https://Siemens.steltzer.com/lt/a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20=

tls, http2

chrome.exe

2.1kB
7.2kB
20
24

HTTP Request

GET https://api.targetx.com/email-interact/redirect?id=MTEwMDAwNDk4IDcwMTYxMDAwMDAxdU1NNUFBTSBhMFY0TjAwMDAwZ1VnaVhVQVMgMDAzNE4wMDAwMzhRZ0VXUUEw&link=https://Siemens.steltzer.com/lt/a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20=

HTTP Response

302
52.222.139.57:443

api.targetx.com

tls, https

chrome.exe

1.0kB
6.1kB
10
11
172.217.168.238:443

https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=89.0.4389.114&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D47%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D47%2526e%253D1

tls, http2

chrome.exe

2.2kB
9.8kB
19
23

HTTP Request

GET https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=89.0.4389.114&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D47%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D47%2526e%253D1
34.104.35.123:80

http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvNzI0QUFXNV9zT2RvdUwyMERESEZGVmJnQQ/1.0.0.6_nmmhkkegccagdldgiimedpiccmgmieda.crx

http

chrome.exe

5.0kB
256.7kB
101
190

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvNzI0QUFXNV9zT2RvdUwyMERESEZGVmJnQQ/1.0.0.6_nmmhkkegccagdldgiimedpiccmgmieda.crx

HTTP Response

200
192.254.232.179:443

https://siemens.steltzer.com/lt/a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20=

tls, http2

chrome.exe

1.7kB
4.8kB
13
15

HTTP Request

GET https://siemens.steltzer.com/lt/a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20=

HTTP Response

200
192.254.232.179:443

siemens.steltzer.com

tls, https

chrome.exe

1.3kB
4.6kB
16
16
192.185.52.188:443

https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/favicon.ico

tls, http2

chrome.exe

3.4kB
12.0kB
23
26

HTTP Request

GET https://chikayb.com/wpd/

HTTP Response

200

HTTP Request

GET https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/index

HTTP Response

200

HTTP Request

GET https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/capt?L3dwZC9hMTQ0YTY2NDhjOWRlNmExYmFlZmU5YTNhMDYzODdmMjc3Y2QyMzY2MDE1NDA2MTA3MTA1MWI1NWRkZTk1MDdiM2ViMWZkMWE4ODAxMDM0NTAwOTY5ZTBiZTE3MGMwMTU0MDYxMDcxMDUxOGZhODJjMmQxOTRlMzIxOWRlYzEwMmI1OGJlYWZmYzExNjI3OTEwNzAxNTQwNjEwNzEwNTE5ODgwNzM5ZTk4MmYxMjNhNGE5ZDhkNzg4NDdkNWI0ODNjY2Y1NGE0MDE1NDA2MTA3MTA1MS9pbmRleA==78QAC4Fk-4GaT-E2ZY-Ly36-1VUqZhyFQ0Tw_J3I4jt2SKL6BkmZw5H1VcginRlf9CzUpMN0oFOW8XGAyvExDrhJQWO1pKTqNw35movPdl2IiY8gUCFuc4SEy7tB0enk6XzAMrjVsXKkZ48xrFhvHsclJLpTfAGn5S7eEw2iQBgaYoMOI9yNjWV1uUd

HTTP Response

200

HTTP Request

GET https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/favicon.ico

HTTP Response

200
192.185.52.188:443

chikayb.com

tls, https

chrome.exe

1.2kB
6.2kB
14
13
192.185.52.188:443

chikayb.com

tls, https

chrome.exe

1.2kB
6.2kB
13
13
96.16.53.134:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

chrome.exe

416 B
1.7kB
6
5

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
8.8.4.4:443

https://dns.google/dns-query?dns=AAABAAABAAAAAAABB2JlYWNvbnMDZ2NwBGd2dDIDY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

tls, http2

chrome.exe

2.6kB
9.1kB
26
32

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABB2NoaWtheWIDY29tAAABAAEAACkQAAAAAAAAWAAMAFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABB2JlYWNvbnMDZ2NwBGd2dDIDY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
8.8.4.4:443

