Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    149s
  • max time network
    148s
  • platform
    windows10-1703_x64
  • resource
    win10-20230621-en
  • resource tags

    arch:x64arch:x86image:win10-20230621-enlocale:en-usos:windows10-1703-x64system
  • submitted
    28/06/2023, 17:11 UTC

General

  • Target

    http://p.rfihub.com

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://p.rfihub.com
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1908
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff9427c9758,0x7ff9427c9768,0x7ff9427c9778
      2⤵
        PID:2032
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1784 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:8
        2⤵
          PID:320
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2072 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:8
          2⤵
            PID:4320
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1592 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:2
            2⤵
              PID:5108
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2644 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:1
              2⤵
                PID:2080
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2652 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:1
                2⤵
                  PID:3704
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4520 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:8
                  2⤵
                    PID:1296
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4620 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:8
                    2⤵
                      PID:4940
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4396 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:1
                      2⤵
                        PID:3416
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4744 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:1
                        2⤵
                          PID:4208
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4480 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:8
                          2⤵
                            PID:3340
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4992 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:8
                            2⤵
                              PID:3460
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4856 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:1
                              2⤵
                                PID:96
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2928 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:1
                                2⤵
                                  PID:2184
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4848 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:1
                                  2⤵
                                    PID:1064
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2980 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:8
                                    2⤵
                                      PID:508
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4840 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:8
                                      2⤵
                                        PID:1188
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4932 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:1
                                        2⤵
                                          PID:1444
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5000 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:1
                                          2⤵
                                            PID:3056
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5040 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:1
                                            2⤵
                                              PID:920
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=1668 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:1
                                              2⤵
                                                PID:4836
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5352 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:8
                                                2⤵
                                                  PID:3876
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=3036 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:1
                                                  2⤵
                                                    PID:4412
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5716 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:1
                                                    2⤵
                                                      PID:4816
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5732 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:1
                                                      2⤵
                                                        PID:1636
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5904 --field-trial-handle=1840,i,15407988755210884156,8882847902083078541,131072 /prefetch:2
                                                        2⤵
                                                        • Suspicious behavior: EnumeratesProcesses
                                                        PID:1300
                                                    • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                                      "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                                      1⤵
                                                        PID:4688

