Resubmissions
03/08/2023, 21:22 UTC
230803-z79h3sgb67 703/08/2023, 21:17 UTC
230803-z48sdagb57 803/08/2023, 21:14 UTC
230803-z3rsgagb52 7Analysis
-
max time kernel
243s -
max time network
248s -
platform
windows10-2004_x64 -
resource
win10v2004-20230703-en -
resource tags
arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system -
submitted
03/08/2023, 21:17 UTC
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://transfiles.ru/wjvp4
Resource
win10v2004-20230703-en
General
-
Target
https://transfiles.ru/wjvp4
Malware Config
Signatures
-
Downloads MZ/PE file
-
Executes dropped EXE 3 IoCs
pid Process 2508 CoolSoftWare 2.1.exe 392 CoolSoftWare 2.1.exe 636 CoolSoftWare 2.1.exe -
Modifies data under HKEY_USERS 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry chrome.exe Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133355710618983652" chrome.exe -
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 4992 chrome.exe 4992 chrome.exe 3124 chrome.exe 3124 chrome.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe -
Suspicious behavior: GetForegroundWindowSpam 5 IoCs
pid Process 2508 CoolSoftWare 2.1.exe 392 CoolSoftWare 2.1.exe 4436 7zFM.exe 636 CoolSoftWare 2.1.exe 3576 7zFM.exe -
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs
pid Process 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe -
Suspicious use of AdjustPrivilegeToken 64 IoCs
description pid Process Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe Token: SeShutdownPrivilege 4992 chrome.exe Token: SeCreatePagefilePrivilege 4992 chrome.exe -
Suspicious use of FindShellTrayWindow 64 IoCs
pid Process 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe -
Suspicious use of SendNotifyMessage 64 IoCs
pid Process 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 4992 chrome.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe 488 taskmgr.exe -
Suspicious use of SetWindowsHookEx 6 IoCs
pid Process 2508 CoolSoftWare 2.1.exe 2508 CoolSoftWare 2.1.exe 392 CoolSoftWare 2.1.exe 392 CoolSoftWare 2.1.exe 636 CoolSoftWare 2.1.exe 636 CoolSoftWare 2.1.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 4992 wrote to memory of 4260 4992 chrome.exe 82 PID 4992 wrote to memory of 4260 4992 chrome.exe 82 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 928 4992 chrome.exe 84 PID 4992 wrote to memory of 4252 4992 chrome.exe 85 PID 4992 wrote to memory of 4252 4992 chrome.exe 85 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86 PID 4992 wrote to memory of 4480 4992 chrome.exe 86
Processes
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://transfiles.ru/wjvp41⤵
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:4992 -
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff950019758,0x7ff950019768,0x7ff9500197782⤵PID:4260
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1648 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:22⤵PID:928
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:82⤵PID:4252
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2232 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:82⤵PID:4480
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3004 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:12⤵PID:4124
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3012 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:12⤵PID:3536
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=5024 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:12⤵PID:3428
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4792 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:12⤵PID:2104
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4628 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:12⤵PID:3492
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3916 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:12⤵PID:4920
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5884 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:82⤵PID:4500
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5848 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:82⤵PID:4184
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6124 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:82⤵PID:1380
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5148 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:82⤵PID:4872
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1000 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:82⤵PID:5068
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5780 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:12⤵PID:5044
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5800 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:12⤵PID:3372
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6292 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:82⤵PID:4408
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6428 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:82⤵PID:4868