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

tls, http2

chrome.exe

2.2kB
8.3kB
22
28

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
216.58.208.99:443

https://ssl.gstatic.com/safebrowsing/csd/client_model_v5_variation_6.pb

tls, http2

chrome.exe

3.2kB
92.4kB
49
79

HTTP Request

GET https://ssl.gstatic.com/safebrowsing/csd/client_model_v5_variation_6.pb
216.58.208.106:443

https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvODkuMC40Mzg5LjExNBIQCWl8za9_LtI6EgUNU1pHxQ==?alt=proto

tls, http2

chrome.exe

2.0kB
6.8kB
19
20

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChRDaHJvbWUvODkuMC40Mzg5LjExNBIQCWl8za9_LtI6EgUNU1pHxQ==?alt=proto
93.184.221.240:80

322 B
7
8.8.4.4:443

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

tls, http2

chrome.exe

1.8kB
7.4kB
19
21

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
52.222.139.83:443

api.targetx.com

tls, https

chrome.exe

1.1kB
942 B
11
11
20.189.173.1:443

322 B
7
87.248.202.1:80

322 B
7
93.184.221.240:80

322 B
7
142.250.179.163:443

https://update.googleapis.com/service/update2/json?cup2key=10:2144526989&cup2hreq=6e2bc447af64c65912627dd0379140469fea030be0ccddc816e6c3b33dde19ae

tls, http2

chrome.exe

5.6kB
11.5kB
21
23

HTTP Request

POST https://update.googleapis.com/service/update2/json?cup2key=10:2144526989&cup2hreq=6e2bc447af64c65912627dd0379140469fea030be0ccddc816e6c3b33dde19ae
34.104.35.123:80

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AIZk8O7Cv2UUbxc_aaUykKI_7/ALzUVHP-vRgKCzqwbtGugSE

http

125.5kB
7.1MB
2594
5106

HTTP Request

HEAD http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA

HTTP Response

200

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA

HTTP Response

206

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA

HTTP Response

206

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA

HTTP Response

206

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA

HTTP Response

206

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA

HTTP Response

206

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA

HTTP Response

206

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA

HTTP Response

206

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AJqZYiqGvCtix64S2N84g-M_2020.11.2.164946/EWvH2e-LS80S29cxzuTfRA

HTTP Response

206

HTTP Request

HEAD http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx

HTTP Response

200

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx

HTTP Response

206

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx

HTTP Response

206

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx

HTTP Response

206

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx

HTTP Response

206

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjFkQUFWdmlaXy12MHFUTGhWQUViMUVlUQ/0.57.44.2492_hnimpnehoodheedghdeeijklkeaacbdc.crx

HTTP Response

206

HTTP Request

HEAD http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adfpbpukafbuylpxajuughtoh6ha_7647/hfnkpimlhhgieaddgfemjhofmfblmnib_7647_all_ad5zs2tshlm2iqpc645vapkmhlwa.crx3

HTTP Response

200

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adfpbpukafbuylpxajuughtoh6ha_7647/hfnkpimlhhgieaddgfemjhofmfblmnib_7647_all_ad5zs2tshlm2iqpc645vapkmhlwa.crx3

HTTP Response

200

HTTP Request

HEAD http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvODJiQUFYYVJaZ0k5di1hUFlXS1prX2xDZw/1.0.0.13_llkgjffcdpffmhiakmfcdcblohccpfmo.crx

HTTP Response

200

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvODJiQUFYYVJaZ0k5di1hUFlXS1prX2xDZw/1.0.0.13_llkgjffcdpffmhiakmfcdcblohccpfmo.crx

HTTP Response

200

HTTP Request

HEAD http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AIZk8O7Cv2UUbxc_aaUykKI_7/ALzUVHP-vRgKCzqwbtGugSE