                                                      Network

                                                      • flag-us
                                                        DNS
                                                        p.rfihub.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        p.rfihub.com
                                                        IN A
                                                        Response
                                                        p.rfihub.com
                                                        IN CNAME
                                                        a.rfihub.com
                                                        a.rfihub.com
                                                        IN CNAME
                                                        a.rfihub.com.akadns.net
                                                        a.rfihub.com.akadns.net
                                                        IN CNAME
                                                        a-emea.rfihub.com.akadns.net
                                                        a-emea.rfihub.com.akadns.net
                                                        IN A
                                                        193.0.160.131
                                                      • flag-nl
                                                        GET
                                                        http://p.rfihub.com/
                                                        chrome.exe
                                                        Remote address:
                                                        193.0.160.131:80
                                                        Request
                                                        GET / HTTP/1.1
                                                        Host: p.rfihub.com
                                                        Connection: keep-alive
                                                        Upgrade-Insecure-Requests: 1
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                        Accept-Encoding: gzip, deflate
                                                        Accept-Language: en-US,en;q=0.9
                                                        Response
                                                        HTTP/1.1 404 Not Found
                                                        P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
                                                        Cache-Control: must-revalidate,no-cache,no-store
                                                        Content-Type: text/html;charset=iso-8859-1
                                                        Content-Length: 153
                                                      • flag-nl
                                                        GET
                                                        http://p.rfihub.com/favicon.ico
                                                        chrome.exe
                                                        Remote address:
                                                        193.0.160.131:80
                                                        Request
                                                        GET /favicon.ico HTTP/1.1
                                                        Host: p.rfihub.com
                                                        Connection: keep-alive
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        Referer: http://p.rfihub.com/
                                                        Accept-Encoding: gzip, deflate
                                                        Accept-Language: en-US,en;q=0.9
                                                        Response
                                                        HTTP/1.1 404 Not Found
                                                        P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
                                                        Cache-Control: must-revalidate,no-cache,no-store
                                                        Content-Type: text/html;charset=iso-8859-1
                                                        Content-Length: 153
                                                      • flag-nl
                                                        GET
                                                        http://p.rfihub.com/
                                                        chrome.exe
                                                        Remote address:
                                                        193.0.160.131:80
                                                        Request
                                                        GET / HTTP/1.1
                                                        Host: p.rfihub.com
                                                        Connection: keep-alive
                                                        Cache-Control: max-age=0
                                                        Upgrade-Insecure-Requests: 1
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                        Accept-Encoding: gzip, deflate
                                                        Accept-Language: en-US,en;q=0.9
                                                        Response
                                                        HTTP/1.1 404 Not Found
                                                        P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
                                                        Cache-Control: must-revalidate,no-cache,no-store
                                                        Content-Type: text/html;charset=iso-8859-1
                                                        Content-Length: 153
                                                      • flag-nl
                                                        GET
                                                        http://p.rfihub.com/
                                                        chrome.exe
                                                        Remote address:
                                                        193.0.160.131:80
                                                        Request
                                                        GET / HTTP/1.1
                                                        Host: p.rfihub.com
                                                        Connection: keep-alive
                                                        Upgrade-Insecure-Requests: 1
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                        Accept-Encoding: gzip, deflate
                                                        Accept-Language: en-US,en;q=0.9
                                                        Response
                                                        HTTP/1.1 404 Not Found
                                                        P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
                                                        Cache-Control: must-revalidate,no-cache,no-store
                                                        Content-Type: text/html;charset=iso-8859-1
                                                        Content-Length: 153
                                                      • flag-nl
                                                        GET
                                                        http://p.rfihub.com/
                                                        chrome.exe
                                                        Remote address:
                                                        193.0.160.131:80
                                                        Request
                                                        GET / HTTP/1.1
                                                        Host: p.rfihub.com
                                                        Connection: keep-alive
                                                        Upgrade-Insecure-Requests: 1
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                        Accept-Encoding: gzip, deflate
                                                        Accept-Language: en-US,en;q=0.9
                                                        Response
                                                        HTTP/1.1 404 Not Found
                                                        P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
                                                        Cache-Control: must-revalidate,no-cache,no-store
                                                        Content-Type: text/html;charset=iso-8859-1
                                                        Content-Length: 153
                                                      • flag-us
                                                        DNS
                                                        250.255.255.239.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        250.255.255.239.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        195.179.250.142.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        195.179.250.142.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        195.179.250.142.in-addr.arpa
                                                        IN PTR
                                                        ams15s42-in-f31e100net
                                                      • flag-us
                                                        DNS
                                                        131.160.0.193.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        131.160.0.193.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        251.0.0.224.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        251.0.0.224.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        b.f.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        b.f.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        196.168.217.172.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        196.168.217.172.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        196.168.217.172.in-addr.arpa
                                                        IN PTR
                                                        ams16s32-in-f41e100net
                                                      • flag-us
                                                        DNS
                                                        63.13.109.52.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        63.13.109.52.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        131.179.250.142.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        131.179.250.142.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        131.179.250.142.in-addr.arpa
                                                        IN PTR
                                                        ams17s10-in-f31e100net
                                                      • flag-us
                                                        DNS
                                                        apis.google.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        apis.google.com
                                                        IN A
                                                        Response
                                                        apis.google.com
                                                        IN CNAME
                                                        plus.l.google.com
                                                        plus.l.google.com
                                                        IN A
                                                        172.217.23.206
                                                      • flag-us
                                                        DNS
                                                        content-autofill.googleapis.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        content-autofill.googleapis.com
                                                        IN A
                                                        Response
                                                        content-autofill.googleapis.com
                                                        IN A
                                                        216.58.214.10
                                                        content-autofill.googleapis.com
                                                        IN A
                                                        142.250.179.138
                                                        content-autofill.googleapis.com
                                                        IN A
                                                        142.251.36.42
                                                        content-autofill.googleapis.com
                                                        IN A
                                                        172.217.168.234
                                                        content-autofill.googleapis.com
                                                        IN A
                                                        142.250.179.170
                                                        content-autofill.googleapis.com
                                                        IN A
                                                        142.250.179.202
                                                        content-autofill.googleapis.com
                                                        IN A
                                                        142.251.36.10
                                                        content-autofill.googleapis.com
                                                        IN A
                                                        142.251.39.106
                                                        content-autofill.googleapis.com
                                                        IN A
                                                        172.217.23.202
                                                      • flag-nl
                                                        GET
                                                        https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAlL1An4iaKj4hIFDUqFnlI=?alt=proto
                                                        chrome.exe
                                                        Remote address:
                                                        216.58.214.10:443
                                                        Request
                                                        GET /v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAlL1An4iaKj4hIFDUqFnlI=?alt=proto HTTP/2.0
                                                        host: content-autofill.googleapis.com
                                                        x-goog-encode-response-if-executable: base64
                                                        x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                                                        x-client-data: CNvoygE=
                                                        sec-fetch-site: none
                                                        sec-fetch-mode: no-cors
                                                        sec-fetch-dest: empty
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                      • flag-us
                                                        DNS
                                                        play.google.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        play.google.com
                                                        IN A
                                                        Response
                                                        play.google.com
                                                        IN A
                                                        142.251.36.14
                                                      • flag-nl
                                                        OPTIONS
                                                        https://play.google.com/log?format=json&hasfast=true&authuser=0
                                                        chrome.exe
                                                        Remote address:
                                                        142.251.36.14:443
                                                        Request
                                                        OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/2.0
                                                        host: play.google.com
                                                        accept: */*
                                                        access-control-request-method: POST
                                                        access-control-request-headers: x-goog-authuser
                                                        origin: https://www.google.com
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-fetch-mode: cors
                                                        sec-fetch-site: same-site
                                                        sec-fetch-dest: empty
                                                        referer: https://www.google.com/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                      • flag-us
                                                        DNS
                                                        10.214.58.216.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        10.214.58.216.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        10.214.58.216.in-addr.arpa
                                                        IN PTR
                                                        lhr26s05-in-f101e100net
                                                        10.214.58.216.in-addr.arpa
                                                        IN PTR
                                                        �8
                                                        10.214.58.216.in-addr.arpa
                                                        IN PTR
                                                        ams17s09-in-f10�H
                                                      • flag-us
                                                        DNS
                                                        206.23.217.172.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        206.23.217.172.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        206.23.217.172.in-addr.arpa
                                                        IN PTR
                                                        prg03s05-in-f2061e100net
                                                        206.23.217.172.in-addr.arpa
                                                        IN PTR
                                                        prg03s05-in-f14�J
                                                        206.23.217.172.in-addr.arpa
                                                        IN PTR
                                                        ams16s37-in-f14�J
                                                      • flag-us
                                                        DNS
                                                        14.36.251.142.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        14.36.251.142.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        14.36.251.142.in-addr.arpa
                                                        IN PTR
                                                        ams15s44-in-f141e100net
                                                      • flag-us
                                                        DNS
                                                        226.168.217.172.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        226.168.217.172.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        226.168.217.172.in-addr.arpa
                                                        IN PTR
                                                        ams15s40-in-f21e100net
                                                      • flag-us
                                                        DNS
                                                        id.google.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        id.google.com
                                                        IN A
                                                        Response
                                                        id.google.com
                                                        IN A
                                                        142.251.39.99
                                                      • flag-nl
                                                        GET
                                                        https://id.google.com/verify/AGXHOl1hJ16tdVBwxvrCTcDktiyx2GTeSdNKrFXNksZBnDL4UxwNLZ-8_aWzBSm23RAQTNOtsO1jFn_1dBC9PrlIjezuBHTyKXom-9OXZ0f03Vo
                                                        chrome.exe
                                                        Remote address:
                                                        142.251.39.99:443
                                                        Request
                                                        GET /verify/AGXHOl1hJ16tdVBwxvrCTcDktiyx2GTeSdNKrFXNksZBnDL4UxwNLZ-8_aWzBSm23RAQTNOtsO1jFn_1dBC9PrlIjezuBHTyKXom-9OXZ0f03Vo HTTP/2.0
                                                        host: id.google.com
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        x-client-data: CNvoygE=
                                                        sec-fetch-site: same-site
                                                        sec-fetch-mode: no-cors
                                                        sec-fetch-dest: image
                                                        referer: https://www.google.com/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                        cookie: AEC=AUEFqZcUi8ug6rZKlifI8ntUWeTULWt12G-4mhlmMw3ybNQ-LlCtBUqywg
                                                        cookie: NID=511=JSzfHkE2rmNUiQgarw62cDp6XQp11PmWv2oF_RB1rWEPIEHfr8zX-j8avTFcOX6PqhIrBRAay9Gu76MY-PtG3YtPwLgujmcyfltv99uSYva51Lpk9zMCb0H-xHhi-pf2ohWAnQGqiWlFYfjS5snetHgD_zF6CwGGkHoqjl5KFrQ
                                                        cookie: 1P_JAR=2023-06-28-17
                                                      • flag-us
                                                        DNS
                                                        99.39.251.142.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        99.39.251.142.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        99.39.251.142.in-addr.arpa
                                                        IN PTR
                                                        ams15s48-in-f31e100net
                                                      • flag-us
                                                        DNS
                                                        malwaretips.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        malwaretips.com
                                                        IN A
                                                        Response
                                                        malwaretips.com
                                                        IN A
                                                        104.26.8.188
                                                        malwaretips.com
                                                        IN A
                                                        104.26.9.188
                                                        malwaretips.com
                                                        IN A
                                                        172.67.69.250
                                                      • flag-us
                                                        GET
                                                        https://malwaretips.com/blogs/remove-p-rfihub-com/
                                                        chrome.exe
                                                        Remote address:
                                                        104.26.8.188:443
                                                        Request
                                                        GET /blogs/remove-p-rfihub-com/ HTTP/2.0
                                                        host: malwaretips.com
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        sec-ch-ua-platform: "Windows"
                                                        upgrade-insecure-requests: 1
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                        sec-fetch-site: cross-site
                                                        sec-fetch-mode: navigate
                                                        sec-fetch-user: ?1
                                                        sec-fetch-dest: document
                                                        referer: https://www.google.com/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                        Response
                                                        HTTP/2.0 200
                                                        date: Wed, 28 Jun 2023 17:13:07 GMT
                                                        content-type: text/html; charset=UTF-8
                                                        cf-ray: 7de78efc0f5b0b70-AMS
                                                        cf-cache-status: DYNAMIC
                                                        link: <https://malwaretips.com/blogs/wp-json/>; rel="https://api.w.org/", <https://malwaretips.com/blogs/wp-json/wp/v2/posts/61962>; rel="alternate"; type="application/json", <https://malwaretips.com/blogs/?p=61962>; rel=shortlink
                                                        strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                        vary: Accept-Encoding
                                                        cf-railgun: direct (starting new WAN connection)
                                                        wpo-cache-message: In the settings, caching is disabled for matches for one of the current request's GET parameters
                                                        wpo-cache-status: not cached
                                                        x-powered-by: centminmod
                                                        x-ua-compatible: IE=edge
                                                        x-xss-protection: 1; mode=block
                                                        report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zY95x%2FRsxwIHkz9otFL6GLNKFhf7DTPJDeTl%2B4CUtLzVJexQzvmv86mDzfXzF%2BmEdZ1Q6asgO96cWaZTjXDj8GiTnqmKle%2B1CuV9YBljjund2D0TXHWzAIPWO4C0%2BaiUwA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                        nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                        server: cloudflare
                                                        content-encoding: br
                                                        alt-svc: h3=":443"; ma=86400
                                                      • flag-us
                                                        DNS
                                                        188.8.26.104.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        188.8.26.104.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        googleads.g.doubleclick.net
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        googleads.g.doubleclick.net
                                                        IN A
                                                        Response
                                                        googleads.g.doubleclick.net
                                                        IN A
                                                        142.250.179.130
                                                      • flag-nl
                                                        GET
                                                        https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html
                                                        chrome.exe
                                                        Remote address:
                                                        142.250.179.130:443
                                                        Request
                                                        GET /pagead/html/r20230620/r20190131/zrt_lookup.html HTTP/2.0
                                                        host: googleads.g.doubleclick.net
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        sec-ch-ua-platform: "Windows"
                                                        upgrade-insecure-requests: 1
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                        sec-fetch-site: cross-site
                                                        sec-fetch-mode: navigate
                                                        sec-fetch-dest: iframe
                                                        referer: https://malwaretips.com/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                      • flag-us
                                                        DNS
                                                        98.39.251.142.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        98.39.251.142.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        98.39.251.142.in-addr.arpa
                                                        IN PTR
                                                        ams15s48-in-f21e100net
                                                      • flag-us
                                                        DNS
                                                        130.179.250.142.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        130.179.250.142.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        130.179.250.142.in-addr.arpa
                                                        IN PTR
                                                        ams17s10-in-f21e100net
                                                      • flag-us
                                                        DNS
                                                        secure.gravatar.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        secure.gravatar.com
                                                        IN A
                                                        Response
                                                        secure.gravatar.com
                                                        IN A
                                                        192.0.73.2
                                                      • flag-us
                                                        GET
                                                        https://secure.gravatar.com/avatar/e0751a5cec343d088082e4bb3a7a3b3b?s=35&d=wavatar&r=g
                                                        chrome.exe
                                                        Remote address:
                                                        192.0.73.2:443
                                                        Request
                                                        GET /avatar/e0751a5cec343d088082e4bb3a7a3b3b?s=35&d=wavatar&r=g HTTP/2.0
                                                        host: secure.gravatar.com
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        sec-fetch-site: cross-site
                                                        sec-fetch-mode: no-cors
                                                        sec-fetch-dest: image
                                                        referer: https://malwaretips.com/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                      • flag-us
                                                        GET
                                                        https://secure.gravatar.com/avatar/e0751a5cec343d088082e4bb3a7a3b3b?s=33&d=wavatar&r=g
                                                        chrome.exe
                                                        Remote address:
                                                        192.0.73.2:443
                                                        Request
                                                        GET /avatar/e0751a5cec343d088082e4bb3a7a3b3b?s=33&d=wavatar&r=g HTTP/2.0
                                                        host: secure.gravatar.com
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        sec-fetch-site: cross-site
                                                        sec-fetch-mode: no-cors
                                                        sec-fetch-dest: image
                                                        referer: https://malwaretips.com/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                      • flag-us
                                                        DNS
                                                        partner.googleadservices.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        partner.googleadservices.com
                                                        IN A
                                                        Response
                                                        partner.googleadservices.com
                                                        IN CNAME
                                                        partner46.googleadservices.com
                                                        partner46.googleadservices.com
                                                        IN A
                                                        142.251.36.2
                                                      • flag-nl
                                                        GET
                                                        https://partner.googleadservices.com/gampad/cookie.js?domain=malwaretips.com&callback=_gfp_s_&client=ca-pub-7750719144850257
                                                        chrome.exe
                                                        Remote address:
                                                        142.251.36.2:443
                                                        Request
                                                        GET /gampad/cookie.js?domain=malwaretips.com&callback=_gfp_s_&client=ca-pub-7750719144850257 HTTP/2.0
                                                        host: partner.googleadservices.com
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        accept: */*
                                                        sec-fetch-site: cross-site
                                                        sec-fetch-mode: no-cors
                                                        sec-fetch-dest: script
                                                        referer: https://malwaretips.com/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                      • flag-us
                                                        DNS
                                                        2.73.0.192.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        2.73.0.192.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        8.3.197.209.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        8.3.197.209.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        8.3.197.209.in-addr.arpa
                                                        IN PTR
                                                        vip0x008map2sslhwcdnnet
                                                      • flag-us
                                                        DNS
                                                        2.36.251.142.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        2.36.251.142.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        2.36.251.142.in-addr.arpa
                                                        IN PTR
                                                        ams15s44-in-f21e100net
                                                      • flag-us
                                                        DNS
                                                        tpc.googlesyndication.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        tpc.googlesyndication.com
                                                        IN A
                                                        Response
                                                        tpc.googlesyndication.com
                                                        IN A
                                                        142.251.36.1
                                                      • flag-nl
                                                        GET
                                                        https://tpc.googlesyndication.com/simgad/11109686247690101921?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm3lGmNOIN49KIAHgnqC61QGnm_7A
                                                        chrome.exe
                                                        Remote address:
                                                        142.251.36.1:443
                                                        Request
                                                        GET /simgad/11109686247690101921?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm3lGmNOIN49KIAHgnqC61QGnm_7A HTTP/2.0
                                                        host: tpc.googlesyndication.com
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        sec-fetch-site: cross-site
                                                        sec-fetch-mode: no-cors
                                                        sec-fetch-dest: image
                                                        referer: https://googleads.g.doubleclick.net/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                      • flag-nl
                                                        GET
                                                        https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js
                                                        chrome.exe
                                                        Remote address:
                                                        142.251.36.1:443
                                                        Request
                                                        GET /pagead/js/r20230620/r20110914/abg_lite_fy2021.js HTTP/2.0
                                                        host: tpc.googlesyndication.com
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        accept: */*
                                                        sec-fetch-site: cross-site
                                                        sec-fetch-mode: no-cors
                                                        sec-fetch-dest: script
                                                        referer: https://googleads.g.doubleclick.net/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                      • flag-us
                                                        DNS
                                                        www.googletagservices.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        www.googletagservices.com
                                                        IN A
                                                        Response
                                                        www.googletagservices.com
                                                        IN A
                                                        172.217.23.194
                                                      • flag-de
                                                        GET
                                                        https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
                                                        chrome.exe
                                                        Remote address:
                                                        172.217.23.194:443
                                                        Request
                                                        GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/2.0
                                                        host: www.googletagservices.com
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        accept: */*
                                                        sec-fetch-site: cross-site
                                                        sec-fetch-mode: no-cors
                                                        sec-fetch-dest: script
                                                        referer: https://googleads.g.doubleclick.net/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                      • flag-us
                                                        DNS
                                                        1.36.251.142.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        1.36.251.142.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        1.36.251.142.in-addr.arpa
                                                        IN PTR
                                                        ams15s44-in-f11e100net
                                                      • flag-us
                                                        DNS
                                                        194.23.217.172.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        194.23.217.172.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        194.23.217.172.in-addr.arpa