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:82⤵PID:1612
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6416 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:82⤵PID:1172
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6600 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:82⤵PID:1572
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6264 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:12⤵PID:4292
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5992 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:12⤵PID:2256
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6544 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:82⤵PID:2104
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5316 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:82⤵PID:368
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6488 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:22⤵
- Suspicious behavior: EnumeratesProcesses
PID:3124
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2372 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:82⤵PID:1220
-
-
C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe"C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe"2⤵
- Executes dropped EXE
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2508
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5380 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:12⤵PID:2092
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=4896 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:12⤵PID:1104
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1596 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:82⤵PID:1236
-
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6736 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:82⤵PID:3804
-
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵PID:636
-
C:\Windows\system32\taskmgr.exe"C:\Windows\system32\taskmgr.exe" /41⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:488
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵PID:1120
-
C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe"C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe"1⤵
- Executes dropped EXE
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:392
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe"1⤵PID:1816
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff950019758,0x7ff950019768,0x7ff9500197782⤵PID:4732
-
-
C:\Program Files\7-Zip\7zFM.exe"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe"1⤵
- Suspicious behavior: GetForegroundWindowSpam
PID:4436 -
C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe"C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe"2⤵
- Executes dropped EXE
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:636
-
-
C:\Program Files\7-Zip\7zFM.exe"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe"1⤵
- Suspicious behavior: GetForegroundWindowSpam
PID:3576
Network
-
Remote address:8.8.8.8:53Requesttransfiles.ruIN AResponsetransfiles.ruIN A157.90.215.152
-
Remote address:8.8.8.8:53Request59.128.231.4.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request254.23.238.8.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestslscr.update.microsoft.comIN AResponseslscr.update.microsoft.comIN CNAMEsls.update.microsoft.comsls.update.microsoft.comIN CNAMEglb.sls.prod.dcat.dsp.trafficmanager.netglb.sls.prod.dcat.dsp.trafficmanager.netIN A20.12.23.50
-
Remote address:157.90.215.152:443RequestGET /css/jquery.bxslider.css HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://transfiles.ru/wjvp4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 21 Apr 2021 17:24:25 GMT
ETag: "efc-5c07ed597c1fd-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1193
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Content-Type: text/css
-
Remote address:157.90.215.152:443RequestGET /css/common.css?rnd=5 HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://transfiles.ru/wjvp4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 21 Apr 2021 17:24:25 GMT
ETag: "af66-5c07ed5934d67-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8167
Keep-Alive: timeout=10, max=99
Connection: Keep-Alive
Content-Type: text/css
-
Remote address:157.90.215.152:443RequestGET /js/functions.js?rnd=5 HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://transfiles.ru/wjvp4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 11 Jan 2022 00:02:37 GMT
ETag: "31fa-5d5432bbec140-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3612
Keep-Alive: timeout=10, max=98
Connection: Keep-Alive
Content-Type: application/javascript
-
Remote address:157.90.215.152:443RequestGET /js/jquery.mCustomScrollbar.concat.min.js HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://transfiles.ru/wjvp4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 21 Apr 2021 17:27:35 GMT
ETag: "9f96-5c07ee0e797e3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12352
Keep-Alive: timeout=10, max=97
Connection: Keep-Alive
Content-Type: application/javascript