HTTP Response

200
8.8.4.4:443

https://dns.google/dns-query?dns=AAABAAABAAAAAAABDHNhZmVicm93c2luZwpnb29nbGVhcGlzA2NvbQAAAQABAAApEAAAAAAAAEgADABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

tls, http2

chrome.exe

2.1kB
8.1kB
20
23

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABDHNhZmVicm93c2luZwpnb29nbGVhcGlzA2NvbQAAAQABAAApEAAAAAAAAEgADABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
142.250.179.170:443

https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$req=Ch0KDGdvb2dsZWNocm9tZRINODkuMC40Mzg5LjExNBoMCAUQASIEIAEgAigBGgwIARABIgQgASACKAEaDAgDEAEiBCABIAIoARoMCAcQASIEIAEgAigBGgwIARABIgQgASACKAMaDAgBEAgiBCABIAIoBBoMCAkQASIEIAEgAigGGgwIDxABIgQgASACKAEaDAgKEAgiBCABIAIoARoMCAkQASIEIAEgAigBGgwICBABIgQgASACKAEaDAgNEAEiBCABIAIoARoMCA4QASIEIAEgAigBGgwIEBABIgQgASACKAEiAggB&$ct=application/x-protobuf&key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw

tls, http2

chrome.exe

209.0kB
12.4MB
4512
8898

HTTP Request

GET https://safebrowsing.googleapis.com/v4/threatListUpdates:fetch?$req=Ch0KDGdvb2dsZWNocm9tZRINODkuMC40Mzg5LjExNBoMCAUQASIEIAEgAigBGgwIARABIgQgASACKAEaDAgDEAEiBCABIAIoARoMCAcQASIEIAEgAigBGgwIARABIgQgASACKAMaDAgBEAgiBCABIAIoBBoMCAkQASIEIAEgAigGGgwIDxABIgQgASACKAEaDAgKEAgiBCABIAIoARoMCAkQASIEIAEgAigBGgwICBABIgQgASACKAEaDAgNEAEiBCABIAIoARoMCA4QASIEIAEgAigBGgwIEBABIgQgASACKAEiAggB&$ct=application/x-protobuf&key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
34.104.35.123:80

http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acjv7zhir6jmdb7jzkcjxgs7n24q_2022.9.20.1141/ggkkehgbnfjpeggfpleeakpidbkibbmn_2022.9.20.1141_all_fs6e42p6n4oiiglkfie4nusfri.crx3

http

35.7kB
1.9MB
705
1378

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AIZk8O7Cv2UUbxc_aaUykKI_7/ALzUVHP-vRgKCzqwbtGugSE

HTTP Response

200

HTTP Request

HEAD http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/YGkwa4MXjfWSuERyWQYP_A_4/aapLKTSZ439A-0g3nqJr3Q

HTTP Response

200

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/YGkwa4MXjfWSuERyWQYP_A_4/aapLKTSZ439A-0g3nqJr3Q

HTTP Response

200

HTTP Request

HEAD http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/accnrqvk2u32p5vftufawsvnlpkq_54/khaoiebndkojlmppeemjhbpbandiljpe_54_win_dmln4upudhgz6z3pcihf7cmpr4.crx3

HTTP Response

200

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/accnrqvk2u32p5vftufawsvnlpkq_54/khaoiebndkojlmppeemjhbpbandiljpe_54_win_dmln4upudhgz6z3pcihf7cmpr4.crx3

HTTP Response

200

HTTP Request

HEAD http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/mk5f7o5y6llg3qpdlrmtg4inte_109.0.5366.0/jamhcnnkihinmdlkakkaopbjbbcngflc_109.0.5366.0_all_acavryodfzll3heohonga2qbaxca.crx3

HTTP Response

200

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/mk5f7o5y6llg3qpdlrmtg4inte_109.0.5366.0/jamhcnnkihinmdlkakkaopbjbbcngflc_109.0.5366.0_all_acavryodfzll3heohonga2qbaxca.crx3

HTTP Response

200

HTTP Request

HEAD http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/ad2wt4kzsdz6p6enh442u5fjlsia_20221007.480864143/obedbbhbpmojnkanicioggnmelmoomoc_20221007.480864143_all_ENUS_bgupegey6uchlxj2kqfpgo4ega.crx3

HTTP Response

200

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/ad2wt4kzsdz6p6enh442u5fjlsia_20221007.480864143/obedbbhbpmojnkanicioggnmelmoomoc_20221007.480864143_all_ENUS_bgupegey6uchlxj2kqfpgo4ega.crx3