                                                        IN PTR
                                                        ams16s37-in-f21e100net
                                                        194.23.217.172.in-addr.arpa
                                                        IN PTR
                                                        prg03s05-in-f2�H
                                                        194.23.217.172.in-addr.arpa
                                                        IN PTR
                                                        prg03s05-in-f194�H
                                                      • flag-us
                                                        DNS
                                                        um.simpli.fi
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        um.simpli.fi
                                                        IN A
                                                        Response
                                                        um.simpli.fi
                                                        IN A
                                                        34.91.62.186
                                                        um.simpli.fi
                                                        IN A
                                                        35.204.74.118
                                                        um.simpli.fi
                                                        IN A
                                                        35.204.158.49
                                                      • flag-us
                                                        DNS
                                                        dsp.adfarm1.adition.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        dsp.adfarm1.adition.com
                                                        IN A
                                                        Response
                                                        dsp.adfarm1.adition.com
                                                        IN A
                                                        85.114.159.93
                                                        dsp.adfarm1.adition.com
                                                        IN A
                                                        85.114.159.118
                                                      • flag-us
                                                        DNS
                                                        d5p.de17a.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        d5p.de17a.com
                                                        IN A
                                                        Response
                                                        d5p.de17a.com
                                                        IN A
                                                        213.155.156.181
                                                        d5p.de17a.com
                                                        IN A
                                                        213.155.156.164
                                                        d5p.de17a.com
                                                        IN A
                                                        213.155.156.169
                                                        d5p.de17a.com
                                                        IN A
                                                        213.155.156.184
                                                        d5p.de17a.com
                                                        IN A
                                                        213.155.156.165
                                                        d5p.de17a.com
                                                        IN A
                                                        213.155.156.168
                                                        d5p.de17a.com
                                                        IN A
                                                        213.155.156.166
                                                        d5p.de17a.com
                                                        IN A
                                                        213.155.156.167
                                                        d5p.de17a.com
                                                        IN A
                                                        213.155.156.185
                                                        d5p.de17a.com
                                                        IN A
                                                        213.155.156.180
                                                        d5p.de17a.com
                                                        IN A
                                                        213.155.156.182
                                                        d5p.de17a.com
                                                        IN A
                                                        213.155.156.183
                                                      • flag-us
                                                        DNS
                                                        dsp.adkernel.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        dsp.adkernel.com
                                                        IN A
                                                        Response
                                                        dsp.adkernel.com
                                                        IN A
                                                        174.137.133.49
                                                      • flag-se
                                                        GET
                                                        https://d5p.de17a.com/cookies/google?google_gid=CAESEPVWZ-cxZvUzCi3dzWSOXME&google_cver=1&google_push=ATf1kGPDMtMHZT_41fcrESb0V8eZwwqyE0lPkQ2zMAiiWS25kZdJxIkgfmbmnFntYHOw0Kgo2Jfj0aOl7H17eFQETSZcx8aI3yD4
                                                        chrome.exe
                                                        Remote address:
                                                        213.155.156.181:443
                                                        Request
                                                        GET /cookies/google?google_gid=CAESEPVWZ-cxZvUzCi3dzWSOXME&google_cver=1&google_push=ATf1kGPDMtMHZT_41fcrESb0V8eZwwqyE0lPkQ2zMAiiWS25kZdJxIkgfmbmnFntYHOw0Kgo2Jfj0aOl7H17eFQETSZcx8aI3yD4 HTTP/2.0
                                                        host: d5p.de17a.com
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        sec-fetch-site: cross-site
                                                        sec-fetch-mode: no-cors
                                                        sec-fetch-dest: image
                                                        referer: https://pagead2.googlesyndication.com/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                        Response
                                                        HTTP/2.0 200
                                                        content-length: 35
                                                        content-type: image/gif
                                                        p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
                                                      • flag-us
                                                        DNS
                                                        a.rfihub.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        a.rfihub.com
                                                        IN A
                                                        Response
                                                        a.rfihub.com
                                                        IN CNAME
                                                        a.rfihub.com.akadns.net
                                                        a.rfihub.com.akadns.net
                                                        IN CNAME
                                                        a-emea.rfihub.com.akadns.net
                                                        a-emea.rfihub.com.akadns.net
                                                        IN A
                                                        193.0.160.130
                                                      • flag-us
                                                        DNS
                                                        sync-dmp.aura-dsp.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        sync-dmp.aura-dsp.com
                                                        IN A
                                                        Response
                                                        sync-dmp.aura-dsp.com
                                                        IN A
                                                        162.55.80.222
                                                      • flag-us
                                                        DNS
                                                        cm.g.doubleclick.net
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        cm.g.doubleclick.net
                                                        IN A
                                                        Response
                                                        cm.g.doubleclick.net
                                                        IN A
                                                        142.251.36.2
                                                      • flag-us
                                                        DNS
                                                        trace.mediago.io
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        trace.mediago.io
                                                        IN A
                                                        Response
                                                        trace.mediago.io
                                                        IN A
                                                        35.208.249.213
                                                      • flag-us
                                                        GET
                                                        https://trace.mediago.io/cs/google?google_gid=CAESEAE4ZqG4Fyjchg9dycOBSik&google_cver=1&google_push=ATf1kGO4nNzmR2SsBlJ-NDF2vfs2jlwQOGI1ngNEJSzPt4I_XoWJR_uCB6s7foGVw8OBSrLwwSCcVTtgTbiEaBV24Ruq-uitMffY4bI
                                                        chrome.exe
                                                        Remote address:
                                                        35.208.249.213:443
                                                        Request
                                                        GET /cs/google?google_gid=CAESEAE4ZqG4Fyjchg9dycOBSik&google_cver=1&google_push=ATf1kGO4nNzmR2SsBlJ-NDF2vfs2jlwQOGI1ngNEJSzPt4I_XoWJR_uCB6s7foGVw8OBSrLwwSCcVTtgTbiEaBV24Ruq-uitMffY4bI HTTP/2.0
                                                        host: trace.mediago.io
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        sec-fetch-site: cross-site
                                                        sec-fetch-mode: no-cors
                                                        sec-fetch-dest: image
                                                        referer: https://pagead2.googlesyndication.com/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                      • flag-nl
                                                        GET
                                                        https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JmKCkvctsFwUHzvVZ6gGwTx9nBxEvDYzCtWyPko0JKY3GujUvrB5tpRMu2BmLJhOLxB7Ae0Log
                                                        chrome.exe
                                                        Remote address:
                                                        142.251.36.2:443
                                                        Request
                                                        GET /pixel/attr?d=AHNF13JmKCkvctsFwUHzvVZ6gGwTx9nBxEvDYzCtWyPko0JKY3GujUvrB5tpRMu2BmLJhOLxB7Ae0Log HTTP/2.0
                                                        host: cm.g.doubleclick.net
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        sec-fetch-site: cross-site
                                                        sec-fetch-mode: no-cors
                                                        sec-fetch-dest: image
                                                        referer: https://pagead2.googlesyndication.com/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                        cookie: IDE=AHWqTUlhkzcg0mQ1Z-DSOzRVhQjD09rJWvo1RMoOfM_3DHXCUpOZjS3-x9-3r5pGbEE
                                                        cookie: DSID=NO_DATA
                                                      • flag-us
                                                        DNS
                                                        106.208.58.216.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        106.208.58.216.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        106.208.58.216.in-addr.arpa
                                                        IN PTR
                                                        sof01s11-in-f1061e100net
                                                        106.208.58.216.in-addr.arpa
                                                        IN PTR
                                                        ams17s08-in-f10�J
                                                      • flag-us
                                                        DNS
                                                        93.159.114.85.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        93.159.114.85.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        93.159.114.85.in-addr.arpa
                                                        IN PTR
                                                        dspadfarm1aditioncom
                                                      • flag-us
                                                        DNS
                                                        186.62.91.34.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        186.62.91.34.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        186.62.91.34.in-addr.arpa
                                                        IN PTR
                                                        186629134bcgoogleusercontentcom
                                                      • flag-us
                                                        DNS
                                                        181.156.155.213.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        181.156.155.213.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        130.160.0.193.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        130.160.0.193.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        130.160.0.193.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        130.160.0.193.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        49.133.137.174.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        49.133.137.174.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        49.133.137.174.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        49.133.137.174.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        213.249.208.35.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        213.249.208.35.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        213.249.208.35.in-addr.arpa
                                                        IN PTR
                                                        21324920835bcgoogleusercontentcom
                                                      • flag-us
                                                        DNS
                                                        213.249.208.35.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        213.249.208.35.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        213.249.208.35.in-addr.arpa
                                                        IN PTR
                                                        21324920835bcgoogleusercontentcom
                                                      • flag-us
                                                        DNS
                                                        226.20.18.104.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        226.20.18.104.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        ad.wsod.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        ad.wsod.com
                                                        IN A
                                                        Response
                                                        ad.wsod.com
                                                        IN A
                                                        209.234.236.22
                                                      • flag-us
                                                        DNS
                                                        ad.wsod.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        ad.wsod.com
                                                        IN A
                                                        Response
                                                        ad.wsod.com
                                                        IN A
                                                        209.234.224.22
                                                      • flag-us
                                                        GET
                                                        https://ad.wsod.com/embed/a5878a3d6f2be40db26311f6f8fb21a3/8192.0.js.160x600/xaSxk-2RvCna?click=https://a.rfihub.com/ac/b/c3Q9aHRtbCZhYT01MDk1ODIzLDEyMjM3NzYyMywyNDE4MDg5LDI3MDU3OTE5NywxODc5MjUsMTU3ODM2NSw1YTkxZDc2MzczZDIxNTA3NjUyZjlkMzAwODEyY2MyYixwLDQyOTc3LDU2ODk3Myw3Nzc4MTA3Myw1MDE3NDksMTMwMzYxMyZtdD0xJnJiPTQ0NSZyZT0xMjM4NiZoY2k9JnV1aWQ9NTU5OTYzMTU2NjY5ODI5MTA3MCZkaT0mZGM9MyZkaXNyYz0wJmJpcD0xNTQuNjEuNzEuMCZkaWQ9dGlkXzE1NzgzNjV8bWVkX3JlZ3VsYXI./n/
                                                        chrome.exe
                                                        Remote address:
                                                        209.234.236.22:443
                                                        Request
                                                        GET /embed/a5878a3d6f2be40db26311f6f8fb21a3/8192.0.js.160x600/xaSxk-2RvCna?click=https://a.rfihub.com/ac/b/c3Q9aHRtbCZhYT01MDk1ODIzLDEyMjM3NzYyMywyNDE4MDg5LDI3MDU3OTE5NywxODc5MjUsMTU3ODM2NSw1YTkxZDc2MzczZDIxNTA3NjUyZjlkMzAwODEyY2MyYixwLDQyOTc3LDU2ODk3Myw3Nzc4MTA3Myw1MDE3NDksMTMwMzYxMyZtdD0xJnJiPTQ0NSZyZT0xMjM4NiZoY2k9JnV1aWQ9NTU5OTYzMTU2NjY5ODI5MTA3MCZkaT0mZGM9MyZkaXNyYz0wJmJpcD0xNTQuNjEuNzEuMCZkaWQ9dGlkXzE1NzgzNjV8bWVkX3JlZ3VsYXI./n/ HTTP/1.1
                                                        Host: ad.wsod.com
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        Accept: */*
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: no-cors
                                                        Sec-Fetch-Dest: script
                                                        Referer: https://googleads.g.doubleclick.net/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        Response
                                                        HTTP/1.1 200 OK
                                                        Server: nginx
                                                        Date: Wed, 28 Jun 2023 17:13:19 GMT
                                                        Content-Type: text/html
                                                        Transfer-Encoding: chunked
                                                        Connection: keep-alive
                                                        Vary: Accept-Encoding
                                                        X-Powered-By: PHP/5.4.16
                                                        Cache-Control: no-cache, no-store
                                                        Pragma: no-cache
                                                        Expires: Sat, 26 Jul 1997 05:00:00 GMT
                                                        Content-Encoding: gzip
                                                      • flag-us
                                                        GET
                                                        https://ad.wsod.com/user_privacy.php?v=20230105b
                                                        chrome.exe
                                                        Remote address:
                                                        209.234.236.22:443
                                                        Request
                                                        GET /user_privacy.php?v=20230105b HTTP/1.1
                                                        Host: ad.wsod.com
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        sec-ch-ua-platform: "Windows"
                                                        Upgrade-Insecure-Requests: 1
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: navigate
                                                        Sec-Fetch-Dest: iframe
                                                        Referer: https://googleads.g.doubleclick.net/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        Response
                                                        HTTP/1.1 200 OK
                                                        Server: nginx
                                                        Date: Wed, 28 Jun 2023 17:13:20 GMT
                                                        Content-Type: text/html
                                                        Transfer-Encoding: chunked
                                                        Connection: keep-alive
                                                        Vary: Accept-Encoding
                                                        X-Powered-By: PHP/5.4.16
                                                        Cache-Control: private, max-age=5184000
                                                        Content-Encoding: gzip
                                                      • flag-us
                                                        GET
                                                        https://ad.wsod.com/embed/a5878a3d6f2be40db26311f6f8fb21a3/8192.0.js.160x600/1687972399**;1,0,0;1280x720x1;https%3A_@2F_@2Fgoogleads.g.doubleclick.net_@2Fpagead_@2Fads_@3Fclient%3Dca-pub-7750719144850257_@26output%3Dhtml_@26h%3D600_@26slotname%3D6376638919_@26adk%3D3861630186_@26adf%3D3093873505_@26pi%3Dt.ma~as.6376638919_@26w%3D256_@26fwrn%3D4_@26fwrnh%3D100_@26lmt%3D1687972396_@26rafmt%3D1_@26format%3D256x600_@26url%3Dhttps%253A%252F%252Fmalwaretips.com%252Fblogs%252Fremove-p-rfihub-com%252F_@26fwr%3D0_@26rpe%3D1_@26resp_fmts%3D4_@26wgl%3D1_@26uach%3DWyJXaW5kb3dzIiwiNC4wLjAiLCJ4ODYiLCIiLCIxMDYuMC41MjQ5LjExOSIsW10sMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMDYuMC41MjQ5LjExOSJdLFsiR29vZ2xlIENocm9tZSIsIjEwNi4wLjUyNDkuMTE5Il0sWyJOb3Q7QT1CcmFuZCIsIjk5LjAuMC4wIl1dLDBd_@26dt%3D1687972396808_@26bpp%3D1_@26bdt%3D10484_@26idt%3D0_@26shv%3Dr20230620_@26mjsv%3Dm202306161001_@26ptt%3D9_@26saldr%3Daa_@26abxe%3D1_@26cookie%3DID%253D14458b3ad5d06fdb-22ee111d05e20045%253AT%253D1687972389%253ART%253D1687972389%253AS%253DALNI_MarsksMJDVfeXToUBl1T1ATeUTd-Q_@26gpic%3DUID%253D00000c7a70aa4021%253AT%253D1687972389%253ART%253D1687972389%253AS%253DALNI_MZ9dei8rNcJ_CeDn9bLZCrEwH_uEA_@26prev_fmts%3D0x0%252C256x600%252C867x280_@26nras%3D1_@26correlator%3D8198946555259_@26frm%3D20_@26pv%3D1_@26ga_vid%3D37881037.1687972388_@26ga_sid%3D1687972388_@26ga_hid%3D1239201660;;;?click=https://a.rfihub.com/ac/b/c3Q9aHRtbCZhYT01MDk1ODIzLDEyMjM3NzYyMywyNDE4MDg5LDI3MDU3OTE5NywxODc5MjUsMTU3ODM2NSw1YTkxZDc2MzczZDIxNTA3NjUyZjlkMzAwODEyY2MyYixwLDQyOTc3LDU2ODk3Myw3Nzc4MTA3Myw1MDE3NDksMTMwMzYxMyZtdD0xJnJiPTQ0NSZyZT0xMjM4NiZoY2k9JnV1aWQ9NTU5OTYzMTU2NjY5ODI5MTA3MCZkaT0mZGM9MyZkaXNyYz0wJmJpcD0xNTQuNjEuNzEuMCZkaWQ9dGlkXzE1NzgzNjV8bWVkX3JlZ3VsYXI./n/
                                                        chrome.exe
                                                        Remote address:
                                                        209.234.236.22:443
                                                        Request
                                                        GET /embed/a5878a3d6f2be40db26311f6f8fb21a3/8192.0.js.160x600/1687972399**;1,0,0;1280x720x1;https%3A_@2F_@2Fgoogleads.g.doubleclick.net_@2Fpagead_@2Fads_@3Fclient%3Dca-pub-7750719144850257_@26output%3Dhtml_@26h%3D600_@26slotname%3D6376638919_@26adk%3D3861630186_@26adf%3D3093873505_@26pi%3Dt.ma~as.6376638919_@26w%3D256_@26fwrn%3D4_@26fwrnh%3D100_@26lmt%3D1687972396_@26rafmt%3D1_@26format%3D256x600_@26url%3Dhttps%253A%252F%252Fmalwaretips.com%252Fblogs%252Fremove-p-rfihub-com%252F_@26fwr%3D0_@26rpe%3D1_@26resp_fmts%3D4_@26wgl%3D1_@26uach%3DWyJXaW5kb3dzIiwiNC4wLjAiLCJ4ODYiLCIiLCIxMDYuMC41MjQ5LjExOSIsW10sMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMDYuMC41MjQ5LjExOSJdLFsiR29vZ2xlIENocm9tZSIsIjEwNi4wLjUyNDkuMTE5Il0sWyJOb3Q7QT1CcmFuZCIsIjk5LjAuMC4wIl1dLDBd_@26dt%3D1687972396808_@26bpp%3D1_@26bdt%3D10484_@26idt%3D0_@26shv%3Dr20230620_@26mjsv%3Dm202306161001_@26ptt%3D9_@26saldr%3Daa_@26abxe%3D1_@26cookie%3DID%253D14458b3ad5d06fdb-22ee111d05e20045%253AT%253D1687972389%253ART%253D1687972389%253AS%253DALNI_MarsksMJDVfeXToUBl1T1ATeUTd-Q_@26gpic%3DUID%253D00000c7a70aa4021%253AT%253D1687972389%253ART%253D1687972389%253AS%253DALNI_MZ9dei8rNcJ_CeDn9bLZCrEwH_uEA_@26prev_fmts%3D0x0%252C256x600%252C867x280_@26nras%3D1_@26correlator%3D8198946555259_@26frm%3D20_@26pv%3D1_@26ga_vid%3D37881037.1687972388_@26ga_sid%3D1687972388_@26ga_hid%3D1239201660;;;?click=https://a.rfihub.com/ac/b/c3Q9aHRtbCZhYT01MDk1ODIzLDEyMjM3NzYyMywyNDE4MDg5LDI3MDU3OTE5NywxODc5MjUsMTU3ODM2NSw1YTkxZDc2MzczZDIxNTA3NjUyZjlkMzAwODEyY2MyYixwLDQyOTc3LDU2ODk3Myw3Nzc4MTA3Myw1MDE3NDksMTMwMzYxMyZtdD0xJnJiPTQ0NSZyZT0xMjM4NiZoY2k9JnV1aWQ9NTU5OTYzMTU2NjY5ODI5MTA3MCZkaT0mZGM9MyZkaXNyYz0wJmJpcD0xNTQuNjEuNzEuMCZkaWQ9dGlkXzE1NzgzNjV8bWVkX3JlZ3VsYXI./n/ HTTP/1.1
                                                        Host: ad.wsod.com
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        Accept: */*
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: no-cors
                                                        Sec-Fetch-Dest: script
                                                        Referer: https://googleads.g.doubleclick.net/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        Response
                                                        HTTP/1.1 200 OK
                                                        Server: nginx
                                                        Date: Wed, 28 Jun 2023 17:13:20 GMT
                                                        Content-Type: text/html
                                                        Transfer-Encoding: chunked
                                                        Connection: keep-alive
                                                        Vary: Accept-Encoding
                                                        X-Powered-By: PHP/5.4.16
                                                        Cache-Control: no-cache, no-store
                                                        Pragma: no-cache
                                                        Expires: Sat, 26 Jul 1997 05:00:00 GMT
                                                        Set-Cookie: ub=L5744649c6a302666c:0:1280:720:1; expires=Sun, 27-Aug-2023 17:13:20 GMT; path=/; domain=.wsod.com; SameSite=None; secure; httponly
                                                        Set-Cookie: f25=!!!!!!0:1687972400; expires=Sat, 29-Jul-2023 17:13:20 GMT; path=/; domain=.wsod.com; SameSite=None; secure; httponly
                                                        Set-Cookie: g36013=84:8192:7626:969:__::1687972400:L!!!!!!!!; expires=Sat, 29-Jul-2023 17:13:20 GMT; path=/; domain=.wsod.com; SameSite=None; secure; httponly
                                                        Content-Encoding: gzip
                                                      • flag-us
                                                        GET
                                                        https://ad.wsod.com//pixel/lr.php
                                                        chrome.exe
                                                        Remote address:
                                                        209.234.236.22:443
                                                        Request
                                                        GET //pixel/lr.php HTTP/1.1
                                                        Host: ad.wsod.com
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: no-cors
                                                        Sec-Fetch-Dest: image
                                                        Referer: https://googleads.g.doubleclick.net/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        Cookie: tmpUB=S31178322673081028; ub=L5744649c6a302666c:0:1280:720:1; f25=!!!!!!0:1687972400; g36013=84:8192:7626:969:__::1687972400:L!!!!!!!!
                                                        Response
                                                        HTTP/1.1 302 Found
                                                        Server: nginx
                                                        Date: Wed, 28 Jun 2023 17:13:20 GMT
                                                        Content-Type: text/html
                                                        Content-Length: 0
                                                        Connection: keep-alive
                                                        X-Powered-By: PHP/5.4.16
                                                        Set-Cookie: mp=L5744649c6a302666c; expires=Wed, 05-Jul-2023 17:13:20 GMT; path=/; domain=.wsod.com; SameSite=None; secure; httponly
                                                        Location: //idsync.rlcdn.com/403486.gif?partner_uid=L5744649c6a302666c
                                                      • flag-us
                                                        GET
                                                        https://ad.wsod.com/view/a5878a3d6f2be40db26311f6f8fb21a3/8192.7626.1.160x600.1687972400.L5744649c6a302666c.6245.__.0/1687972399007.4275**;;
                                                        chrome.exe
                                                        Remote address:
                                                        209.234.236.22:443
                                                        Request
                                                        GET /view/a5878a3d6f2be40db26311f6f8fb21a3/8192.7626.1.160x600.1687972400.L5744649c6a302666c.6245.__.0/1687972399007.4275**;; HTTP/1.1
                                                        Host: ad.wsod.com
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: no-cors
                                                        Sec-Fetch-Dest: image
                                                        Referer: https://googleads.g.doubleclick.net/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        Cookie: tmpUB=S31178322673081028; ub=L5744649c6a302666c:0:1280:720:1; f25=!!!!!!0:1687972400; g36013=84:8192:7626:969:__::1687972400:L!!!!!!!!; mp=L5744649c6a302666c
                                                        Response
                                                        HTTP/1.1 200 OK
                                                        Server: nginx
                                                        Date: Wed, 28 Jun 2023 17:13:20 GMT
                                                        Content-Type: text/html
                                                        Transfer-Encoding: chunked
                                                        Connection: keep-alive
                                                        Vary: Accept-Encoding
                                                        X-Powered-By: PHP/5.4.16
                                                        Cache-Control: no-cache, no-store
                                                        Pragma: no-cache
                                                        Expires: Sat, 26 Jul 1997 05:00:00 GMT
                                                        Content-Encoding: gzip
                                                      • flag-us
                                                        GET
                                                        https://ad.wsod.com/view/a5878a3d6f2be40db26311f6f8fb21a3/8192.7626.10_101.160x600.1687972400.L5744649c6a302666c.6245.__.0/1687972399007.4275**;101%7C1%7C1;
                                                        chrome.exe
                                                        Remote address:
                                                        209.234.236.22:443
                                                        Request
                                                        GET /view/a5878a3d6f2be40db26311f6f8fb21a3/8192.7626.10_101.160x600.1687972400.L5744649c6a302666c.6245.__.0/1687972399007.4275**;101%7C1%7C1; HTTP/1.1
                                                        Host: ad.wsod.com
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: no-cors
                                                        Sec-Fetch-Dest: image
                                                        Referer: https://googleads.g.doubleclick.net/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        Cookie: tmpUB=S31178322673081028; ub=L5744649c6a302666c:0:1280:720:1; f25=!!!!!!0:1687972400; g36013=84:8192:7626:969:__::1687972400:L!!!!!!!!; mp=L5744649c6a302666c
                                                        Response
                                                        HTTP/1.1 200 OK
                                                        Server: nginx
                                                        Date: Wed, 28 Jun 2023 17:13:23 GMT
                                                        Content-Type: text/html
                                                        Transfer-Encoding: chunked
                                                        Connection: keep-alive
                                                        Vary: Accept-Encoding
                                                        X-Powered-By: PHP/5.4.16
                                                        Cache-Control: no-cache, no-store
                                                        Pragma: no-cache
                                                        Expires: Sat, 26 Jul 1997 05:00:00 GMT
                                                        Set-Cookie: g36013=84:8192:7626:969:__::1687972400:L!!!!!!84:8192:7626:969:__::1687972403:L!!; expires=Sat, 29-Jul-2023 17:13:23 GMT; path=/; domain=.wsod.com; SameSite=None; secure; httponly
                                                        Content-Encoding: gzip
                                                      • flag-us
                                                        GET
                                                        https://ad.wsod.com/view/a5878a3d6f2be40db26311f6f8fb21a3/8192.7626.101.160x600.1687972400.L5744649c6a302666c.6245.__.0/1687972399007.4275**;101%7C0%7C5;
                                                        chrome.exe
                                                        Remote address:
                                                        209.234.236.22:443
                                                        Request
                                                        GET /view/a5878a3d6f2be40db26311f6f8fb21a3/8192.7626.101.160x600.1687972400.L5744649c6a302666c.6245.__.0/1687972399007.4275**;101%7C0%7C5; HTTP/1.1
                                                        Host: ad.wsod.com
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: no-cors
                                                        Sec-Fetch-Dest: image
                                                        Referer: https://googleads.g.doubleclick.net/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        Cookie: tmpUB=S31178322673081028; ub=L5744649c6a302666c:0:1280:720:1; f25=!!!!!!0:1687972400; mp=L5744649c6a302666c; g36013=84:8192:7626:969:__::1687972400:L!!!!!!84:8192:7626:969:__::1687972403:L!!
                                                        Response
                                                        HTTP/1.1 200 OK
                                                        Server: nginx
                                                        Date: Wed, 28 Jun 2023 17:13:29 GMT
                                                        Content-Type: text/html
                                                        Transfer-Encoding: chunked
                                                        Connection: keep-alive
                                                        Vary: Accept-Encoding
                                                        X-Powered-By: PHP/5.4.16
                                                        Cache-Control: no-cache, no-store
                                                        Pragma: no-cache
                                                        Expires: Sat, 26 Jul 1997 05:00:00 GMT
                                                        Content-Encoding: gzip
                                                      • flag-us
                                                        GET
                                                        https://ad.wsod.com/view/a5878a3d6f2be40db26311f6f8fb21a3/8192.7626.101.160x600.1687972400.L5744649c6a302666c.6245.__.0/1687972399007.4275**;101%7C0%7C25;
                                                        chrome.exe
                                                        Remote address:
                                                        209.234.236.22:443
                                                        Request
                                                        GET /view/a5878a3d6f2be40db26311f6f8fb21a3/8192.7626.101.160x600.1687972400.L5744649c6a302666c.6245.__.0/1687972399007.4275**;101%7C0%7C25; HTTP/1.1
                                                        Host: ad.wsod.com
                                                        Connection: keep-alive
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        Sec-Fetch-Site: cross-site
                                                        Sec-Fetch-Mode: no-cors
                                                        Sec-Fetch-Dest: image
                                                        Referer: https://googleads.g.doubleclick.net/
                                                        Accept-Encoding: gzip, deflate, br
                                                        Accept-Language: en-US,en;q=0.9
                                                        Cookie: tmpUB=S31178322673081028; ub=L5744649c6a302666c:0:1280:720:1; f25=!!!!!!0:1687972400; mp=L5744649c6a302666c; g36013=84:8192:7626:969:__::1687972400:L!!!!!!84:8192:7626:969:__::1687972403:L!!
                                                        Response
                                                        HTTP/1.1 200 OK
                                                        Server: nginx
                                                        Date: Wed, 28 Jun 2023 17:13:54 GMT
                                                        Content-Type: text/html
                                                        Transfer-Encoding: chunked
                                                        Connection: keep-alive
                                                        Vary: Accept-Encoding
                                                        X-Powered-By: PHP/5.4.16
                                                        Cache-Control: no-cache, no-store
                                                        Pragma: no-cache
                                                        Expires: Sat, 26 Jul 1997 05:00:00 GMT
                                                        Content-Encoding: gzip
                                                      • flag-us
                                                        DNS
                                                        www.wsoddata.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        www.wsoddata.com
                                                        IN A
                                                        Response
                                                        www.wsoddata.com
                                                        IN A
                                                        209.234.235.251
                                                      • flag-us
                                                        DNS
                                                        www.wsoddata.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        www.wsoddata.com
                                                        IN A
                                                        Response
                                                        www.wsoddata.com
                                                        IN A
                                                        209.234.235.251
                                                      • flag-us
                                                        DNS
                                                        ad.wsodcdn.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        ad.wsodcdn.com
                                                        IN A
                                                        Response