-
Remote address:157.90.215.152:443RequestGET /images/donate.png HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://transfiles.ru/css/common.css?rnd=5
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 21 Apr 2021 17:27:28 GMT
ETag: "33f-5c07ee087c57b"
Accept-Ranges: bytes
Content-Length: 831
Keep-Alive: timeout=10, max=96
Connection: Keep-Alive
Content-Type: image/png
-
Remote address:157.90.215.152:443RequestGET /wjvp4 HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Set-Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5709
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
-
Remote address:157.90.215.152:443RequestGET /css/jquery.mCustomScrollbar.css HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://transfiles.ru/wjvp4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 21 Apr 2021 17:24:25 GMT
ETag: "a871-5c07ed594d403-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3989
Keep-Alive: timeout=10, max=99
Connection: Keep-Alive
Content-Type: text/css
-
Remote address:157.90.215.152:443RequestGET /css/common_m.css?rnd=5 HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://transfiles.ru/wjvp4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 21 Apr 2021 17:24:24 GMT
ETag: "35b2-5c07ed58e2cf2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2795
Keep-Alive: timeout=10, max=98
Connection: Keep-Alive
Content-Type: text/css
-
Remote address:157.90.215.152:443RequestGET /js/jquery.bxslider.min.js HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://transfiles.ru/wjvp4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 21 Apr 2021 17:27:32 GMT
ETag: "4b9f-5c07ee0bbc585-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5162
Keep-Alive: timeout=10, max=97
Connection: Keep-Alive
Content-Type: application/javascript
-
Remote address:157.90.215.152:443RequestGET /images/bg.jpg HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://transfiles.ru/css/common.css?rnd=5
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 21 Apr 2021 17:27:29 GMT
ETag: "1430-5c07ee0893c77"
Accept-Ranges: bytes
Content-Length: 5168
Keep-Alive: timeout=10, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
-
Remote address:157.90.215.152:443RequestGET /images/abuse.png HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://transfiles.ru/css/common.css?rnd=5
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 21 Apr 2021 17:27:28 GMT
ETag: "4c6-5c07ee07ae4b8"
Accept-Ranges: bytes
Content-Length: 1222
Keep-Alive: timeout=10, max=95
Connection: Keep-Alive
Content-Type: image/png
-
Remote address:157.90.215.152:443RequestGET /images/loader.gif HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://transfiles.ru/css/common.css?rnd=5
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd; _ga=GA1.2.1270369092.1691097458; _gid=GA1.2.1248136478.1691097458; _gat=1
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 21 Apr 2021 17:27:25 GMT
ETag: "c7d-5c07ee053c570"
Accept-Ranges: bytes
Content-Length: 3197
Keep-Alive: timeout=10, max=94
Connection: Keep-Alive
Content-Type: image/gif
-
Remote address:157.90.215.152:443RequestPOST /getFilelist HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
Content-Length: 10
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Origin: https://transfiles.ru
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://transfiles.ru/wjvp4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd; _ga=GA1.2.1270369092.1691097458; _gid=GA1.2.1248136478.1691097458; _gat=1
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 165
Keep-Alive: timeout=10, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
-
Remote address:157.90.215.152:443RequestGET /images/btn_ok_passive.png HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://transfiles.ru/css/common.css?rnd=5
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd; _ga=GA1.2.1270369092.1691097458; _gid=GA1.2.1248136478.1691097458; _gat=1
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 21 Apr 2021 17:27:24 GMT
ETag: "fb-5c07ee046c56d"
Accept-Ranges: bytes
Content-Length: 251
Keep-Alive: timeout=10, max=92
Connection: Keep-Alive
Content-Type: image/png
-
Remote address:157.90.215.152:443RequestGET /images/favicon.png HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://transfiles.ru/wjvp4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd; _ga=GA1.2.1270369092.1691097458; _gid=GA1.2.1248136478.1691097458; _gat=1; _ym_uid=1691097458144275843; _ym_d=1691097458; _ga_FG4BQLH20C=GS1.2.1691097458.1.0.1691097458.0.0.0; _ym_isad=2; __gads=ID=ef8c860f8acb870b:T=1691097459:RT=1691097459:S=ALNI_MYueA0ER2uMeV-qX4lFKXl8ent2sA; __gpi=UID=00000c4bf83f0247:T=1691097459:RT=1691097459:S=ALNI_MYejE6JnNvOTJfQAu3txOlKg0V8Vg; _ym_visorc=w
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 21 Apr 2021 17:27:30 GMT
ETag: "84f-5c07ee09c186d"
Accept-Ranges: bytes
Content-Length: 2127
Keep-Alive: timeout=10, max=91
Connection: Keep-Alive
Content-Type: image/png
-