HTTP Response

200

HTTP Request

HEAD http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acjv7zhir6jmdb7jzkcjxgs7n24q_2022.9.20.1141/ggkkehgbnfjpeggfpleeakpidbkibbmn_2022.9.20.1141_all_fs6e42p6n4oiiglkfie4nusfri.crx3

HTTP Response

200

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acjv7zhir6jmdb7jzkcjxgs7n24q_2022.9.20.1141/ggkkehgbnfjpeggfpleeakpidbkibbmn_2022.9.20.1141_all_fs6e42p6n4oiiglkfie4nusfri.crx3

HTTP Response

200
142.251.36.35:443

https://beacons.gcp.gvt2.com/domainreliability/upload

tls, http2

chrome.exe

1.9kB
6.6kB
14
13

HTTP Request

POST https://beacons.gcp.gvt2.com/domainreliability/upload
192.185.52.188:443

https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/verify?wYjVkL7RPcADtrHOXNyBvlnKqM8FJh0ZIeEdQg3uTUfWa62GSbZ4AeP8agu61G9DL7mviy3qwKnJdYHcksRXFbBOQ5lfzIpNo2VUg8zlLcJbQs3UvjuaxmiMRHKkGZq4AC6YEpVFDnIth50doSOyr2&status=error&string=signin&data=a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20=

tls, http2

chrome.exe

13.7kB
77.5kB
71
92

HTTP Request

GET https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/verify?L3dwZC9hMTQ0YTY2NDhjOWRlNmExYmFlZmU5YTNhMDYzODdmMjc3Y2QyMzY2MDE1NDA2MTA3MTA1MWI1NWRkZTk1MDdiM2ViMWZkMWE4ODAxMDM0NTAwOTY5ZTBiZTE3MGMwMTU0MDYxMDcxMDUxOGZhODJjMmQxOTRlMzIxOWRlYzEwMmI1OGJlYWZmYzExNjI3OTEwNzAxNTQwNjEwNzEwNTE5ODgwNzM5ZTk4MmYxMjNhNGE5ZDhkNzg4NDdkNWI0ODNjY2Y1NGE0MDE1NDA2MTA3MTA1MS9jYXB0P0wzZHdaQzloTVRRMFlUWTJORGhqT1dSbE5tRXhZbUZsWm1VNVlUTmhNRFl6T0RkbU1qYzNZMlF5TXpZMk1ERTFOREEyTVRBM01UQTFNV0kxTldSa1pUazFNRGRpTTJWaU1XWmtNV0U0T0RBeE1ETTBOVEF3T1RZNVpUQmlaVEUzTUdNd01UVTBNRFl4TURjeE1EVXhPR1poT0RKak1tUXhPVFJsTXpJeE9XUmxZekV3TW1JMU9HSmxZV1ptWXpFeE5qSTNPVEV3TnpBeE5UUXdOakV3TnpFd05URTVPRGd3TnpNNVpUazRNbVl4TWpOaE5HRTVaRGhrTnpnNE5EZGtOV0kwT0ROalkyWTFOR0UwTURFMU5EQTJNVEEzTVRBMU1TOXBibVJsZUE9PTc4UUFDNEZrLTRHYVQtRTJaWS1MeTM2LTFWVXFaaHlGUTBUd19KM0k0anQyU0tMNkJrbVp3NUgxVmNnaW5SbGY5Q3pVcE1OMG9GT1c4WEdBeXZFeERyaEpRV08xcEtUcU53MzVtb3ZQZGwySWlZOGdVQ0Z1YzRTRXk3dEIwZW5rNlh6QU1yalZzWEtrWjQ4eHJGaHZIc2NsSkxwVGZBR241UzdlRXcyaVFCZ2FZb01PSTl5TmpXVjF1VWQ=cNTuGtsk-YUdB-FU4C-ig2T-vPedhQW3t1c6_jbBH8naPVvDZMIwCAzi91t7efcEhd3YUXOxqmlLTN6KupyJr2GeX8pmzSc2j4lhgK39UaJyHqxuvFoNbWDRftY7MPrOwni15LEkC21PQwMtEqyFucfxKRHDO9XWLvkTGir4gnAzjBlsIeZNp30b7da&data=kumar.ravi.ext@siemens.com