                                                        ad.wsodcdn.com
                                                        IN CNAME
                                                        ad.wsodcdn.com.edgekey.net
                                                        ad.wsodcdn.com.edgekey.net
                                                        IN CNAME
                                                        e7680.g.akamaiedge.net
                                                        e7680.g.akamaiedge.net
                                                        IN A
                                                        23.221.248.25
                                                      • flag-us
                                                        DNS
                                                        tag.researchnow.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        tag.researchnow.com
                                                        IN A
                                                        Response
                                                        tag.researchnow.com
                                                        IN CNAME
                                                        d1d95dev3v7dza.cloudfront.net
                                                        d1d95dev3v7dza.cloudfront.net
                                                        IN A
                                                        18.66.147.14
                                                        d1d95dev3v7dza.cloudfront.net
                                                        IN A
                                                        18.66.147.40
                                                        d1d95dev3v7dza.cloudfront.net
                                                        IN A
                                                        18.66.147.105
                                                        d1d95dev3v7dza.cloudfront.net
                                                        IN A
                                                        18.66.147.91
                                                      • flag-us
                                                        DNS
                                                        1620481.fls.doubleclick.net
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        1620481.fls.doubleclick.net
                                                        IN A
                                                        Response
                                                        1620481.fls.doubleclick.net
                                                        IN CNAME
                                                        dart.l.doubleclick.net
                                                        dart.l.doubleclick.net
                                                        IN A
                                                        142.250.179.134
                                                      • flag-nl
                                                        GET
                                                        https://1620481.fls.doubleclick.net/activityi;src=1620481;type=tdame177;cat=modin0;u15=L5744649c6a302666c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=1?
                                                        chrome.exe
                                                        Remote address:
                                                        142.250.179.134:443
                                                        Request
                                                        GET /activityi;src=1620481;type=tdame177;cat=modin0;u15=L5744649c6a302666c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=1? HTTP/2.0
                                                        host: 1620481.fls.doubleclick.net
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        sec-fetch-site: same-site
                                                        sec-fetch-mode: no-cors
                                                        sec-fetch-dest: image
                                                        referer: https://googleads.g.doubleclick.net/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                        cookie: IDE=AHWqTUlhkzcg0mQ1Z-DSOzRVhQjD09rJWvo1RMoOfM_3DHXCUpOZjS3-x9-3r5pGbEE
                                                        cookie: DSID=NO_DATA
                                                      • flag-nl
                                                        GET
                                                        https://ad.wsodcdn.com/adview/madview-min-0.0.19-0.js
                                                        chrome.exe
                                                        Remote address:
                                                        23.221.248.25:443
                                                        Request
                                                        GET /adview/madview-min-0.0.19-0.js HTTP/2.0
                                                        host: ad.wsodcdn.com
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        accept: */*
                                                        sec-fetch-site: cross-site
                                                        sec-fetch-mode: no-cors
                                                        sec-fetch-dest: script
                                                        referer: https://googleads.g.doubleclick.net/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                        Response
                                                        HTTP/2.0 200
                                                        content-type: application/javascript
                                                        cache-control: max-age=315360000
                                                        content-encoding: br
                                                        etag: W/"5b85c6c5-5c68"
                                                        expires: Thu, 31 Dec 2037 23:55:55 GMT
                                                        last-modified: Thu, 24 Sep 2020 16:53:47 GMT
                                                        server: Akamai Resource Optimizer
                                                        vary: Accept-Encoding
                                                        content-length: 8076
                                                        date: Wed, 28 Jun 2023 17:13:20 GMT
                                                      • flag-de
                                                        GET
                                                        https://tag.researchnow.com/t/beacon?adn=3&ca=221&cr=7626&ord=1687972400&pl=8192&pr=12237&si=84
                                                        chrome.exe
                                                        Remote address:
                                                        18.66.147.14:443
                                                        Request
                                                        GET /t/beacon?adn=3&ca=221&cr=7626&ord=1687972400&pl=8192&pr=12237&si=84 HTTP/2.0
                                                        host: tag.researchnow.com
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        sec-fetch-site: cross-site
                                                        sec-fetch-mode: no-cors
                                                        sec-fetch-dest: image
                                                        referer: https://googleads.g.doubleclick.net/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                        Response
                                                        HTTP/2.0 200
                                                        content-type: image/gif
                                                        content-length: 42
                                                        date: Wed, 28 Jun 2023 16:20:38 GMT
                                                        server: Apache/2.4.57 ()
                                                        x-powered-by: PHP/7.2.34
                                                        cache-control: no-cache, no-store, must-revalidate
                                                        pragma: no-cache
                                                        expires: 0
                                                        p3p: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
                                                        access-control-allow-origin: *
                                                        x-cache: Hit from cloudfront
                                                        via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
                                                        x-amz-cf-pop: FRA60-P4
                                                        x-amz-cf-id: Zk032ftrmDRLyjXgBBoiH76qmA1sqVFN91shVQz_J_cZVmsIUIajTA==
                                                        age: 3162
                                                      • flag-us
                                                        DNS
                                                        idsync.rlcdn.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        idsync.rlcdn.com
                                                        IN A
                                                        Response
                                                        idsync.rlcdn.com
                                                        IN A
                                                        35.190.60.146
                                                      • flag-us
                                                        GET
                                                        https://idsync.rlcdn.com/403486.gif?partner_uid=L5744649c6a302666c
                                                        chrome.exe
                                                        Remote address:
                                                        35.190.60.146:443
                                                        Request
                                                        GET /403486.gif?partner_uid=L5744649c6a302666c HTTP/2.0
                                                        host: idsync.rlcdn.com
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        sec-fetch-site: cross-site
                                                        sec-fetch-mode: no-cors
                                                        sec-fetch-dest: image
                                                        referer: https://googleads.g.doubleclick.net/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                      • flag-us
                                                        DNS
                                                        pm.w55c.net
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        pm.w55c.net
                                                        IN A
                                                        Response
                                                        pm.w55c.net
                                                        IN CNAME
                                                        dxedge-prod-lb-946522505.us-east-1.elb.amazonaws.com
                                                        dxedge-prod-lb-946522505.us-east-1.elb.amazonaws.com
                                                        IN A
                                                        52.71.141.42
                                                        dxedge-prod-lb-946522505.us-east-1.elb.amazonaws.com
                                                        IN A
                                                        54.209.73.86
                                                        dxedge-prod-lb-946522505.us-east-1.elb.amazonaws.com
                                                        IN A
                                                        52.23.49.153
                                                        dxedge-prod-lb-946522505.us-east-1.elb.amazonaws.com
                                                        IN A
                                                        52.20.42.167
                                                        dxedge-prod-lb-946522505.us-east-1.elb.amazonaws.com
                                                        IN A
                                                        54.173.100.80
                                                        dxedge-prod-lb-946522505.us-east-1.elb.amazonaws.com
                                                        IN A
                                                        52.202.52.98
                                                        dxedge-prod-lb-946522505.us-east-1.elb.amazonaws.com
                                                        IN A
                                                        34.230.250.86
                                                        dxedge-prod-lb-946522505.us-east-1.elb.amazonaws.com
                                                        IN A
                                                        50.17.63.122
                                                      • flag-us
                                                        DNS
                                                        sync.mathtag.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        sync.mathtag.com
                                                        IN A
                                                        Response
                                                        sync.mathtag.com
                                                        IN CNAME
                                                        pixel-origin.mathtag.com
                                                        pixel-origin.mathtag.com
                                                        IN A
                                                        185.29.132.245
                                                        pixel-origin.mathtag.com
                                                        IN A
                                                        185.29.134.244
                                                        pixel-origin.mathtag.com
                                                        IN A
                                                        185.29.134.248
                                                        pixel-origin.mathtag.com
                                                        IN A
                                                        185.29.132.241
                                                      • flag-us
                                                        DNS
                                                        a.tribalfusion.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        a.tribalfusion.com
                                                        IN A
                                                        Response
                                                        a.tribalfusion.com
                                                        IN A
                                                        104.18.24.173
                                                        a.tribalfusion.com
                                                        IN A
                                                        104.18.25.173
                                                      • flag-us
                                                        DNS
                                                        b1sync.zemanta.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        b1sync.zemanta.com
                                                        IN A
                                                        Response
                                                      • flag-us
                                                        GET
                                                        https://a.tribalfusion.com/i.match?p=b6&u=CAESEKkb6QduRLwOZ7ZCuKqApRY&google_cver=1&google_push=ATf1kGP745ZYPkDBEhZVRtkLqnC21FGs_oW5_IRmqwX7k5Ld7VmgK3B6NaKkV-c09iH-IYR8f4rxgFYU0V9A0ivckPpiffXVScX6kRY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP745ZYPkDBEhZVRtkLqnC21FGs_oW5_IRmqwX7k5Ld7VmgK3B6NaKkV-c09iH-IYR8f4rxgFYU0V9A0ivckPpiffXVScX6kRY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
                                                        chrome.exe
                                                        Remote address:
                                                        104.18.24.173:443
                                                        Request
                                                        GET /i.match?p=b6&u=CAESEKkb6QduRLwOZ7ZCuKqApRY&google_cver=1&google_push=ATf1kGP745ZYPkDBEhZVRtkLqnC21FGs_oW5_IRmqwX7k5Ld7VmgK3B6NaKkV-c09iH-IYR8f4rxgFYU0V9A0ivckPpiffXVScX6kRY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP745ZYPkDBEhZVRtkLqnC21FGs_oW5_IRmqwX7k5Ld7VmgK3B6NaKkV-c09iH-IYR8f4rxgFYU0V9A0ivckPpiffXVScX6kRY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP/2.0
                                                        host: a.tribalfusion.com
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        sec-fetch-site: cross-site
                                                        sec-fetch-mode: no-cors
                                                        sec-fetch-dest: image
                                                        referer: https://pagead2.googlesyndication.com/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                        Response
                                                        HTTP/2.0 302
                                                        date: Wed, 28 Jun 2023 17:13:20 GMT
                                                        content-type: text/html
                                                        location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKkb6QduRLwOZ7ZCuKqApRY&google_cver=1&google_push=ATf1kGP745ZYPkDBEhZVRtkLqnC21FGs_oW5_IRmqwX7k5Ld7VmgK3B6NaKkV-c09iH-IYR8f4rxgFYU0V9A0ivckPpiffXVScX6kRY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP745ZYPkDBEhZVRtkLqnC21FGs_oW5_IRmqwX7k5Ld7VmgK3B6NaKkV-c09iH-IYR8f4rxgFYU0V9A0ivckPpiffXVScX6kRY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
                                                        p3p: CP="NOI DEVo TAIa OUR BUS"
                                                        x-function: 206
                                                        x-reuse-index: 54
                                                        cache-control: no-cache
                                                        cache-control: private
                                                        expires: Thu, 01 Jan 1970 00:00:00 GMT
                                                        pragma: no-cache
                                                        set-cookie: ANON_ID=aenoeUu4YUtmqcnc2vKNbUscMT2ceZc6t5UTZcPNmI; path=/; domain=.tribalfusion.com; expires=Tue, 26-Sep-2023 17:13:20 GMT; SameSite=None; Secure;
                                                        set-cookie: ANON_ID_old=aenoeUu4YUtmqcnc2vKNbUscMT2ceZc6t5UTZcPNmI; path=/; domain=.tribalfusion.com; expires=Tue, 26-Sep-2023 17:13:20 GMT;
                                                        cf-cache-status: DYNAMIC
                                                        server: cloudflare
                                                        cf-ray: 7de78f4f4ed3b785-AMS
                                                        alt-svc: h3=":443"; ma=86400
                                                      • flag-us
                                                        GET
                                                        https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKkb6QduRLwOZ7ZCuKqApRY&google_cver=1&google_push=ATf1kGP745ZYPkDBEhZVRtkLqnC21FGs_oW5_IRmqwX7k5Ld7VmgK3B6NaKkV-c09iH-IYR8f4rxgFYU0V9A0ivckPpiffXVScX6kRY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP745ZYPkDBEhZVRtkLqnC21FGs_oW5_IRmqwX7k5Ld7VmgK3B6NaKkV-c09iH-IYR8f4rxgFYU0V9A0ivckPpiffXVScX6kRY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
                                                        chrome.exe
                                                        Remote address:
                                                        104.18.24.173:443
                                                        Request
                                                        GET /z/i.match?p=b6&u=CAESEKkb6QduRLwOZ7ZCuKqApRY&google_cver=1&google_push=ATf1kGP745ZYPkDBEhZVRtkLqnC21FGs_oW5_IRmqwX7k5Ld7VmgK3B6NaKkV-c09iH-IYR8f4rxgFYU0V9A0ivckPpiffXVScX6kRY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP745ZYPkDBEhZVRtkLqnC21FGs_oW5_IRmqwX7k5Ld7VmgK3B6NaKkV-c09iH-IYR8f4rxgFYU0V9A0ivckPpiffXVScX6kRY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP/2.0
                                                        host: s.tribalfusion.com
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                        sec-fetch-site: cross-site
                                                        sec-fetch-mode: no-cors
                                                        sec-fetch-dest: image
                                                        referer: https://pagead2.googlesyndication.com/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                        cookie: ANON_ID=aenoeUu4YUtmqcnc2vKNbUscMT2ceZc6t5UTZcPNmI
                                                        Response
                                                        HTTP/2.0 200
                                                        date: Wed, 28 Jun 2023 17:13:20 GMT
                                                        content-type: image/gif; charset=utf-8
                                                        content-length: 43
                                                        p3p: CP="NOI DEVo TAIa OUR BUS"
                                                        x-function: 302
                                                        cache-control: no-cache
                                                        cache-control: private
                                                        expires: Thu, 01 Jan 1970 00:00:00 GMT
                                                        pragma: no-cache
                                                        set-cookie: ANON_ID=aanseFx2eNlSE0U7bdvNWxTTvvvnMpq6mnUb3PrEg2XxMZdXAvNCFNZdnGbRWM553c9oZbvJ5PeatTnnxNn5QNr; path=/; domain=.tribalfusion.com; expires=Tue, 26-Sep-2023 17:13:20 GMT; SameSite=None; Secure;
                                                        set-cookie: ANON_ID_old=aanseFx2eNlSE0U7bdvNWxTTvvvnMpq6mnUb3PrEg2XxMZdXAvNCFNZdnGbRWM553c9oZbvJ5PeatTnnxNn5QNr; path=/; domain=.tribalfusion.com; expires=Tue, 26-Sep-2023 17:13:20 GMT;
                                                        cf-cache-status: DYNAMIC
                                                        server: cloudflare
                                                        cf-ray: 7de78f5098c0b785-AMS
                                                        alt-svc: h3=":443"; ma=86400
                                                      • flag-us
                                                        DNS
                                                        b1sync.zemanta.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        b1sync.zemanta.com
                                                        IN A
                                                        Response
                                                        b1sync.zemanta.com
                                                        IN CNAME
                                                        zemanta-nychi.zemanta.com
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        70.42.32.31
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        64.74.236.127
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        64.74.236.95
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        70.42.32.95
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        50.31.142.223
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        50.31.142.63
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        50.31.142.31
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        64.202.112.31
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        64.202.112.255
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        64.202.112.127
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        70.42.32.63
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        64.74.236.159
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        50.31.142.255
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        70.42.32.255
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        64.202.112.223
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        64.202.112.63
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        64.74.236.255
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        64.74.236.191
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        50.31.142.127
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        64.202.112.95
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        64.74.236.223
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        64.202.112.159
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        70.42.32.159
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        64.74.236.31
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        70.42.32.191
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        70.42.32.223
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        64.202.112.191
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        50.31.142.159
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        50.31.142.95
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        64.74.236.63
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        70.42.32.127
                                                        zemanta-nychi.zemanta.com
                                                        IN A
                                                        50.31.142.191
                                                      • flag-us
                                                        DNS
                                                        s.tribalfusion.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        s.tribalfusion.com
                                                        IN A
                                                        Response
                                                        s.tribalfusion.com
                                                        IN A
                                                        104.18.25.173
                                                        s.tribalfusion.com
                                                        IN A
                                                        104.18.24.173
                                                      • flag-us
                                                        DNS
                                                        22.236.234.209.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        22.236.234.209.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        22.236.234.209.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        22.236.234.209.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        134.179.250.142.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        134.179.250.142.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        134.179.250.142.in-addr.arpa
                                                        IN PTR
                                                        ams17s10-in-f61e100net
                                                      • flag-us
                                                        DNS
                                                        198.23.217.172.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        198.23.217.172.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        198.23.217.172.in-addr.arpa
                                                        IN PTR
                                                        prg03s05-in-f1981e100net
                                                        198.23.217.172.in-addr.arpa
                                                        IN PTR
                                                        ams16s37-in-f6�J
                                                        198.23.217.172.in-addr.arpa
                                                        IN PTR
                                                        prg03s05-in-f6�J
                                                      • flag-us
                                                        DNS
                                                        14.147.66.18.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        14.147.66.18.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        14.147.66.18.in-addr.arpa
                                                        IN PTR
                                                        server-18-66-147-14fra60r cloudfrontnet
                                                      • flag-us
                                                        DNS
                                                        25.248.221.23.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        25.248.221.23.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        25.248.221.23.in-addr.arpa
                                                        IN PTR
                                                        a23-221-248-25deploystaticakamaitechnologiescom
                                                      • flag-us
                                                        DNS
                                                        67.211.227.13.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        67.211.227.13.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        67.211.227.13.in-addr.arpa
                                                        IN PTR
                                                        server-13-227-211-67ams54r cloudfrontnet
                                                      • flag-us
                                                        DNS
                                                        146.60.190.35.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        146.60.190.35.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        146.60.190.35.in-addr.arpa
                                                        IN PTR
                                                        1466019035bcgoogleusercontentcom
                                                      • flag-us
                                                        DNS
                                                        251.235.234.209.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        251.235.234.209.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        251.235.234.209.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        251.235.234.209.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        173.24.18.104.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        173.24.18.104.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        245.132.29.185.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        245.132.29.185.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        42.141.71.52.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        42.141.71.52.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        42.141.71.52.in-addr.arpa
                                                        IN PTR
                                                        ec2-52-71-141-42 compute-1 amazonawscom
                                                      • flag-us
                                                        DNS
                                                        42.141.71.52.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        42.141.71.52.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        42.141.71.52.in-addr.arpa
                                                        IN PTR
                                                        ec2-52-71-141-42 compute-1 amazonawscom
                                                      • flag-us
                                                        DNS
                                                        31.32.42.70.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        31.32.42.70.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        31.32.42.70.in-addr.arpa
                                                        IN PTR
                                                        nyoutbraincom
                                                      • flag-us
                                                        DNS
                                                        cdnjs.cloudflare.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        cdnjs.cloudflare.com
                                                        IN A
                                                        Response
                                                        cdnjs.cloudflare.com
                                                        IN A
                                                        104.17.24.14
                                                        cdnjs.cloudflare.com
                                                        IN A
                                                        104.17.25.14
                                                      • flag-us
                                                        GET
                                                        https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.2/TweenMax.min.js
                                                        chrome.exe
                                                        Remote address:
                                                        104.17.24.14:443
                                                        Request
                                                        GET /ajax/libs/gsap/1.18.2/TweenMax.min.js HTTP/2.0
                                                        host: cdnjs.cloudflare.com
                                                        sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                        sec-ch-ua-mobile: ?0
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        sec-ch-ua-platform: "Windows"
                                                        accept: */*
                                                        sec-fetch-site: cross-site
                                                        sec-fetch-mode: no-cors
                                                        sec-fetch-dest: script
                                                        referer: https://www.wsoddata.com/
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                        Response
                                                        HTTP/2.0 200
                                                        date: Wed, 28 Jun 2023 17:13:22 GMT
                                                        content-type: application/javascript; charset=utf-8
                                                        content-length: 31489
                                                        access-control-allow-origin: *
                                                        cache-control: public, max-age=30672000
                                                        content-encoding: br
                                                        etag: "5eb03e71-1a78a"
                                                        last-modified: Mon, 04 May 2020 16:10:25 GMT
                                                        cf-cdnjs-via: cfworker/kv
                                                        cross-origin-resource-policy: cross-origin
                                                        timing-allow-origin: *
                                                        x-content-type-options: nosniff
                                                        vary: Accept-Encoding
                                                        cf-cache-status: HIT
                                                        age: 471786
                                                        expires: Mon, 17 Jun 2024 17:13:22 GMT
                                                        accept-ranges: bytes
                                                        report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RAxJ3MyChyVBXtKHdTV3ZNNHoPzzwiZc1kkvW8%2FBe3iDXd7Lwq%2FCDKKu%2BWfd%2BJrt%2BLOUo9oI%2FR8Q49VmN2FqG7qYZOv%2F4hUcS%2F8G7yx8yc0vFjaCZ%2FNFks%2BBLaTMAozM665n72BT"}],"group":"cf-nel","max_age":604800}
                                                        nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
                                                        strict-transport-security: max-age=15780000
                                                        server: cloudflare
                                                        cf-ray: 7de78f588da6b7a3-AMS
                                                        alt-svc: h3=":443"; ma=86400
                                                      • flag-us
                                                        DNS
                                                        14.24.17.104.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        14.24.17.104.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                      • flag-us
                                                        DNS
                                                        beacons.gcp.gvt2.com
                                                        chrome.exe
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        beacons.gcp.gvt2.com
                                                        IN A
                                                        Response
                                                        beacons.gcp.gvt2.com
                                                        IN CNAME
                                                        beacons-handoff.gcp.gvt2.com
                                                        beacons-handoff.gcp.gvt2.com
                                                        IN A
                                                        216.58.213.3
                                                      • flag-gb
                                                        POST
                                                        https://beacons.gcp.gvt2.com/domainreliability/upload
                                                        chrome.exe
                                                        Remote address:
                                                        216.58.213.3:443
                                                        Request
                                                        POST /domainreliability/upload HTTP/2.0
                                                        host: beacons.gcp.gvt2.com
                                                        content-length: 504
                                                        content-type: application/json; charset=utf-8
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                      • flag-gb
                                                        POST
                                                        https://beacons.gcp.gvt2.com/domainreliability/upload
                                                        chrome.exe
                                                        Remote address:
                                                        216.58.213.3:443
                                                        Request
                                                        POST /domainreliability/upload HTTP/2.0
                                                        host: beacons.gcp.gvt2.com
                                                        content-length: 1714
                                                        content-type: application/json; charset=utf-8
                                                        user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                        accept-encoding: gzip, deflate, br
                                                        accept-language: en-US,en;q=0.9
                                                      • flag-us
                                                        DNS
                                                        3.213.58.216.in-addr.arpa
                                                        Remote address:
                                                        8.8.8.8:53
                                                        Request
                                                        3.213.58.216.in-addr.arpa
                                                        IN PTR
                                                        Response
                                                        3.213.58.216.in-addr.arpa
                                                        IN PTR
                                                        lhr25s25-in-f31e100net
                                                        3.213.58.216.in-addr.arpa
                                                        IN PTR
                                                        ber01s14-in-f3�F
                                                      • 193.0.160.131:80
                                                        http://p.rfihub.com/
                                                        http
                                                        chrome.exe
                                                        2.7kB
                                                        2.3kB
                                                        14
                                                        13