Remote address:8.8.8.8:53Requestapps.identrust.comIN AResponseapps.identrust.comIN CNAMEidentrust.edgesuite.netidentrust.edgesuite.netIN CNAMEa1952.dscq.akamai.neta1952.dscq.akamai.netIN A23.72.252.171a1952.dscq.akamai.netIN A23.72.252.163
-
Remote address:23.72.252.171:80RequestGET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com
ResponseHTTP/1.1 200 OK
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.identrust.com
Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT
ETag: "37d-5f433188daa00"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Thu, 03 Aug 2023 22:17:38 GMT
Date: Thu, 03 Aug 2023 21:17:38 GMT
Connection: keep-alive
-
Remote address:157.90.215.152:443RequestGET /assets/504097ca/jquery.min.js HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://transfiles.ru/wjvp4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 21 Apr 2021 18:54:34 GMT
ETag: "16dc4-5c08017fc8490-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 33430
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Content-Type: application/javascript
-
Remote address:157.90.215.152:443RequestGET /js/download.js?rnd=5 HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://transfiles.ru/wjvp4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 04 Mar 2022 10:57:11 GMT
ETag: "5022-5d9626067efc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4944
Keep-Alive: timeout=10, max=99
Connection: Keep-Alive
Content-Type: application/javascript
-
Remote address:157.90.215.152:443RequestGET /securimage/show HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://transfiles.ru/wjvp4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Thu, 03 Aug 2023 21:17:38GMT
Cache-Control: post-check=0, pre-check=0
Keep-Alive: timeout=10, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/png
-
Remote address:157.90.215.152:443RequestGET /images/logo_footer.png HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://transfiles.ru/css/common.css?rnd=5
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 21 Apr 2021 17:27:24 GMT
ETag: "418-5c07ee0483c6a"
Accept-Ranges: bytes
Content-Length: 1048
Keep-Alive: timeout=10, max=97
Connection: Keep-Alive
Content-Type: image/png
-
Remote address:157.90.215.152:443RequestGET /images/ru.png HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://transfiles.ru/wjvp4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 21 Apr 2021 17:27:31 GMT
ETag: "e0-5c07ee0b1c31c"
Accept-Ranges: bytes
Content-Length: 224
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Content-Type: image/png
-
Remote address:157.90.215.152:443RequestGET /images/logo.png HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://transfiles.ru/css/common.css?rnd=5
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 21 Apr 2021 17:27:24 GMT
ETag: "16c3-5c07ee041185a"
Accept-Ranges: bytes
Content-Length: 5827
Keep-Alive: timeout=10, max=99
Connection: Keep-Alive
Content-Type: image/png
-
Remote address:157.90.215.152:443RequestGET /images/btn_qrcode.png HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://transfiles.ru/css/common.css?rnd=5
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 21 Apr 2021 17:27:24 GMT
ETag: "270-5c07ee03cc303"
Accept-Ranges: bytes
Content-Length: 624
Keep-Alive: timeout=10, max=98
Connection: Keep-Alive
Content-Type: image/png
-
Remote address:157.90.215.152:443RequestGET /images/en.png HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://transfiles.ru/wjvp4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 21 Apr 2021 17:27:25 GMT
ETag: "2f6-5c07ee0525e13"
Accept-Ranges: bytes
Content-Length: 758
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Content-Type: image/png
-
Remote address:8.8.8.8:53Requestmc.yandex.ruIN AResponsemc.yandex.ruIN A77.88.21.119mc.yandex.ruIN A93.158.134.119mc.yandex.ruIN A87.250.251.119mc.yandex.ruIN A87.250.250.119
-
Remote address:77.88.21.119:443RequestGET /metrika/tag.js HTTP/2.0
host: mc.yandex.ru
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://transfiles.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Requestcontent-autofill.googleapis.comIN AResponsecontent-autofill.googleapis.comIN A142.250.179.170content-autofill.googleapis.comIN A142.250.179.202content-autofill.googleapis.comIN A142.251.36.10content-autofill.googleapis.comIN A142.251.39.106content-autofill.googleapis.comIN A172.217.23.202content-autofill.googleapis.comIN A216.58.208.106content-autofill.googleapis.comIN A142.250.179.138content-autofill.googleapis.comIN A142.251.36.42
-
Remote address:8.8.8.8:53Request10.36.251.142.in-addr.arpaIN PTRResponse10.36.251.142.in-addr.arpaIN PTRams15s44-in-f101e100net
-
Remote address:8.8.8.8:53Request152.215.90.157.in-addr.arpaIN PTRResponse152.215.90.157.in-addr.arpaIN PTRstatic15221590157clientsyour-serverde
-
Remote address:8.8.8.8:53Request171.252.72.23.in-addr.arpaIN PTRResponse171.252.72.23.in-addr.arpaIN PTRa23-72-252-171deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request130.179.250.142.in-addr.arpaIN PTRResponse130.179.250.142.in-addr.arpaIN PTRams17s10-in-f21e100net