HTTP Response

200

HTTP Request

GET https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/css/style.css

HTTP Request

GET https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/arrow_left.svg

HTTP Request

GET https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/enterpass.png

HTTP Request

GET https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/firstmsg1.png

HTTP Request

GET https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/forgpass.png

HTTP Request

GET https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/ellipsis_grey.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/verify?L3dwZC9hMTQ0YTY2NDhjOWRlNmExYmFlZmU5YTNhMDYzODdmMjc3Y2QyMzY2MDE1NDA2MTA3MTA1MWI1NWRkZTk1MDdiM2ViMWZkMWE4ODAxMDM0NTAwOTY5ZTBiZTE3MGMwMTU0MDYxMDcxMDUxOGZhODJjMmQxOTRlMzIxOWRlYzEwMmI1OGJlYWZmYzExNjI3OTEwNzAxNTQwNjEwNzEwNTE5ODgwNzM5ZTk4MmYxMjNhNGE5ZDhkNzg4NDdkNWI0ODNjY2Y1NGE0MDE1NDA2MTA3MTA1MS9jYXB0P0wzZHdaQzloTVRRMFlUWTJORGhqT1dSbE5tRXhZbUZsWm1VNVlUTmhNRFl6T0RkbU1qYzNZMlF5TXpZMk1ERTFOREEyTVRBM01UQTFNV0kxTldSa1pUazFNRGRpTTJWaU1XWmtNV0U0T0RBeE1ETTBOVEF3T1RZNVpUQmlaVEUzTUdNd01UVTBNRFl4TURjeE1EVXhPR1poT0RKak1tUXhPVFJsTXpJeE9XUmxZekV3TW1JMU9HSmxZV1ptWXpFeE5qSTNPVEV3TnpBeE5UUXdOakV3TnpFd05URTVPRGd3TnpNNVpUazRNbVl4TWpOaE5HRTVaRGhrTnpnNE5EZGtOV0kwT0ROalkyWTFOR0UwTURFMU5EQTJNVEEzTVRBMU1TOXBibVJsZUE9PTc4UUFDNEZrLTRHYVQtRTJaWS1MeTM2LTFWVXFaaHlGUTBUd19KM0k0anQyU0tMNkJrbVp3NUgxVmNnaW5SbGY5Q3pVcE1OMG9GT1c4WEdBeXZFeERyaEpRV08xcEtUcU53MzVtb3ZQZGwySWlZOGdVQ0Z1YzRTRXk3dEIwZW5rNlh6QU1yalZzWEtrWjQ4eHJGaHZIc2NsSkxwVGZBR241UzdlRXcyaVFCZ2FZb01PSTl5TmpXVjF1VWQ=cNTuGtsk-YUdB-FU4C-ig2T-vPedhQW3t1c6_jbBH8naPVvDZMIwCAzi91t7efcEhd3YUXOxqmlLTN6KupyJr2GeX8pmzSc2j4lhgK39UaJyHqxuvFoNbWDRftY7MPrOwni15LEkC21PQwMtEqyFucfxKRHDO9XWLvkTGir4gnAzjBlsIeZNp30b7da&data=kumar.ravi.ext@siemens.com

HTTP Response

200

HTTP Request

GET https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/sigin.png

HTTP Request

GET https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/images/passwrd.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/fonts/tsd.woff2