                                                        HTTP Request

                                                        GET http://p.rfihub.com/

                                                        HTTP Response

                                                        404

                                                        HTTP Request

                                                        GET http://p.rfihub.com/favicon.ico

                                                        HTTP Response

                                                        404

                                                        HTTP Request

                                                        GET http://p.rfihub.com/

                                                        HTTP Response

                                                        404

                                                        HTTP Request

                                                        GET http://p.rfihub.com/

                                                        HTTP Response

                                                        404

                                                        HTTP Request

                                                        GET http://p.rfihub.com/

                                                        HTTP Response

                                                        404
                                                      • 193.0.160.131:80
                                                        p.rfihub.com
                                                        chrome.exe
                                                        236 B
                                                        172 B
                                                        5
                                                        4
                                                      • 13.89.178.26:443
                                                        322 B
                                                        7
                                                      • 2.18.121.83:80
                                                        322 B
                                                        7
                                                      • 216.58.214.10:443
                                                        https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAlL1An4iaKj4hIFDUqFnlI=?alt=proto
                                                        tls, http2
                                                        chrome.exe
                                                        1.7kB
                                                        6.9kB
                                                        13
                                                        14

                                                        HTTP Request

                                                        GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAlL1An4iaKj4hIFDUqFnlI=?alt=proto
                                                      • 142.251.36.14:443
                                                        https://play.google.com/log?format=json&hasfast=true&authuser=0
                                                        tls, http2
                                                        chrome.exe
                                                        1.7kB
                                                        8.4kB
                                                        13
                                                        14

                                                        HTTP Request

                                                        OPTIONS https://play.google.com/log?format=json&hasfast=true&authuser=0
                                                      • 142.251.39.99:443
                                                        https://id.google.com/verify/AGXHOl1hJ16tdVBwxvrCTcDktiyx2GTeSdNKrFXNksZBnDL4UxwNLZ-8_aWzBSm23RAQTNOtsO1jFn_1dBC9PrlIjezuBHTyKXom-9OXZ0f03Vo
                                                        tls, http2
                                                        chrome.exe
                                                        2.1kB
                                                        9.4kB
                                                        14
                                                        17

                                                        HTTP Request

                                                        GET https://id.google.com/verify/AGXHOl1hJ16tdVBwxvrCTcDktiyx2GTeSdNKrFXNksZBnDL4UxwNLZ-8_aWzBSm23RAQTNOtsO1jFn_1dBC9PrlIjezuBHTyKXom-9OXZ0f03Vo
                                                      • 104.26.8.188:443
                                                        https://malwaretips.com/blogs/remove-p-rfihub-com/
                                                        tls, http2
                                                        chrome.exe
                                                        4.0kB
                                                        63.2kB
                                                        60
                                                        108

                                                        HTTP Request

                                                        GET https://malwaretips.com/blogs/remove-p-rfihub-com/

                                                        HTTP Response

                                                        200
                                                      • 104.26.8.188:443
                                                        malwaretips.com
                                                        tls, http2
                                                        chrome.exe
                                                        897 B
                                                        2.9kB
                                                        7
                                                        6
                                                      • 142.250.179.130:443
                                                        https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html
                                                        tls, http2
                                                        chrome.exe
                                                        1.9kB
                                                        11.5kB
                                                        14
                                                        17

                                                        HTTP Request

                                                        GET https://googleads.g.doubleclick.net/pagead/html/r20230620/r20190131/zrt_lookup.html
                                                      • 192.0.73.2:443
                                                        https://secure.gravatar.com/avatar/e0751a5cec343d088082e4bb3a7a3b3b?s=33&d=wavatar&r=g
                                                        tls, http2
                                                        chrome.exe
                                                        2.2kB
                                                        11.7kB
                                                        21
                                                        25

                                                        HTTP Request

                                                        GET https://secure.gravatar.com/avatar/e0751a5cec343d088082e4bb3a7a3b3b?s=35&d=wavatar&r=g

                                                        HTTP Request

                                                        GET https://secure.gravatar.com/avatar/e0751a5cec343d088082e4bb3a7a3b3b?s=33&d=wavatar&r=g
                                                      • 192.0.73.2:443
                                                        secure.gravatar.com
                                                        tls, http2
                                                        chrome.exe
                                                        1.1kB
                                                        4.8kB
                                                        11
                                                        9
                                                      • 142.251.36.2:443
                                                        https://partner.googleadservices.com/gampad/cookie.js?domain=malwaretips.com&callback=_gfp_s_&client=ca-pub-7750719144850257
                                                        tls, http2
                                                        chrome.exe
                                                        1.8kB
                                                        6.9kB
                                                        14
                                                        15

                                                        HTTP Request

                                                        GET https://partner.googleadservices.com/gampad/cookie.js?domain=malwaretips.com&callback=_gfp_s_&client=ca-pub-7750719144850257
                                                      • 142.251.36.1:443
                                                        tpc.googlesyndication.com
                                                        tls, http2
                                                        chrome.exe
                                                        999 B
                                                        5.8kB
                                                        9
                                                        8
                                                      • 142.251.36.1:443
                                                        https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js
                                                        tls, http2
                                                        chrome.exe
                                                        3.4kB
                                                        90.2kB
                                                        44
                                                        73

                                                        HTTP Request

                                                        GET https://tpc.googlesyndication.com/simgad/11109686247690101921?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm3lGmNOIN49KIAHgnqC61QGnm_7A

                                                        HTTP Request

                                                        GET https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/abg_lite_fy2021.js
                                                      • 172.217.23.194:443
                                                        https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
                                                        tls, http2
                                                        chrome.exe
                                                        2.7kB
                                                        67.5kB
                                                        35
                                                        57

                                                        HTTP Request

                                                        GET https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
                                                      • 85.114.159.93:443
                                                        dsp.adfarm1.adition.com
                                                        tls
                                                        chrome.exe
                                                        1.9kB
                                                        4.6kB
                                                        11
                                                        11
                                                      • 213.155.156.181:443
                                                        https://d5p.de17a.com/cookies/google?google_gid=CAESEPVWZ-cxZvUzCi3dzWSOXME&google_cver=1&google_push=ATf1kGPDMtMHZT_41fcrESb0V8eZwwqyE0lPkQ2zMAiiWS25kZdJxIkgfmbmnFntYHOw0Kgo2Jfj0aOl7H17eFQETSZcx8aI3yD4
                                                        tls, http2
                                                        chrome.exe
                                                        1.9kB
                                                        5.6kB
                                                        15
                                                        15

                                                        HTTP Request

                                                        GET https://d5p.de17a.com/cookies/google?google_gid=CAESEPVWZ-cxZvUzCi3dzWSOXME&google_cver=1&google_push=ATf1kGPDMtMHZT_41fcrESb0V8eZwwqyE0lPkQ2zMAiiWS25kZdJxIkgfmbmnFntYHOw0Kgo2Jfj0aOl7H17eFQETSZcx8aI3yD4