-
Remote address:8.8.8.8:53Request206.23.217.172.in-addr.arpaIN PTRResponse206.23.217.172.in-addr.arpaIN PTRprg03s05-in-f2061e100net206.23.217.172.in-addr.arpaIN PTRams16s37-in-f14�J206.23.217.172.in-addr.arpaIN PTRprg03s05-in-f14�J
-
Remote address:8.8.8.8:53Request119.21.88.77.in-addr.arpaIN PTRResponse119.21.88.77.in-addr.arpaIN PTRmcyandexru
-
Remote address:8.8.8.8:53Requestgoogleads.g.doubleclick.netIN AResponsegoogleads.g.doubleclick.netIN A172.217.168.226
-
GEThttps://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSHglTPZVogpCqOBIFDbVO8OESBQ3pjHeIEgUNdV-5QQ==?alt=protochrome.exeRemote address:142.250.179.170:443RequestGET /v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSHglTPZVogpCqOBIFDbVO8OESBQ3pjHeIEgUNdV-5QQ==?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CJv6ygE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:172.217.168.226:443RequestGET /pagead/html/r20230802/r20190131/zrt_lookup.html HTTP/2.0
host: googleads.g.doubleclick.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://transfiles.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Requestmc.yandex.comIN AResponsemc.yandex.comIN CNAMEmc.yandex.rumc.yandex.ruIN A77.88.21.119mc.yandex.ruIN A87.250.251.119mc.yandex.ruIN A87.250.250.119mc.yandex.ruIN A93.158.134.119
-
Remote address:8.8.8.8:53Request200.179.250.142.in-addr.arpaIN PTRResponse200.179.250.142.in-addr.arpaIN PTRams15s42-in-f81e100net
-
Remote address:8.8.8.8:53Request170.179.250.142.in-addr.arpaIN PTRResponse170.179.250.142.in-addr.arpaIN PTRams15s41-in-f101e100net
-
Remote address:8.8.8.8:53Request226.168.217.172.in-addr.arpaIN PTRResponse226.168.217.172.in-addr.arpaIN PTRams15s40-in-f21e100net
-
Remote address:8.8.8.8:53Request17.160.190.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestwww.googletagservices.comIN AResponsewww.googletagservices.comIN A142.250.179.162
-
Remote address:8.8.8.8:53Requesttpc.googlesyndication.comIN AResponsetpc.googlesyndication.comIN A142.251.36.1
-
Remote address:142.250.179.162:443RequestGET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/2.0
host: www.googletagservices.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
GEThttps://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.jschrome.exeRemote address:142.251.36.1:443RequestGET /pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
GEThttps://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/fullscreen_api_adapter_fy2021.jschrome.exeRemote address:142.251.36.1:443RequestGET /pagead/js/r20230802/r20110914/elements/html/fullscreen_api_adapter_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
GEThttps://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/interstitial_ad_frame_fy2021.jschrome.exeRemote address:142.251.36.1:443RequestGET /pagead/js/r20230802/r20110914/elements/html/interstitial_ad_frame_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Request95.221.229.192.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request195.179.250.142.in-addr.arpaIN PTRResponse195.179.250.142.in-addr.arpaIN PTRams15s42-in-f31e100net
-
Remote address:8.8.8.8:53Request162.179.250.142.in-addr.arpaIN PTRResponse162.179.250.142.in-addr.arpaIN PTRams15s41-in-f21e100net
-
Remote address:8.8.8.8:53Request1.36.251.142.in-addr.arpaIN PTRResponse1.36.251.142.in-addr.arpaIN PTRams15s44-in-f11e100net
-
Remote address:8.8.8.8:53Request106.208.58.216.in-addr.arpaIN PTRResponse106.208.58.216.in-addr.arpaIN PTRsof01s11-in-f1061e100net106.208.58.216.in-addr.arpaIN PTRams17s08-in-f10�J
-
Remote address:8.8.8.8:53Request131.179.250.142.in-addr.arpaIN PTRResponse131.179.250.142.in-addr.arpaIN PTRams17s10-in-f31e100net
-
Remote address:8.8.8.8:53Request196.168.217.172.in-addr.arpaIN PTRResponse196.168.217.172.in-addr.arpaIN PTRams16s32-in-f41e100net
-
Remote address:157.90.215.152:443RequestGET /manifest.json HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: manifest
Referer: https://transfiles.ru/wjvp4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Wed, 21 Apr 2021 17:25:59 GMT
ETag: "c0-5c07edb300543"
Accept-Ranges: bytes
Content-Length: 192
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Content-Type: application/json
-
Remote address:8.8.8.8:53Request208.194.73.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request26.165.165.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request157.102.250.142.in-addr.arpaIN PTRResponse157.102.250.142.in-addr.arpaIN PTRrb-in-f1571e100net
-
Remote address:8.8.8.8:53Request198.187.3.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request254.158.241.8.in-addr.arpaIN PTRResponse
-
Remote address:157.90.215.152:443RequestGET /getFiles/3115092 HTTP/1.1
Host: transfiles.ru
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: https://transfiles.ru/wjvp4
