Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
60s -
max time network
62s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
03/02/2023, 07:03 UTC
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
http://update.googleapis.com
Resource
win7-20221111-en
5 signatures
60 seconds
Behavioral task
behavioral2
Sample
http://update.googleapis.com
Resource
win10v2004-20221111-en
6 signatures
60 seconds
General
-
Target
http://update.googleapis.com
Score
1/10
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer chrome.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName chrome.exe -
Suspicious behavior: EnumeratesProcesses 12 IoCs
pid Process 4188 chrome.exe 4188 chrome.exe 3444 chrome.exe 3444 chrome.exe 3252 chrome.exe 3252 chrome.exe 4960 chrome.exe 4960 chrome.exe 4536 chrome.exe 4536 chrome.exe 4900 chrome.exe 4900 chrome.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs
pid Process 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe -
Suspicious use of FindShellTrayWindow 26 IoCs
pid Process 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe -
Suspicious use of SendNotifyMessage 24 IoCs
pid Process 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe 3444 chrome.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 3444 wrote to memory of 4268 3444 chrome.exe 81 PID 3444 wrote to memory of 4268 3444 chrome.exe 81 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4668 3444 chrome.exe 84 PID 3444 wrote to memory of 4188 3444 chrome.exe 85 PID 3444 wrote to memory of 4188 3444 chrome.exe 85 PID 3444 wrote to memory of 5052 3444 chrome.exe 87 PID 3444 wrote to memory of 5052 3444 chrome.exe 87 PID 3444 wrote to memory of 5052 3444 chrome.exe 87 PID 3444 wrote to memory of 5052 3444 chrome.exe 87 PID 3444 wrote to memory of 5052 3444 chrome.exe 87 PID 3444 wrote to memory of 5052 3444 chrome.exe 87 PID 3444 wrote to memory of 5052 3444 chrome.exe 87 PID 3444 wrote to memory of 5052 3444 chrome.exe 87 PID 3444 wrote to memory of 5052 3444 chrome.exe 87 PID 3444 wrote to memory of 5052 3444 chrome.exe 87 PID 3444 wrote to memory of 5052 3444 chrome.exe 87 PID 3444 wrote to memory of 5052 3444 chrome.exe 87 PID 3444 wrote to memory of 5052 3444 chrome.exe 87 PID 3444 wrote to memory of 5052 3444 chrome.exe 87 PID 3444 wrote to memory of 5052 3444 chrome.exe 87 PID 3444 wrote to memory of 5052 3444 chrome.exe 87 PID 3444 wrote to memory of 5052 3444 chrome.exe 87 PID 3444 wrote to memory of 5052 3444 chrome.exe 87 PID 3444 wrote to memory of 5052 3444 chrome.exe 87 PID 3444 wrote to memory of 5052 3444 chrome.exe 87
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" http://update.googleapis.com1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3444 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff4d484f50,0x7fff4d484f60,0x7fff4d484f702⤵PID:4268
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1596,7422376306330802725,6780829583228567169,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1612 /prefetch:22⤵PID:4668
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1596,7422376306330802725,6780829583228567169,131072 --lang=en-US --service-sandbox-type=network --mojo-platform-channel-handle=1984 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:4188
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1596,7422376306330802725,6780829583228567169,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2288 /prefetch:82⤵PID:5052
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1596,7422376306330802725,6780829583228567169,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2872 /prefetch:12⤵PID:872
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1596,7422376306330802725,6780829583228567169,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2848 /prefetch:12⤵PID:3688
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1596,7422376306330802725,6780829583228567169,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4244 /prefetch:82⤵PID:3264
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1596,7422376306330802725,6780829583228567169,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4648 /prefetch:82⤵PID:4404
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1596,7422376306330802725,6780829583228567169,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4848 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:3252
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1596,7422376306330802725,6780829583228567169,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4728 /prefetch:82⤵PID:2328
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1596,7422376306330802725,6780829583228567169,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4976 /prefetch:82⤵PID:964
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1596,7422376306330802725,6780829583228567169,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4940 /prefetch:82⤵PID:4840
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1596,7422376306330802725,6780829583228567169,131072 --disable-gpu-compositing --lang=en-US --extension-process --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4832 /prefetch:12⤵PID:2104
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1596,7422376306330802725,6780829583228567169,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5060 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:4960
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1596,7422376306330802725,6780829583228567169,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2456 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:4536
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1596,7422376306330802725,6780829583228567169,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:82⤵
- Suspicious behavior: EnumeratesProcesses
PID:4900
-
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:4340
Network
-
Remote address:8.8.8.8:53Requestaccounts.google.comIN AResponseaccounts.google.comIN A142.251.36.45
-
Remote address:8.8.8.8:53Requestclients2.google.comIN AResponseclients2.google.comIN CNAMEclients.l.google.comclients.l.google.comIN A172.217.168.238
-
Remote address:8.8.8.8:53Requestupdate.googleapis.comIN AResponseupdate.googleapis.comIN A142.250.179.163
-
POSThttps://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standardchrome.exeRemote address:142.251.36.45:443RequestPOST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/2.0
host: accounts.google.com
content-length: 1
origin: https://www.google.com
content-type: application/x-www-form-urlencoded
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