                                                        HTTP Response

                                                        200
                                                      • 174.137.133.49:443
                                                        dsp.adkernel.com
                                                        tls
                                                        chrome.exe
                                                        1.9kB
                                                        5.3kB
                                                        10
                                                        9
                                                      • 34.91.62.186:443
                                                        um.simpli.fi
                                                        tls
                                                        chrome.exe
                                                        1.9kB
                                                        5.6kB
                                                        12
                                                        11
                                                      • 162.55.80.222:443
                                                        sync-dmp.aura-dsp.com
                                                        chrome.exe
                                                        156 B
                                                        3
                                                      • 35.208.249.213:443
                                                        https://trace.mediago.io/cs/google?google_gid=CAESEAE4ZqG4Fyjchg9dycOBSik&google_cver=1&google_push=ATf1kGO4nNzmR2SsBlJ-NDF2vfs2jlwQOGI1ngNEJSzPt4I_XoWJR_uCB6s7foGVw8OBSrLwwSCcVTtgTbiEaBV24Ruq-uitMffY4bI
                                                        tls, http2
                                                        chrome.exe
                                                        2.0kB
                                                        5.3kB
                                                        15
                                                        15

                                                        HTTP Request

                                                        GET https://trace.mediago.io/cs/google?google_gid=CAESEAE4ZqG4Fyjchg9dycOBSik&google_cver=1&google_push=ATf1kGO4nNzmR2SsBlJ-NDF2vfs2jlwQOGI1ngNEJSzPt4I_XoWJR_uCB6s7foGVw8OBSrLwwSCcVTtgTbiEaBV24Ruq-uitMffY4bI
                                                      • 142.251.36.2:443
                                                        https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JmKCkvctsFwUHzvVZ6gGwTx9nBxEvDYzCtWyPko0JKY3GujUvrB5tpRMu2BmLJhOLxB7Ae0Log
                                                        tls, http2
                                                        chrome.exe
                                                        1.8kB
                                                        6.4kB
                                                        11
                                                        12

                                                        HTTP Request

                                                        GET https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JmKCkvctsFwUHzvVZ6gGwTx9nBxEvDYzCtWyPko0JKY3GujUvrB5tpRMu2BmLJhOLxB7Ae0Log
                                                      • 193.0.160.130:443
                                                        a.rfihub.com
                                                        tls
                                                        chrome.exe
                                                        7.1kB
                                                        8.4kB
                                                        15
                                                        16
                                                      • 162.55.80.222:443
                                                        sync-dmp.aura-dsp.com
                                                        chrome.exe
                                                        156 B
                                                        3
                                                      • 209.234.236.22:443
                                                        https://ad.wsod.com/view/a5878a3d6f2be40db26311f6f8fb21a3/8192.7626.101.160x600.1687972400.L5744649c6a302666c.6245.__.0/1687972399007.4275**;101%7C0%7C25;
                                                        tls, http
                                                        chrome.exe
                                                        10.1kB
                                                        14.6kB
                                                        25
                                                        28

                                                        HTTP Request

                                                        GET https://ad.wsod.com/embed/a5878a3d6f2be40db26311f6f8fb21a3/8192.0.js.160x600/xaSxk-2RvCna?click=https://a.rfihub.com/ac/b/c3Q9aHRtbCZhYT01MDk1ODIzLDEyMjM3NzYyMywyNDE4MDg5LDI3MDU3OTE5NywxODc5MjUsMTU3ODM2NSw1YTkxZDc2MzczZDIxNTA3NjUyZjlkMzAwODEyY2MyYixwLDQyOTc3LDU2ODk3Myw3Nzc4MTA3Myw1MDE3NDksMTMwMzYxMyZtdD0xJnJiPTQ0NSZyZT0xMjM4NiZoY2k9JnV1aWQ9NTU5OTYzMTU2NjY5ODI5MTA3MCZkaT0mZGM9MyZkaXNyYz0wJmJpcD0xNTQuNjEuNzEuMCZkaWQ9dGlkXzE1NzgzNjV8bWVkX3JlZ3VsYXI./n/

                                                        HTTP Response

                                                        200

                                                        HTTP Request

                                                        GET https://ad.wsod.com/user_privacy.php?v=20230105b

                                                        HTTP Response

                                                        200

                                                        HTTP Request

                                                        GET https://ad.wsod.com/embed/a5878a3d6f2be40db26311f6f8fb21a3/8192.0.js.160x600/1687972399**;1,0,0;1280x720x1;https%3A_@2F_@2Fgoogleads.g.doubleclick.net_@2Fpagead_@2Fads_@3Fclient%3Dca-pub-7750719144850257_@26output%3Dhtml_@26h%3D600_@26slotname%3D6376638919_@26adk%3D3861630186_@26adf%3D3093873505_@26pi%3Dt.ma~as.6376638919_@26w%3D256_@26fwrn%3D4_@26fwrnh%3D100_@26lmt%3D1687972396_@26rafmt%3D1_@26format%3D256x600_@26url%3Dhttps%253A%252F%252Fmalwaretips.com%252Fblogs%252Fremove-p-rfihub-com%252F_@26fwr%3D0_@26rpe%3D1_@26resp_fmts%3D4_@26wgl%3D1_@26uach%3DWyJXaW5kb3dzIiwiNC4wLjAiLCJ4ODYiLCIiLCIxMDYuMC41MjQ5LjExOSIsW10sMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMDYuMC41MjQ5LjExOSJdLFsiR29vZ2xlIENocm9tZSIsIjEwNi4wLjUyNDkuMTE5Il0sWyJOb3Q7QT1CcmFuZCIsIjk5LjAuMC4wIl1dLDBd_@26dt%3D1687972396808_@26bpp%3D1_@26bdt%3D10484_@26idt%3D0_@26shv%3Dr20230620_@26mjsv%3Dm202306161001_@26ptt%3D9_@26saldr%3Daa_@26abxe%3D1_@26cookie%3DID%253D14458b3ad5d06fdb-22ee111d05e20045%253AT%253D1687972389%253ART%253D1687972389%253AS%253DALNI_MarsksMJDVfeXToUBl1T1ATeUTd-Q_@26gpic%3DUID%253D00000c7a70aa4021%253AT%253D1687972389%253ART%253D1687972389%253AS%253DALNI_MZ9dei8rNcJ_CeDn9bLZCrEwH_uEA_@26prev_fmts%3D0x0%252C256x600%252C867x280_@26nras%3D1_@26correlator%3D8198946555259_@26frm%3D20_@26pv%3D1_@26ga_vid%3D37881037.1687972388_@26ga_sid%3D1687972388_@26ga_hid%3D1239201660;;;?click=https://a.rfihub.com/ac/b/c3Q9aHRtbCZhYT01MDk1ODIzLDEyMjM3NzYyMywyNDE4MDg5LDI3MDU3OTE5NywxODc5MjUsMTU3ODM2NSw1YTkxZDc2MzczZDIxNTA3NjUyZjlkMzAwODEyY2MyYixwLDQyOTc3LDU2ODk3Myw3Nzc4MTA3Myw1MDE3NDksMTMwMzYxMyZtdD0xJnJiPTQ0NSZyZT0xMjM4NiZoY2k9JnV1aWQ9NTU5OTYzMTU2NjY5ODI5MTA3MCZkaT0mZGM9MyZkaXNyYz0wJmJpcD0xNTQuNjEuNzEuMCZkaWQ9dGlkXzE1NzgzNjV8bWVkX3JlZ3VsYXI./n/

                                                        HTTP Response

                                                        200

                                                        HTTP Request

                                                        GET https://ad.wsod.com//pixel/lr.php

                                                        HTTP Response

                                                        302

                                                        HTTP Request

                                                        GET https://ad.wsod.com/view/a5878a3d6f2be40db26311f6f8fb21a3/8192.7626.1.160x600.1687972400.L5744649c6a302666c.6245.__.0/1687972399007.4275**;;

                                                        HTTP Response

                                                        200

                                                        HTTP Request

                                                        GET https://ad.wsod.com/view/a5878a3d6f2be40db26311f6f8fb21a3/8192.7626.10_101.160x600.1687972400.L5744649c6a302666c.6245.__.0/1687972399007.4275**;101%7C1%7C1;

                                                        HTTP Response

                                                        200

                                                        HTTP Request

                                                        GET https://ad.wsod.com/view/a5878a3d6f2be40db26311f6f8fb21a3/8192.7626.101.160x600.1687972400.L5744649c6a302666c.6245.__.0/1687972399007.4275**;101%7C0%7C5;

                                                        HTTP Response

                                                        200

                                                        HTTP Request

                                                        GET https://ad.wsod.com/view/a5878a3d6f2be40db26311f6f8fb21a3/8192.7626.101.160x600.1687972400.L5744649c6a302666c.6245.__.0/1687972399007.4275**;101%7C0%7C25;

                                                        HTTP Response

                                                        200
                                                      • 209.234.236.22:443
                                                        ad.wsod.com
                                                        tls
                                                        chrome.exe
                                                        962 B
                                                        771 B
                                                        6
                                                        5
                                                      • 142.250.179.134:443
                                                        https://1620481.fls.doubleclick.net/activityi;src=1620481;type=tdame177;cat=modin0;u15=L5744649c6a302666c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=1?
                                                        tls, http2
                                                        chrome.exe
                                                        1.9kB
                                                        7.0kB
                                                        12
                                                        14

                                                        HTTP Request

                                                        GET https://1620481.fls.doubleclick.net/activityi;src=1620481;type=tdame177;cat=modin0;u15=L5744649c6a302666c;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=1?
                                                      • 23.221.248.25:443
                                                        https://ad.wsodcdn.com/adview/madview-min-0.0.19-0.js
                                                        tls, http2
                                                        chrome.exe
                                                        1.8kB
                                                        13.8kB
                                                        16
                                                        21

                                                        HTTP Request

                                                        GET https://ad.wsodcdn.com/adview/madview-min-0.0.19-0.js

                                                        HTTP Response

                                                        200
                                                      • 18.66.147.14:443
                                                        https://tag.researchnow.com/t/beacon?adn=3&ca=221&cr=7626&ord=1687972400&pl=8192&pr=12237&si=84
                                                        tls, http2
                                                        chrome.exe
                                                        1.7kB
                                                        7.3kB
                                                        13
                                                        15

                                                        HTTP Request

                                                        GET https://tag.researchnow.com/t/beacon?adn=3&ca=221&cr=7626&ord=1687972400&pl=8192&pr=12237&si=84

                                                        HTTP Response

                                                        200
                                                      • 209.234.235.251:443
                                                        www.wsoddata.com
                                                        tls
                                                        chrome.exe
                                                        13.2kB
                                                        17.0kB
                                                        27
                                                        37
                                                      • 35.190.60.146:443
                                                        https://idsync.rlcdn.com/403486.gif?partner_uid=L5744649c6a302666c
                                                        tls, http2
                                                        chrome.exe
                                                        1.8kB
                                                        8.0kB
                                                        14
                                                        17

                                                        HTTP Request

                                                        GET https://idsync.rlcdn.com/403486.gif?partner_uid=L5744649c6a302666c
                                                      • 185.29.132.245:443
                                                        sync.mathtag.com
                                                        tls
                                                        chrome.exe
                                                        1.8kB
                                                        5.0kB
                                                        8
                                                        9
                                                      • 52.71.141.42:443
                                                        pm.w55c.net
                                                        tls
                                                        chrome.exe
                                                        2.9kB
                                                        7.7kB
                                                        10
                                                        11
                                                      • 104.18.24.173:443
                                                        https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKkb6QduRLwOZ7ZCuKqApRY&google_cver=1&google_push=ATf1kGP745ZYPkDBEhZVRtkLqnC21FGs_oW5_IRmqwX7k5Ld7VmgK3B6NaKkV-c09iH-IYR8f4rxgFYU0V9A0ivckPpiffXVScX6kRY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP745ZYPkDBEhZVRtkLqnC21FGs_oW5_IRmqwX7k5Ld7VmgK3B6NaKkV-c09iH-IYR8f4rxgFYU0V9A0ivckPpiffXVScX6kRY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
                                                        tls, http2
                                                        chrome.exe
                                                        2.4kB
                                                        4.6kB
                                                        13
                                                        14

                                                        HTTP Request

                                                        GET https://a.tribalfusion.com/i.match?p=b6&u=CAESEKkb6QduRLwOZ7ZCuKqApRY&google_cver=1&google_push=ATf1kGP745ZYPkDBEhZVRtkLqnC21FGs_oW5_IRmqwX7k5Ld7VmgK3B6NaKkV-c09iH-IYR8f4rxgFYU0V9A0ivckPpiffXVScX6kRY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP745ZYPkDBEhZVRtkLqnC21FGs_oW5_IRmqwX7k5Ld7VmgK3B6NaKkV-c09iH-IYR8f4rxgFYU0V9A0ivckPpiffXVScX6kRY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

                                                        HTTP Response

                                                        302

                                                        HTTP Request

                                                        GET https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKkb6QduRLwOZ7ZCuKqApRY&google_cver=1&google_push=ATf1kGP745ZYPkDBEhZVRtkLqnC21FGs_oW5_IRmqwX7k5Ld7VmgK3B6NaKkV-c09iH-IYR8f4rxgFYU0V9A0ivckPpiffXVScX6kRY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP745ZYPkDBEhZVRtkLqnC21FGs_oW5_IRmqwX7k5Ld7VmgK3B6NaKkV-c09iH-IYR8f4rxgFYU0V9A0ivckPpiffXVScX6kRY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

                                                        HTTP Response

                                                        200
                                                      • 8.8.8.8:53
                                                        b1sync.zemanta.com
                                                        dns
                                                        chrome.exe
                                                        268 B
                                                        750 B
                                                        5
                                                        4

                                                        DNS Request

                                                        b1sync.zemanta.com

                                                        DNS Response

                                                        70.42.32.31
                                                        64.74.236.127
                                                        64.74.236.95
                                                        70.42.32.95
                                                        50.31.142.223
                                                        50.31.142.63
                                                        50.31.142.31
                                                        64.202.112.31
                                                        64.202.112.255
                                                        64.202.112.127
                                                        70.42.32.63
                                                        64.74.236.159
                                                        50.31.142.255
                                                        70.42.32.255
                                                        64.202.112.223
                                                        64.202.112.63
                                                        64.74.236.255
                                                        64.74.236.191
                                                        50.31.142.127
                                                        64.202.112.95
                                                        64.74.236.223
                                                        64.202.112.159
                                                        70.42.32.159
                                                        64.74.236.31
                                                        70.42.32.191
                                                        70.42.32.223
                                                        64.202.112.191
                                                        50.31.142.159
                                                        50.31.142.95
                                                        64.74.236.63
                                                        70.42.32.127
                                                        50.31.142.191

                                                      • 70.42.32.31:443
                                                        b1sync.zemanta.com
                                                        tls
                                                        chrome.exe
                                                        2.8kB
                                                        5.9kB
                                                        12
                                                        10
                                                      • 209.234.235.251:443
                                                        www.wsoddata.com
                                                        tls
                                                        chrome.exe
                                                        8.1kB
                                                        12.9kB
                                                        21
                                                        25
                                                      • 209.234.235.251:443
                                                        www.wsoddata.com
                                                        tls
                                                        chrome.exe
                                                        2.8kB
                                                        9.1kB
                                                        11
                                                        15
                                                      • 209.234.235.251:443
                                                        www.wsoddata.com
                                                        tls
                                                        chrome.exe
                                                        2.8kB
                                                        8.7kB
                                                        11
                                                        15
                                                      • 209.234.235.251:443
                                                        www.wsoddata.com
                                                        tls
                                                        chrome.exe
                                                        2.8kB
                                                        7.6kB
                                                        11
                                                        14
                                                      • 209.234.235.251:443
                                                        www.wsoddata.com
                                                        tls
                                                        chrome.exe
                                                        2.7kB
                                                        6.2kB
                                                        10
                                                        12
                                                      • 104.17.24.14:443
                                                        https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.2/TweenMax.min.js
                                                        tls, http2
                                                        chrome.exe
                                                        2.3kB
                                                        37.0kB
                                                        26
                                                        39

                                                        HTTP Request

                                                        GET https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.2/TweenMax.min.js

                                                        HTTP Response

                                                        200
                                                      • 216.58.213.3:443
                                                        beacons.gcp.gvt2.com
                                                        tls, http2
                                                        chrome.exe
                                                        999 B
                                                        5.8kB
                                                        9
                                                        8
                                                      • 216.58.213.3:443
                                                        https://beacons.gcp.gvt2.com/domainreliability/upload
                                                        tls, http2
                                                        chrome.exe
                                                        4.2kB
                                                        7.3kB
                                                        19
                                                        17