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd; _ga=GA1.2.1270369092.1691097458; _gid=GA1.2.1248136478.1691097458; _gat=1; _ym_uid=1691097458144275843; _ym_d=1691097458; _ga_FG4BQLH20C=GS1.2.1691097458.1.0.1691097458.0.0.0; _ym_isad=2; __gads=ID=ef8c860f8acb870b:T=1691097459:RT=1691097459:S=ALNI_MYueA0ER2uMeV-qX4lFKXl8ent2sA; __gpi=UID=00000c4bf83f0247:T=1691097459:RT=1691097459:S=ALNI_MYejE6JnNvOTJfQAu3txOlKg0V8Vg; _ym_visorc=w
ResponseHTTP/1.1 200 OK
Server: Apache/2.4.41 (Ubuntu)
Expires: 0
Cache-Control: must-revalidate
Pragma: public
Content-Description: File Transfer
Content-Disposition: attachment; filename="CoolSoftWare 2.1.exe"
Content-Transfer-Encoding: binary
Content-Length: 835072
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Content-Type: application/octet-stream
-
Remote address:8.8.8.8:53Requestapis.google.comIN AResponseapis.google.comIN CNAMEplus.l.google.complus.l.google.comIN A172.217.23.206
-
Remote address:8.8.8.8:53Requestvirustotal.comIN AResponsevirustotal.comIN A216.239.32.21virustotal.comIN A216.239.36.21virustotal.comIN A216.239.34.21virustotal.comIN A216.239.38.21
-
Remote address:216.239.32.21:443RequestGET / HTTP/2.0
host: virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-model: ""
sec-ch-ua-bitness: "64"
sec-ch-ua-wow64: ?0
sec-ch-ua-full-version-list: "Chromium";v="106.0.5249.119", "Google Chrome";v="106.0.5249.119", "Not;A=Brand";v="99.0.0.0"
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Requestwww.virustotal.comIN AResponsewww.virustotal.comIN CNAMEghs-svc-https-c46.ghs-ssl.googlehosted.comghs-svc-https-c46.ghs-ssl.googlehosted.comIN A74.125.34.46
-
Remote address:8.8.8.8:53Requestwww.virustotal.comIN AResponsewww.virustotal.comIN CNAMEghs-svc-https-c46.ghs-ssl.googlehosted.comghs-svc-https-c46.ghs-ssl.googlehosted.comIN A74.125.34.46
-
Remote address:74.125.34.46:443RequestGET /gui/ HTTP/2.0
host: www.virustotal.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-model: ""
sec-ch-ua-bitness: "64"
sec-ch-ua-wow64: ?0
sec-ch-ua-full-version-list: "Chromium";v="106.0.5249.119", "Google Chrome";v="106.0.5249.119", "Not;A=Brand";v="99.0.0.0"
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:74.125.34.46:443RequestGET /gui/static/fonts/iosevka-regular.woff2 HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://www.virustotal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:74.125.34.46:443RequestGET /gui/static/fonts/googlesans-regular.ttf HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://www.virustotal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:74.125.34.46:443RequestGET /gui/static/fonts/codicon.ttf HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://www.virustotal.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:74.125.34.46:443RequestGET /gui/main.f914c13c358c6a73a542.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:74.125.34.46:443RequestGET /gui/images/logo.svg HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:74.125.34.46:443RequestGET /gui/images/omnibar/vt_logo.svg HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:74.125.34.46:443RequestGET /gui/stackdriver-errors.891ec2baabef1d8e82de.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:74.125.34.46:443RequestPOST /ui/signin HTTP/2.0
host: www.virustotal.com
content-length: 4
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTI1MzAzMTk2NjAtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTExLjEyMw==
sec-ch-ua-platform: "Windows"
origin: https://www.virustotal.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:74.125.34.46:443RequestGET /ui/user_notifications HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTI1NzEwMDM1ODYtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTExLjEyMw==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:74.125.34.46:443RequestGET /ui/search_modifiers HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTYxMzQ1Mjk4NDEtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTExLjEyMw==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:74.125.34.46:443RequestGET /gui/33789.829134f57ebdda3078af.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:74.125.34.46:443RequestGET /gui/18777.31a2c69a3cbb443a8e98.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:74.125.34.46:443RequestGET /gui/66838.0137f6569d7b4286c625.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:74.125.34.46:443RequestGET /ui/cookie_disclaimer HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTM0ODk3OTI5NjktWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTExLjEyOQ==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:74.125.34.46:443RequestGET /gui/images/ioc-screen-dark.png HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:74.125.34.46:443RequestGET /gui/images/ioc-screen.png HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
-
Remote address:74.125.34.46:443RequestGET /gui/vt-ui-shell-extra-deps.5fbf3d624c4bcd15f231.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
-
Remote address:74.125.34.46:443RequestGET /gui/vt-ui-sw-installer.a88b3e9d68d3f41dac8d.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