GEThttps://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=89.0.4389.114&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D83%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D83%2526e%253D1chrome.exeRemote address:172.217.168.238:443RequestGET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=89.0.4389.114&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D83%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D83%2526e%253D1 HTTP/2.0
host: clients2.google.com
x-goog-update-interactivity: fg
x-goog-update-appid: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfm
x-goog-update-updater: chromecrx-89.0.4389.114
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:142.250.179.163:80RequestGET / HTTP/1.1
Host: update.googleapis.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 404 Not Found
Referrer-Policy: no-referrer
Content-Length: 1561
Date: Fri, 03 Feb 2023 07:04:08 GMT
-
Remote address:142.250.179.163:80RequestGET /favicon.ico HTTP/1.1
Host: update.googleapis.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 404 Not Found
Referrer-Policy: no-referrer
Content-Length: 1572
Date: Fri, 03 Feb 2023 07:04:08 GMT
-
Remote address:142.251.39.100:80RequestGET /images/branding/googlelogo/1x/googlelogo_color_150x54dp.png HTTP/1.1
Host: www.google.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Content-Type: image/png
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Length: 3170
Date: Fri, 03 Feb 2023 07:04:08 GMT
Expires: Fri, 03 Feb 2023 07:04:08 GMT
Cache-Control: private, max-age=31536000
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
-
Remote address:142.251.39.100:80RequestGET /images/errors/robot.png HTTP/1.1
Host: www.google.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Length: 6327
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 31 Jan 2023 18:47:55 GMT
Expires: Wed, 31 Jan 2024 18:47:55 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Content-Type: image/png
Age: 216973
-
Remote address:8.8.8.8:53Requestedgedl.me.gvt1.comIN AResponseedgedl.me.gvt1.comIN A34.104.35.123
-
GEThttp://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvNzI0QUFXNV9zT2RvdUwyMERESEZGVmJnQQ/1.0.0.6_nmmhkkegccagdldgiimedpiccmgmieda.crxchrome.exeRemote address:34.104.35.123:80RequestGET /edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvNzI0QUFXNV9zT2RvdUwyMERESEZGVmJnQQ/1.0.0.6_nmmhkkegccagdldgiimedpiccmgmieda.crx HTTP/1.1
Host: edgedl.me.gvt1.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-request-id: 06974ac8-add7-4770-8e9b-5da1332e81a9
content-length: 248531
date: Thu, 02 Feb 2023 11:46:46 GMT
age: 69442
last-modified: Fri, 25 Feb 2022 22:08:36 GMT
etag: "c994e6"
content-type: application/x-chrome-extension
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
-
Remote address:8.8.8.8:53Requestssl.gstatic.comIN AResponsessl.gstatic.comIN A216.58.208.99
-
Remote address:216.58.208.99:443RequestGET /safebrowsing/csd/client_model_v5_variation_6.pb HTTP/2.0
host: ssl.gstatic.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Requestdns.googleIN AResponsedns.googleIN A8.8.8.8dns.googleIN A8.8.4.4
-
GEThttps://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAchrome.exeRemote address:8.8.8.8:443RequestGET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
-
GEThttps://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAchrome.exeRemote address:8.8.8.8:443RequestGET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
-
GEThttps://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAchrome.exeRemote address:8.8.8.8:443RequestGET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
-
GEThttps://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAchrome.exeRemote address:8.8.8.8:443RequestGET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
-
142.251.36.45:443https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standardtls, http2chrome.exe1.8kB 7.6kB 16 17
HTTP Request
POST https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard -
172.217.168.238:443https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=89.0.4389.114&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D83%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D83%2526e%253D1tls, http2chrome.exe2.1kB 9.6kB 17 17
HTTP Request
GET https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=89.0.4389.114&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D83%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D83%2526e%253D1 -
1.1kB 3.8kB 7 8
HTTP Request
GET http://update.googleapis.com/HTTP Response
404HTTP Request
GET http://update.googleapis.com/favicon.icoHTTP Response
404 -
144 B 104 B 3 2
-
142.251.39.100:80http://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.pnghttpchrome.exe667 B 4.0kB 6 6
HTTP Request
GET http://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.pngHTTP Response
200 -
677 B 7.3kB 7 9
HTTP Request
GET http://www.google.com/images/errors/robot.pngHTTP Response
200 -
34.104.35.123:80http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvNzI0QUFXNV9zT2RvdUwyMERESEZGVmJnQQ/1.0.0.6_nmmhkkegccagdldgiimedpiccmgmieda.crxhttpchrome.exe4.8kB 256.6kB 96 187
HTTP Request
GET http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvNzI0QUFXNV9zT2RvdUwyMERESEZGVmJnQQ/1.0.0.6_nmmhkkegccagdldgiimedpiccmgmieda.crxHTTP Response
200 -
216.58.208.99:443https://ssl.gstatic.com/safebrowsing/csd/client_model_v5_variation_6.pbtls, http2chrome.exe3.5kB 91.9kB 55 73
HTTP Request
GET https://ssl.gstatic.com/safebrowsing/csd/client_model_v5_variation_6.pb -
8.8.8.8:443https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtls, http2chrome.exe1.5kB 6.9kB 13 13
HTTP Request
GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -
8.8.8.8:443https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtls, http2chrome.exe1.8kB 7.7kB 15 18
HTTP Request
GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTTP Request
GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -
8.8.8.8:443https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtls, http2chrome.exe1.5kB 6.9kB 13 13
HTTP Request
GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -
322 B 7
-
322 B 7
-
92 B 2
-
2.1kB 35
-
65 B 81 B 1 1
DNS Request
accounts.google.com
DNS Response
142.251.36.45
-
65 B 105 B 1 1
DNS Request
clients2.google.com
DNS Response
172.217.168.238
-
67 B 83 B 1 1
DNS Request
update.googleapis.com
DNS Response
142.250.179.163
-
64 B 80 B 1 1
DNS Request
edgedl.me.gvt1.com
DNS Response
34.104.35.123
-
61 B 77 B 1 1
DNS Request
ssl.gstatic.com
DNS Response
216.58.208.99
-
56 B 88 B 1 1
DNS Request
dns.google
DNS Response
8.8.8.88.8.4.4