                                                        HTTP Request

                                                        POST https://beacons.gcp.gvt2.com/domainreliability/upload

                                                        HTTP Request

                                                        POST https://beacons.gcp.gvt2.com/domainreliability/upload
                                                      • 8.8.8.8:53
                                                        p.rfihub.com
                                                        dns
                                                        chrome.exe
                                                        58 B
                                                        148 B
                                                        1
                                                        1

                                                        DNS Request

                                                        p.rfihub.com

                                                        DNS Response

                                                        193.0.160.131

                                                      • 8.8.8.8:53
                                                        250.255.255.239.in-addr.arpa
                                                        dns
                                                        74 B
                                                        131 B
                                                        1
                                                        1

                                                        DNS Request

                                                        250.255.255.239.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        195.179.250.142.in-addr.arpa
                                                        dns
                                                        74 B
                                                        112 B
                                                        1
                                                        1

                                                        DNS Request

                                                        195.179.250.142.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        131.160.0.193.in-addr.arpa
                                                        dns
                                                        72 B
                                                        132 B
                                                        1
                                                        1

                                                        DNS Request

                                                        131.160.0.193.in-addr.arpa

                                                      • 224.0.0.251:5353
                                                        chrome.exe
                                                        204 B
                                                        3
                                                      • 8.8.8.8:53
                                                        251.0.0.224.in-addr.arpa
                                                        dns
                                                        70 B
                                                        127 B
                                                        1
                                                        1

                                                        DNS Request

                                                        251.0.0.224.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        b.f.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa
                                                        dns
                                                        118 B
                                                        182 B
                                                        1
                                                        1

                                                        DNS Request

                                                        b.f.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.f.f.ip6.arpa

                                                      • 8.8.8.8:53
                                                        196.168.217.172.in-addr.arpa
                                                        dns
                                                        74 B
                                                        112 B
                                                        1
                                                        1

                                                        DNS Request

                                                        196.168.217.172.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        63.13.109.52.in-addr.arpa
                                                        dns
                                                        71 B
                                                        145 B
                                                        1
                                                        1

                                                        DNS Request

                                                        63.13.109.52.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        131.179.250.142.in-addr.arpa
                                                        dns
                                                        74 B
                                                        112 B
                                                        1
                                                        1

                                                        DNS Request

                                                        131.179.250.142.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        apis.google.com
                                                        dns
                                                        chrome.exe
                                                        61 B
                                                        98 B
                                                        1
                                                        1

                                                        DNS Request

                                                        apis.google.com

                                                        DNS Response

                                                        172.217.23.206

                                                      • 8.8.8.8:53
                                                        content-autofill.googleapis.com
                                                        dns
                                                        chrome.exe
                                                        77 B
                                                        221 B
                                                        1
                                                        1

                                                        DNS Request

                                                        content-autofill.googleapis.com

                                                        DNS Response

                                                        216.58.214.10
                                                        142.250.179.138
                                                        142.251.36.42
                                                        172.217.168.234
                                                        142.250.179.170
                                                        142.250.179.202
                                                        142.251.36.10
                                                        142.251.39.106
                                                        172.217.23.202

                                                      • 172.217.23.206:443
                                                        apis.google.com
                                                        https
                                                        chrome.exe
                                                        5.0kB
                                                        51.0kB
                                                        29
                                                        45
                                                      • 8.8.8.8:53
                                                        play.google.com
                                                        dns
                                                        chrome.exe
                                                        61 B
                                                        77 B
                                                        1
                                                        1

                                                        DNS Request

                                                        play.google.com

                                                        DNS Response

                                                        142.251.36.14

                                                      • 142.251.36.14:443
                                                        play.google.com
                                                        https
                                                        chrome.exe
                                                        9.5kB
                                                        8.4kB
                                                        19
                                                        20
                                                      • 8.8.8.8:53
                                                        10.214.58.216.in-addr.arpa
                                                        dns
                                                        72 B
                                                        155 B
                                                        1
                                                        1

                                                        DNS Request

                                                        10.214.58.216.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        206.23.217.172.in-addr.arpa
                                                        dns
                                                        73 B
                                                        173 B
                                                        1
                                                        1

                                                        DNS Request

                                                        206.23.217.172.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        14.36.251.142.in-addr.arpa
                                                        dns
                                                        72 B
                                                        111 B
                                                        1
                                                        1

                                                        DNS Request

                                                        14.36.251.142.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        226.168.217.172.in-addr.arpa
                                                        dns
                                                        74 B
                                                        112 B
                                                        1
                                                        1

                                                        DNS Request

                                                        226.168.217.172.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        id.google.com
                                                        dns
                                                        chrome.exe
                                                        59 B
                                                        75 B
                                                        1
                                                        1

                                                        DNS Request

                                                        id.google.com

                                                        DNS Response

                                                        142.251.39.99

                                                      • 8.8.8.8:53
                                                        99.39.251.142.in-addr.arpa
                                                        dns
                                                        72 B
                                                        110 B
                                                        1
                                                        1

                                                        DNS Request

                                                        99.39.251.142.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        malwaretips.com
                                                        dns
                                                        chrome.exe
                                                        61 B
                                                        109 B
                                                        1
                                                        1

                                                        DNS Request

                                                        malwaretips.com

                                                        DNS Response

                                                        104.26.8.188
                                                        104.26.9.188
                                                        172.67.69.250

                                                      • 104.26.8.188:443
                                                        malwaretips.com
                                                        https
                                                        chrome.exe
                                                        31.6kB
                                                        504.1kB
                                                        146
                                                        463
                                                      • 8.8.8.8:53
                                                        188.8.26.104.in-addr.arpa
                                                        dns
                                                        71 B
                                                        133 B
                                                        1
                                                        1

                                                        DNS Request

                                                        188.8.26.104.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        googleads.g.doubleclick.net
                                                        dns
                                                        chrome.exe
                                                        73 B
                                                        89 B
                                                        1
                                                        1

                                                        DNS Request

                                                        googleads.g.doubleclick.net

                                                        DNS Response

                                                        142.250.179.130

                                                      • 8.8.8.8:53
                                                        98.39.251.142.in-addr.arpa
                                                        dns
                                                        72 B
                                                        110 B
                                                        1
                                                        1

                                                        DNS Request

                                                        98.39.251.142.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        130.179.250.142.in-addr.arpa
                                                        dns
                                                        74 B
                                                        112 B
                                                        1
                                                        1

                                                        DNS Request

                                                        130.179.250.142.in-addr.arpa

                                                      • 216.58.214.10:443
                                                        content-autofill.googleapis.com
                                                        https
                                                        chrome.exe
                                                        3.4kB
                                                        7.1kB
                                                        8
                                                        11
                                                      • 8.8.8.8:53
                                                        secure.gravatar.com
                                                        dns
                                                        chrome.exe
                                                        65 B
                                                        81 B
                                                        1
                                                        1

                                                        DNS Request

                                                        secure.gravatar.com

                                                        DNS Response

                                                        192.0.73.2

                                                      • 8.8.8.8:53
                                                        partner.googleadservices.com
                                                        dns
                                                        chrome.exe
                                                        74 B
                                                        114 B
                                                        1
                                                        1

                                                        DNS Request

                                                        partner.googleadservices.com

                                                        DNS Response

                                                        142.251.36.2

                                                      • 142.250.179.130:443
                                                        googleads.g.doubleclick.net
                                                        https
                                                        chrome.exe
                                                        18.5kB
                                                        102.2kB
                                                        77
                                                        117
                                                      • 8.8.8.8:53
                                                        2.73.0.192.in-addr.arpa
                                                        dns
                                                        69 B
                                                        134 B
                                                        1
                                                        1

                                                        DNS Request

                                                        2.73.0.192.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        8.3.197.209.in-addr.arpa
                                                        dns
                                                        70 B
                                                        111 B
                                                        1
                                                        1

                                                        DNS Request

                                                        8.3.197.209.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        2.36.251.142.in-addr.arpa
                                                        dns
                                                        71 B
                                                        109 B
                                                        1
                                                        1

                                                        DNS Request

                                                        2.36.251.142.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        tpc.googlesyndication.com
                                                        dns
                                                        chrome.exe
                                                        71 B
                                                        87 B
                                                        1
                                                        1

                                                        DNS Request

                                                        tpc.googlesyndication.com

                                                        DNS Response

                                                        142.251.36.1

                                                      • 142.251.36.1:443
                                                        tpc.googlesyndication.com
                                                        https
                                                        chrome.exe
                                                        7.5kB
                                                        71.4kB
                                                        61
                                                        82
                                                      • 8.8.8.8:53
                                                        www.googletagservices.com
                                                        dns
                                                        chrome.exe
                                                        71 B
                                                        87 B
                                                        1
                                                        1

                                                        DNS Request

                                                        www.googletagservices.com

                                                        DNS Response

                                                        172.217.23.194

                                                      • 8.8.8.8:53
                                                        1.36.251.142.in-addr.arpa
                                                        dns
                                                        71 B
                                                        109 B
                                                        1
                                                        1

                                                        DNS Request

                                                        1.36.251.142.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        194.23.217.172.in-addr.arpa
                                                        dns
                                                        73 B
                                                        171 B
                                                        1
                                                        1

                                                        DNS Request

                                                        194.23.217.172.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        um.simpli.fi
                                                        dns
                                                        chrome.exe
                                                        58 B
                                                        106 B
                                                        1
                                                        1

                                                        DNS Request

                                                        um.simpli.fi

                                                        DNS Response

                                                        34.91.62.186
                                                        35.204.74.118
                                                        35.204.158.49

                                                      • 8.8.8.8:53
                                                        dsp.adfarm1.adition.com
                                                        dns
                                                        chrome.exe
                                                        69 B
                                                        101 B
                                                        1
                                                        1

                                                        DNS Request

                                                        dsp.adfarm1.adition.com

                                                        DNS Response

                                                        85.114.159.93
                                                        85.114.159.118

                                                      • 8.8.8.8:53
                                                        d5p.de17a.com
                                                        dns
                                                        chrome.exe
                                                        59 B
                                                        251 B
                                                        1
                                                        1

                                                        DNS Request

                                                        d5p.de17a.com

                                                        DNS Response

                                                        213.155.156.181
                                                        213.155.156.164
                                                        213.155.156.169
                                                        213.155.156.184
                                                        213.155.156.165
                                                        213.155.156.168
                                                        213.155.156.166
                                                        213.155.156.167
                                                        213.155.156.185
                                                        213.155.156.180
                                                        213.155.156.182
                                                        213.155.156.183

                                                      • 8.8.8.8:53
                                                        dsp.adkernel.com
                                                        dns
                                                        chrome.exe
                                                        62 B
                                                        78 B
                                                        1
                                                        1

                                                        DNS Request

                                                        dsp.adkernel.com

                                                        DNS Response

                                                        174.137.133.49

                                                      • 8.8.8.8:53
                                                        a.rfihub.com
                                                        dns
                                                        chrome.exe
                                                        58 B
                                                        132 B
                                                        1
                                                        1

                                                        DNS Request

                                                        a.rfihub.com

                                                        DNS Response

                                                        193.0.160.130

                                                      • 8.8.8.8:53
                                                        sync-dmp.aura-dsp.com
                                                        dns
                                                        chrome.exe
                                                        67 B
                                                        83 B
                                                        1
                                                        1

                                                        DNS Request

                                                        sync-dmp.aura-dsp.com

                                                        DNS Response

                                                        162.55.80.222

                                                      • 8.8.8.8:53
                                                        cm.g.doubleclick.net
                                                        dns
                                                        chrome.exe
                                                        66 B
                                                        82 B
                                                        1
                                                        1

                                                        DNS Request

                                                        cm.g.doubleclick.net

                                                        DNS Response

                                                        142.251.36.2

                                                      • 8.8.8.8:53
                                                        trace.mediago.io
                                                        dns
                                                        chrome.exe
                                                        62 B
                                                        78 B
                                                        1
                                                        1

                                                        DNS Request

                                                        trace.mediago.io

                                                        DNS Response

                                                        35.208.249.213

                                                      • 142.251.36.2:443
                                                        cm.g.doubleclick.net
                                                        https
                                                        chrome.exe
                                                        6.3kB
                                                        11.2kB
                                                        31
                                                        42
                                                      • 8.8.8.8:53
                                                        106.208.58.216.in-addr.arpa
                                                        dns
                                                        73 B
                                                        143 B
                                                        1
                                                        1

                                                        DNS Request

                                                        106.208.58.216.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        93.159.114.85.in-addr.arpa
                                                        dns
                                                        72 B
                                                        109 B
                                                        1
                                                        1

                                                        DNS Request

                                                        93.159.114.85.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        186.62.91.34.in-addr.arpa
                                                        dns
                                                        71 B
                                                        122 B
                                                        1
                                                        1

                                                        DNS Request

                                                        186.62.91.34.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        181.156.155.213.in-addr.arpa
                                                        dns
                                                        74 B
                                                        136 B
                                                        1
                                                        1

                                                        DNS Request

                                                        181.156.155.213.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        130.160.0.193.in-addr.arpa
                                                        dns
                                                        144 B
                                                        264 B
                                                        2
                                                        2

                                                        DNS Request

                                                        130.160.0.193.in-addr.arpa

                                                        DNS Request

                                                        130.160.0.193.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        49.133.137.174.in-addr.arpa
                                                        dns
                                                        146 B
                                                        260 B
                                                        2
                                                        2

                                                        DNS Request

                                                        49.133.137.174.in-addr.arpa

                                                        DNS Request

                                                        49.133.137.174.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        213.249.208.35.in-addr.arpa
                                                        dns
                                                        146 B
                                                        252 B
                                                        2
                                                        2

                                                        DNS Request

                                                        213.249.208.35.in-addr.arpa

                                                        DNS Request

                                                        213.249.208.35.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        226.20.18.104.in-addr.arpa
                                                        dns
                                                        72 B
                                                        134 B
                                                        1
                                                        1

                                                        DNS Request

                                                        226.20.18.104.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        ad.wsod.com
                                                        dns
                                                        chrome.exe
                                                        114 B
                                                        146 B
                                                        2
                                                        2

                                                        DNS Request

                                                        ad.wsod.com

                                                        DNS Request

                                                        ad.wsod.com

                                                        DNS Response

                                                        209.234.236.22

                                                        DNS Response

                                                        209.234.224.22

                                                      • 8.8.8.8:53
                                                        www.wsoddata.com
                                                        dns
                                                        chrome.exe
                                                        124 B
                                                        156 B
                                                        2
                                                        2

                                                        DNS Request

                                                        www.wsoddata.com

                                                        DNS Request

                                                        www.wsoddata.com

                                                        DNS Response

                                                        209.234.235.251

                                                        DNS Response

                                                        209.234.235.251

                                                      • 8.8.8.8:53
                                                        ad.wsodcdn.com
                                                        dns
                                                        chrome.exe
                                                        60 B
                                                        149 B
                                                        1
                                                        1

                                                        DNS Request

                                                        ad.wsodcdn.com

                                                        DNS Response

                                                        23.221.248.25

                                                      • 8.8.8.8:53
                                                        tag.researchnow.com
                                                        dns
                                                        chrome.exe
                                                        65 B
                                                        172 B
                                                        1
                                                        1

                                                        DNS Request

                                                        tag.researchnow.com

                                                        DNS Response

                                                        18.66.147.14
                                                        18.66.147.40
                                                        18.66.147.105
                                                        18.66.147.91

                                                      • 8.8.8.8:53
                                                        1620481.fls.doubleclick.net
                                                        dns
                                                        chrome.exe
                                                        73 B
                                                        110 B
                                                        1
                                                        1

                                                        DNS Request

                                                        1620481.fls.doubleclick.net

                                                        DNS Response

                                                        142.250.179.134

                                                      • 142.250.179.134:443
                                                        1620481.fls.doubleclick.net
                                                        https
                                                        chrome.exe
                                                        4.7kB
                                                        8.8kB
                                                        13
                                                        14
                                                      • 8.8.8.8:53
                                                        idsync.rlcdn.com
                                                        dns
                                                        chrome.exe
                                                        62 B
                                                        78 B
                                                        1
                                                        1

                                                        DNS Request

                                                        idsync.rlcdn.com

                                                        DNS Response

                                                        35.190.60.146

                                                      • 8.8.8.8:53
                                                        pm.w55c.net
                                                        dns
                                                        chrome.exe
                                                        57 B
                                                        251 B
                                                        1
                                                        1