HTTP Response

200

HTTP Request

POST https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/remkus?L3dwZC9hMTQ0YTY2NDhjOWRlNmExYmFlZmU5YTNhMDYzODdmMjc3Y2QyMzY2MDE1NDA2MTA3MTA1MWI1NWRkZTk1MDdiM2ViMWZkMWE4ODAxMDM0NTAwOTY5ZTBiZTE3MGMwMTU0MDYxMDcxMDUxOGZhODJjMmQxOTRlMzIxOWRlYzEwMmI1OGJlYWZmYzExNjI3OTEwNzAxNTQwNjEwNzEwNTE5ODgwNzM5ZTk4MmYxMjNhNGE5ZDhkNzg4NDdkNWI0ODNjY2Y1NGE0MDE1NDA2MTA3MTA1MS92ZXJpZnk/TDNkd1pDOWhNVFEwWVRZMk5EaGpPV1JsTm1FeFltRmxabVU1WVROaE1EWXpPRGRtTWpjM1kyUXlNelkyTURFMU5EQTJNVEEzTVRBMU1XSTFOV1JrWlRrMU1EZGlNMlZpTVdaa01XRTRPREF4TURNME5UQXdPVFk1WlRCaVpURTNNR013TVRVME1EWXhNRGN4TURVeE9HWmhPREpqTW1ReE9UUmxNekl4T1dSbFl6RXdNbUkxT0dKbFlXWm1ZekV4TmpJM09URXdOekF4TlRRd05qRXdOekV3TlRFNU9EZ3dOek01WlRrNE1tWXhNak5oTkdFNVpEaGtOemc0TkRka05XSTBPRE5qWTJZMU5HRTBNREUxTkRBMk1UQTNNVEExTVM5allYQjBQMHd6WkhkYVF6bG9UVlJSTUZsVVdUSk9SR2hxVDFkU2JFNXRSWGhaYlVac1dtMVZOVmxVVG1oTlJGbDZUMFJrYlUxcVl6TlpNbEY1VFhwWk1rMUVSVEZPUkVFeVRWUkJNMDFVUVRGTlYwa3hUbGRTYTFwVWF6Rk5SR1JwVFRKV2FVMVhXbXROVjBVMFQwUkJlRTFFVFRCT1ZFRjNUMVJaTlZwVVFtbGFWRVV6VFVkTmQwMVVWVEJOUkZsNFRVUmplRTFFVlhoUFIxcG9UMFJLYWsxdFVYaFBWRkpzVFhwSmVFOVhVbXhaZWtWM1RXMUpNVTlIU214WlYxcHRXWHBGZUU1cVNUTlBWRVYzVG5wQmVFNVVVWGRPYWtWM1RucEZkMDVVUlRWUFJHZDNUbnBOTlZwVWF6Uk5iVmw0VFdwT2FFNUhSVFZhUkdoclRucG5ORTVFWkd0T1Ywa3dUMFJPYWxreVdURk9SMFV3VFVSRk1VNUVRVEpOVkVFelRWUkJNVTFUT1hCaWJWSnNaVUU5UFRjNFVVRkRORVpyTFRSSFlWUXRSVEphV1MxTWVUTTJMVEZXVlhGYWFIbEdVVEJVZDE5S00wazBhblF5VTB0TU5rSnJiVnAzTlVneFZtTm5hVzVTYkdZNVEzcFZjRTFPTUc5R1QxYzRXRWRCZVhaRmVFUnlhRXBSVjA4eGNFdFVjVTUzTXpWdGIzWlFaR3d5U1dsWk9HZFZRMFoxWXpSVFJYazNkRUl3Wlc1ck5saDZRVTF5YWxaeldFdHJXalE0ZUhKR2FIWkljMk5zU2t4d1ZHWkJSMjQxVXpkbFJYY3lhVkZDWjJGWmIwMVBTVGw1VG1wWFZqRjFWV1E9Y05UdUd0c2stWVVkQi1GVTRDLWlnMlQtdlBlZGhRVzN0MWM2X2piQkg4bmFQVnZEWk1Jd0NBemk5MXQ3ZWZjRWhkM1lVWE94cW1sTFRONkt1cHlKcjJHZVg4cG16U2MyajRsaGdLMzlVYUp5SHF4dXZGb05iV0RSZnRZN01Qck93bmkxNUxFa0MyMVBRd010RXF5RnVjZnhLUkhETzlYV0x2a1RHaXI0Z25BempCbHNJZVpOcDMwYjdkYSZkYXRhPWt1bWFyLnJhdmkuZXh0QHNpZW1lbnMuY29tsJgCnedG-0nfP-g56R-AmnC-oQjeRc4gWtS3_KT9zWOPriZ87lCUtgfvSVoxJyIGcXL3unjD1M2ewmFdQ0NaRkbCYmVk8R0Itfuz2ebxslrFypdDQMv5nBHh1jq4TgNJPLA6ZwKo3L2j96ahoR5rVmKzFZfqPvUnpwyY1NMAx4W7OGBsuCEt38eJH0l&data=a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20=&isok=y