-
Remote address:74.125.34.46:443RequestGET /gui/static/qrcode.min.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
-
Remote address:74.125.34.46:443RequestGET /gui/static/opensearch.xml HTTP/2.0
host: www.virustotal.com
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:74.125.34.46:443RequestGET /gui/images/favicon.png HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097512.60.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/service-worker.js HTTP/2.0
host: www.virustotal.com
cache-control: max-age=0
accept: */*
service-worker: script
sec-fetch-site: same-origin
sec-fetch-mode: same-origin
sec-fetch-dest: serviceworker
referer: https://www.virustotal.com/
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097512.60.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/sha256.worker.a6e2f1b9e97a4ea0b474.worker.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: same-origin
sec-fetch-dest: worker
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097512.60.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/images/manifest/icon-192x192.png HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
GEThttps://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6chrome.exeRemote address:74.125.34.46:443RequestGET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6 HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTc0Njc5NzM1MDQtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTEzLjIyMw==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
GEThttps://www.virustotal.com/gui/monaco-editor-admin-0~admin-2~admin-4~admin-8~admin-12~admin-16~admin-24~admin-30~~~~~~~~~~~~~~-editor.main.css.13e4534f9a12c9bf1a94.jschrome.exeRemote address:74.125.34.46:443RequestGET /gui/monaco-editor-admin-0~admin-2~admin-4~admin-8~admin-12~admin-16~admin-24~admin-30~~~~~~~~~~~~~~-editor.main.css.13e4534f9a12c9bf1a94.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/93664.2226078913b58c7e18dc.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/29205.1c5bd79b21ec062954b4.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/94813.9bd18d8d996ed34a07f2.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/996.0d70a6287eb58d2388d8.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/52026.f1cc6a3783f6955e9d8b.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/36791.331433846b5cd7e6df7b.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/35123.dc13bf2d1a9b5033fdf0.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/44312.f34be3560892956062a3.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/329.79d3014c11298ed4896a.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/40414.4dcf9cb2a471223691b6.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/36372.cda980d85347a3006ca1.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/42942.004dc106c9871dd5e7d9.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/63220.dcfe83ed55957b0479a7.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/92151.5debb07ff5f3dfe90e74.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/27806.d7627d69bef749540743.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/52985.fd200fddb2662387c0fc.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/2782.679f0815cff017ff4688.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/69589.c52f0ad14713cba70612.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/64382.37e175fa0d6e9418c252.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/29409.4c427ab433c0ae80ffcc.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/50974.3fc0be2bd591ebd6e7f9.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/21715.b4455da21d7fbec85695.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/25606.ad86380b59be7ecf7b2a.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/84825.6c03f97e8ea93ee3bc3a.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/72421.ab03439c8386f9373d96.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/1743.f9efb24e0fdf2e6a49de.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/81702.495b35dc2aca50425591.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/92359.a60f9d9552b9bb2acabd.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/81581.587df007a543623d0ccb.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /ui/files/submission/challenge HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
cache-control: no-cache
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTA4NTQzMDc5MzYtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTEzLjczOA==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
-
GEThttps://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6chrome.exeRemote address:74.125.34.46:443RequestGET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6 HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTY1NjY2NzExNDctWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE0LjA4Mg==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestGET /gui/icon.types-peexe.34670b381aaaa83f80c2.js HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