                                                        DNS Request

                                                        pm.w55c.net

                                                        DNS Response

                                                        52.71.141.42
                                                        54.209.73.86
                                                        52.23.49.153
                                                        52.20.42.167
                                                        54.173.100.80
                                                        52.202.52.98
                                                        34.230.250.86
                                                        50.17.63.122

                                                      • 8.8.8.8:53
                                                        sync.mathtag.com
                                                        dns
                                                        chrome.exe
                                                        62 B
                                                        153 B
                                                        1
                                                        1

                                                        DNS Request

                                                        sync.mathtag.com

                                                        DNS Response

                                                        185.29.132.245
                                                        185.29.134.244
                                                        185.29.134.248
                                                        185.29.132.241

                                                      • 8.8.8.8:53
                                                        a.tribalfusion.com
                                                        dns
                                                        chrome.exe
                                                        64 B
                                                        96 B
                                                        1
                                                        1

                                                        DNS Request

                                                        a.tribalfusion.com

                                                        DNS Response

                                                        104.18.24.173
                                                        104.18.25.173

                                                      • 8.8.8.8:53
                                                        b1sync.zemanta.com
                                                        dns
                                                        chrome.exe
                                                        64 B
                                                        64 B
                                                        1
                                                        1

                                                        DNS Request

                                                        b1sync.zemanta.com

                                                      • 8.8.8.8:53
                                                        s.tribalfusion.com
                                                        dns
                                                        chrome.exe
                                                        64 B
                                                        96 B
                                                        1
                                                        1

                                                        DNS Request

                                                        s.tribalfusion.com

                                                        DNS Response

                                                        104.18.25.173
                                                        104.18.24.173

                                                      • 8.8.8.8:53
                                                        22.236.234.209.in-addr.arpa
                                                        dns
                                                        146 B
                                                        146 B
                                                        2
                                                        2

                                                        DNS Request

                                                        22.236.234.209.in-addr.arpa

                                                        DNS Request

                                                        22.236.234.209.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        134.179.250.142.in-addr.arpa
                                                        dns
                                                        74 B
                                                        112 B
                                                        1
                                                        1

                                                        DNS Request

                                                        134.179.250.142.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        198.23.217.172.in-addr.arpa
                                                        dns
                                                        73 B
                                                        171 B
                                                        1
                                                        1

                                                        DNS Request

                                                        198.23.217.172.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        14.147.66.18.in-addr.arpa
                                                        dns
                                                        71 B
                                                        127 B
                                                        1
                                                        1

                                                        DNS Request

                                                        14.147.66.18.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        25.248.221.23.in-addr.arpa
                                                        dns
                                                        72 B
                                                        137 B
                                                        1
                                                        1

                                                        DNS Request

                                                        25.248.221.23.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        67.211.227.13.in-addr.arpa
                                                        dns
                                                        72 B
                                                        129 B
                                                        1
                                                        1

                                                        DNS Request

                                                        67.211.227.13.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        146.60.190.35.in-addr.arpa
                                                        dns
                                                        72 B
                                                        124 B
                                                        1
                                                        1

                                                        DNS Request

                                                        146.60.190.35.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        251.235.234.209.in-addr.arpa
                                                        dns
                                                        148 B
                                                        148 B
                                                        2
                                                        2

                                                        DNS Request

                                                        251.235.234.209.in-addr.arpa

                                                        DNS Request

                                                        251.235.234.209.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        173.24.18.104.in-addr.arpa
                                                        dns
                                                        72 B
                                                        134 B
                                                        1
                                                        1

                                                        DNS Request

                                                        173.24.18.104.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        245.132.29.185.in-addr.arpa
                                                        dns
                                                        73 B
                                                        133 B
                                                        1
                                                        1

                                                        DNS Request

                                                        245.132.29.185.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        42.141.71.52.in-addr.arpa
                                                        dns
                                                        142 B
                                                        250 B
                                                        2
                                                        2

                                                        DNS Request

                                                        42.141.71.52.in-addr.arpa

                                                        DNS Request

                                                        42.141.71.52.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        31.32.42.70.in-addr.arpa
                                                        dns
                                                        70 B
                                                        99 B
                                                        1
                                                        1

                                                        DNS Request

                                                        31.32.42.70.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        cdnjs.cloudflare.com
                                                        dns
                                                        chrome.exe
                                                        66 B
                                                        98 B
                                                        1
                                                        1

                                                        DNS Request

                                                        cdnjs.cloudflare.com

                                                        DNS Response

                                                        104.17.24.14
                                                        104.17.25.14

                                                      • 8.8.8.8:53
                                                        14.24.17.104.in-addr.arpa
                                                        dns
                                                        71 B
                                                        133 B
                                                        1
                                                        1

                                                        DNS Request

                                                        14.24.17.104.in-addr.arpa

                                                      • 8.8.8.8:53
                                                        beacons.gcp.gvt2.com
                                                        dns
                                                        chrome.exe
                                                        66 B
                                                        112 B
                                                        1
                                                        1

                                                        DNS Request

                                                        beacons.gcp.gvt2.com

                                                        DNS Response

                                                        216.58.213.3

                                                      • 8.8.8.8:53
                                                        3.213.58.216.in-addr.arpa
                                                        dns
                                                        71 B
                                                        138 B
                                                        1
                                                        1

                                                        DNS Request

                                                        3.213.58.216.in-addr.arpa

                                                      MITRE ATT&CK Enterprise v6

                                                      Replay Monitor

                                                      Loading Replay Monitor...

                                                      Downloads

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

                                                        Filesize

                                                        69KB

                                                        MD5

                                                        987edae1041cf0d45c2887f6455cb66a

                                                        SHA1

                                                        8c467f6d7b8c761acaa50ddf4d30b3c7eac6e0ae

                                                        SHA256

                                                        b18d4fb20951e267ed35ba9b72a16e300bdfe7286077acb9afbf2e97a4deefe4

                                                        SHA512

                                                        4d4b2a72f0b25113b079935a186994e9d2cbda85497acb555b7073e395a8eed5eb85743f22cda2c9f6bf6877408d3950da1d15aa6f3ee3a72c23c9b1fc10a76e

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

                                                        Filesize

                                                        39KB

                                                        MD5

                                                        8877fbc3201048f22d98ad32e400ca4a

                                                        SHA1

                                                        993343bbecb3479a01a76d4bd3594d5b73a129bd

                                                        SHA256

                                                        22f8221159c3f919338da3a842d9a50171ddc5ac805be6239bd63e0db78046af

                                                        SHA512

                                                        3dfb36cd2d15347eaa3c7ae29bfa6aa61638e9739174f0559a3a0c676108ccc1a6028f58dad093d6b90cac72b4468eb1d88b6414339555c9f872a5638271d9c9

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        cfdf124df332bc3727217672d2668370

                                                        SHA1

                                                        770c9759dc23af48adbd747505d875c83c7fc5ae

                                                        SHA256

                                                        0d6dfa038a3b98a4dc3b8ba09e888420b3939f87bce4ddd5a074f55beae9778b

                                                        SHA512

                                                        71293ed1a4ab71fc615119fdc021e09ac76e2e2114bb93e8ea2fc860c0d9eecf91755fda806514df43cfbe831fb9764020afa829a9bd733a5018352793180336

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                        Filesize

                                                        5KB

                                                        MD5

                                                        c23220e7df5070ceb7c19d6b46704b94

                                                        SHA1

                                                        29673b2d03a5fa7be7313ec5cc121cf36ec5b654

                                                        SHA256

                                                        fe4cba473363a4d96e2f48004c4c9c436d2a156d4fcf5e7b8c87ae36e8cc29e7

                                                        SHA512

                                                        a4aebd9f746e39ffde5e98151cd8d52616da4e3812e80ccc120b05473f286524e9193e631ac65cee2da1a1f3205a1c4792c0567a936706cc19513b35c2adea4a

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                        Filesize

                                                        371B

                                                        MD5

                                                        b1116a8579ced39c555d39b4c1372a4a

                                                        SHA1

                                                        c5f6b00c20add43b74d09d6ca81d0358a01d30f7

                                                        SHA256

                                                        1d76011b31b7d4aa65a89b8123cfc0d9aa8e3a7850c4d7b3d105584a2d8c2e25

                                                        SHA512

                                                        77b7177da048bfbffe008b64d3b397dcbf7a72b23a77de2514d12134d2d90f7de0eedf169f77c116906c3b07d8865873414769265ca65868153e1917f8484d9f

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                        Filesize

                                                        873B

                                                        MD5

                                                        c0320fdf5fe8f30f77cfac23e71be0c9

                                                        SHA1

                                                        fe11d4c1cafb4c2eed43a055e7d0bbcd4ede6e9f

                                                        SHA256

                                                        524e832a8f5d07c123f6e1e91f79a3c708a4eacace11b54dbfabe53fc6a4845f

                                                        SHA512

                                                        fa1b08f52655d7f9647ffe195e4a3374a122d9964ebee73f921b5e1710368116aab1ffb0a6bc59e5a1f1e73ec18a59fcf2dbcc73de337bc79203a14b6c9353b5

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                        Filesize

                                                        1KB

                                                        MD5

                                                        e0f47df8618c831dc1b15c7b0c6eeaa0

                                                        SHA1

                                                        71208cd3c7e5da47e62196f103b8dbe48b34bbe0

                                                        SHA256

                                                        421e97d5b77fe3d2d749a27c58ac318f8bb58eecf4d6f536f2720621d12486d7

                                                        SHA512

                                                        e27400b1f943014de9190a2387753e75021ac6b8e9959ba9ed867892b626a0c4b9b06b284ad990bcef77c063c86ee255d489a9f09fde8091558e2a87a598c1c1

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                        Filesize

                                                        371B

                                                        MD5

                                                        8ac2b114109dd9fe207f93bf20acbadb

                                                        SHA1

                                                        754bb579a12c33699dba1f2916b7fc2396d9c312

                                                        SHA256

                                                        860a6e7ad2c86b82ec5bcc37623bdbb552f0a3ff704cd72e320de5e6597713f9

                                                        SHA512

                                                        cabd1e7d8d415dc55cbd72dc16d5babbeed3c4771d491efd70273828ac12c6386de5da71aadbe2c06f5f371a51d207842223dbbdf949111b91fbfdb936f22827

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                        Filesize

                                                        5KB

                                                        MD5

                                                        1f232217509fba3b520b5ec117dc5876

                                                        SHA1

                                                        dd77550eb35e0b11df69d769b5e3ad32b5966672

                                                        SHA256

                                                        3a61fdf23d0892e2bbc1aee6f67cea59bbb9689d24d687122e2e102743603461

                                                        SHA512

                                                        07d279412bde7abe538b21b4bf0ae4639102965f7c8f21d4f8f6399183fd46392c5a27ac0e564f6fd2f10c3db104588976046a63e250baed4c0bf79846362556

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                        Filesize

                                                        5KB

                                                        MD5

                                                        9a71e039f8a2abb86b244b68cce4a779

                                                        SHA1

                                                        3e14c3e233962f25fdabfea9b87617509b97cc7d

                                                        SHA256

                                                        a6b072b3936f3a709eb55a24df327add7f3677b0be27b8436f71f93012510ac3

                                                        SHA512

                                                        e4b33625fe59698356ea3c9d3fe982c4af79595befe28a98fd05a218364077a549abeeba91f1f577db0531abcf5a3f39b7a60b3d38cfba5759da761c1638bc88

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                        Filesize

                                                        5KB

                                                        MD5

                                                        4ac32d4b3d93ac805f0acd266d5636c7

                                                        SHA1

                                                        f8ab2d14fa878629b4a6bb69e591f2b6808de8e1

                                                        SHA256

                                                        55b2294d86c59b11e988749e71a8845d48b8d2297f9d6de2a4fb69167c9efe30

                                                        SHA512

                                                        d444b7682d803ceaf7d763478fe8306fe951f6026bee180f445d2c5217f6c8eb31a2f9eb106015310a6c8bcb477a1fa55e4ccd0bccf96993a070f46f37307ae7

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                        Filesize

                                                        5KB

                                                        MD5

                                                        f6fc3c57a0acdb1f3d363434b1d51358

                                                        SHA1

                                                        c601ff67351cdfc1cbe36870b3e4eac5c6b7294f

                                                        SHA256

                                                        3a5b2860348256562cfe7dac4aec883418a7e9dd66105f4333bff1949fb69545

                                                        SHA512

                                                        6135bef0daf3bc331f4b76640ec6c0e0cb7283f79ea884502b411511cf5760f4b082d24530956714c94e91fc199bbe01ac7a78d1b9029f13167cdefa76e5eaf7

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                        Filesize

                                                        6KB

                                                        MD5

                                                        29dee38bca6b35c5f5c7d0a3e759e448

                                                        SHA1

                                                        a9a158fc37bf7b6448425563077ff32f3f8b1f72

                                                        SHA256

                                                        b0740a12889a5dd4aad10fcf47181806a4e57dd00dba74703c09d67f7ed688f4

                                                        SHA512

                                                        af869bca656c4e2ad8ce596b5abc64e85a627360758a31eb5475e7c9dfff79c7ffc04296e40f2b6a255452c7075651351f9cdf34b7e56e19adb6b0c38aeb836d

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                        Filesize

                                                        6KB

                                                        MD5

                                                        ebebe7aa876ac1e6e2e3226cea219353

                                                        SHA1

                                                        606d3403c500034601955ebfb9229f2de7223aec

                                                        SHA256

                                                        da80e2b3fb46c69af0e216504bb0854841ade9333fe5a4c9f7c4308d8335e752

                                                        SHA512

                                                        3e4db6d2c756cc04acab08acaeb6a4681cba3fd9e82bd78172e8d29ef238038f8da400510071ba851e9b9e845ba42ac5e3ac983bbb8493d0b04fda7f57f85e1d

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                        Filesize

                                                        174KB

                                                        MD5

                                                        562feb42cdcf6e5170f2c030a0e943af

                                                        SHA1

                                                        f5e2fb6f06e7c181c15503c6740ff7290adb583f

                                                        SHA256

                                                        9f64da8ad9f4d0adda2c0330d8417cbe6a97a6439d08d0118c84845c40c05f27

                                                        SHA512

                                                        f95bdf7f1e77819671a762cf1ce0ed059103ecdafbcdac8596717ada938f8f7155d0524320216692be5799f1c2f3570bd40e160c5f3b5e2124303460b072dc39

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                        Filesize

                                                        174KB

                                                        MD5

                                                        e2db8698c57479cf1e4209d4fda70f11

                                                        SHA1

                                                        fad40c42e98f7b18d25d7caabbae33017a44a85d

                                                        SHA256

                                                        cb34cce423d17f5421229afed56012fa9fb6ba9854034d0c5bce0a409600d25b

                                                        SHA512

                                                        0e915bddd9afd5ab15690cdf3e5a2ba294108c31833fe7b8e2ce335c43e87fb517089b54ed5eb550f994100d45660ddbedea4f05e4329d6dc0f2b96ed4b10f9f

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                        Filesize

                                                        100KB

                                                        MD5

                                                        b474a8b9f368e8b60d8d9ad796067ddc

                                                        SHA1

                                                        5718de3441f6d237d3d3ca14ce28e224a644f827

                                                        SHA256

                                                        6f6460b8b28427f38859e8ea0692f9a2cc3c411ef88c78e48443cf9f12e8e074

                                                        SHA512

                                                        f053e149ceab4143322a973baed24bfa127d9ad2a582941e3bf152580497c1b1db8c471310dfa54f6b26bca2fcc10f04501f43affce8cc20ed8ba17a7bc39051

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58072f.TMP

                                                        Filesize

                                                        93KB

                                                        MD5

                                                        7687b07dfc4d906da1bdcabf1fc60f85

                                                        SHA1

                                                        0bcf958d943f3a68176a14719059be008c42aa0c

                                                        SHA256

                                                        7ef2c560da36b514975c7f82e75bec2792428ba74cf873b4a6e5ddfa87d64b21

                                                        SHA512

                                                        1d9535033290edfffd83326fefad27c2ccfbe5e0aefc98fcd3e9587a38dcc6bb73719a47cd5de4105e996489d08e3f6399887086f35f8866fb3d0028ef3e8873

                                                      • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

                                                        Filesize

                                                        2B

                                                        MD5

                                                        99914b932bd37a50b983c5e7c90ae93b

                                                        SHA1

                                                        bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                        SHA256

                                                        44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                        SHA512

                                                        27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                      We care about your privacy.

                                                      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.