HTTP Response

200

HTTP Request

GET https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/verify?wYjVkL7RPcADtrHOXNyBvlnKqM8FJh0ZIeEdQg3uTUfWa62GSbZ4AeP8agu61G9DL7mviy3qwKnJdYHcksRXFbBOQ5lfzIpNo2VUg8zlLcJbQs3UvjuaxmiMRHKkGZq4AC6YEpVFDnIth50doSOyr2&status=error&string=signin&data=a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20=

HTTP Response

200

HTTP Request

GET https://chikayb.com/wpd/a144a6648c9de6a1baefe9a3a06387f277cd23660154061071051b55dde9507b3eb1fd1a8801034500969e0be170c01540610710518fa82c2d194e3219dec102b58beaffc11627910701540610710519880739e982f123a4a9d8d78847d5b483ccf54a40154061071051/verify?wYjVkL7RPcADtrHOXNyBvlnKqM8FJh0ZIeEdQg3uTUfWa62GSbZ4AeP8agu61G9DL7mviy3qwKnJdYHcksRXFbBOQ5lfzIpNo2VUg8zlLcJbQs3UvjuaxmiMRHKkGZq4AC6YEpVFDnIth50doSOyr2&status=error&string=signin&data=a3VtYXIucmF2aS5leHRAc2llbWVucy5jb20=

HTTP Response

200

224.0.0.251:5353

2.8kB
47
8.8.8.8:53

accounts.google.com

dns

chrome.exe

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.251.36.45
8.8.8.8:53

clients2.google.com

dns

chrome.exe

65 B
105 B
1
1

DNS Request

clients2.google.com

DNS Response

172.217.168.238
8.8.8.8:53

api.targetx.com

dns

chrome.exe

61 B
125 B
1
1

DNS Request

api.targetx.com

DNS Response

52.222.139.57

52.222.139.83

52.222.139.72

52.222.139.5
8.8.8.8:53

edgedl.me.gvt1.com

dns

chrome.exe

64 B
80 B
1
1

DNS Request

edgedl.me.gvt1.com

DNS Response

34.104.35.123
8.8.8.8:53

siemens.steltzer.com

dns

chrome.exe

66 B
82 B
1
1

DNS Request

siemens.steltzer.com

DNS Response

192.254.232.179
8.8.8.8:53

chikayb.com

dns

chrome.exe

57 B
73 B
1
1

DNS Request

chikayb.com

DNS Response

192.185.52.188
8.8.8.8:53

apps.identrust.com

dns

chrome.exe

64 B
165 B
1
1

DNS Request

apps.identrust.com

DNS Response

96.16.53.134

96.16.53.139
8.8.8.8:53

dns.google

dns

chrome.exe

56 B
88 B
1
1

DNS Request

dns.google

DNS Response

8.8.4.4

8.8.8.8
8.8.4.4:443

dns.google

https

chrome.exe

4.4kB
10.3kB
15
15
8.8.4.4:443

dns.google

https

chrome.exe

3.2kB
6.4kB
6
6
8.8.8.8:53

edgedl.me.gvt1.com

dns

chrome.exe

64 B
80 B
1
1

DNS Request

edgedl.me.gvt1.com

DNS Response

34.104.35.123
142.250.179.163:443

https

chrome.exe

6.7kB
8.0kB
13
14
8.8.4.4:443

dns.google

https

chrome.exe

2.9kB
5.5kB
4
4
142.250.179.163:443

https

chrome.exe

2.8kB
2.3kB
4
3
142.250.179.163:443

https

chrome.exe

8.7kB
5.3kB
16
16
8.8.8.8:53

dns.google

dns

chrome.exe

56 B
88 B
1
1

DNS Request

dns.google

DNS Response

8.8.4.4

8.8.8.8
8.8.4.4:443

dns.google

https

chrome.exe

2.9kB
4.2kB
4
4
216.58.208.106:443

https

chrome.exe

3.5kB
7.4kB
7
7

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response