-
POSThttps://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/submissions/addchrome.exeRemote address:74.125.34.46:443RequestPOST /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/submissions/add HTTP/2.0
host: www.virustotal.com
content-length: 144
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTM0ODcyNDI2OTItWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE0Ljk0Nw==
sec-ch-ua-platform: "Windows"
origin: https://www.virustotal.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
-
GEThttps://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/dropped_fileschrome.exeRemote address:74.125.34.46:443RequestGET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/dropped_files HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTMzMTMyNjQ1MTctWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjQxNg==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
-
GEThttps://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/contacted_urlschrome.exeRemote address:74.125.34.46:443RequestGET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/contacted_urls HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTM0NDg0MTc1ODYtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjQxNw==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
-
GEThttps://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/contacted_domainschrome.exeRemote address:74.125.34.46:443RequestGET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/contacted_domains HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTA3NTU5NTI3NDUtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjQxNw==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
-
GEThttps://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/contacted_ipschrome.exeRemote address:74.125.34.46:443RequestGET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/contacted_ips HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTA0NzQzMzI5MDMtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjQyMQ==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
-
GEThttps://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/execution_parentschrome.exeRemote address:74.125.34.46:443RequestGET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/execution_parents HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTMyMTU1NjM2NTctWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjQyMg==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
-
GEThttps://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/pe_resource_parentschrome.exeRemote address:74.125.34.46:443RequestGET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/pe_resource_parents HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTgwMzg5MjIwNDQtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjQyMg==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
-
GEThttps://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/bundled_fileschrome.exeRemote address:74.125.34.46:443RequestGET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/bundled_files HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTAwNjEyOTMzODQtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjQyNA==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
-
GEThttps://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/pe_resource_childrenchrome.exeRemote address:74.125.34.46:443RequestGET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/pe_resource_children HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTcxNTQ5MjkwMjEtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjQyNA==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
-
GEThttps://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/behaviour_mitre_treeschrome.exeRemote address:74.125.34.46:443RequestGET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/behaviour_mitre_trees HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTc5MjM0MjcyMDgtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjUzMw==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
-
GEThttps://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/mitre_format?link=truechrome.exeRemote address:74.125.34.46:443RequestGET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/mitre_format?link=true HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTUyODQxNjE1NDMtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjUzNA==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
-
GEThttps://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/behaviours?limit=40chrome.exeRemote address:74.125.34.46:443RequestGET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/behaviours?limit=40 HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTk4NTY0ODgzNDAtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjUzOA==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
-
GEThttps://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/votes?relationships=item%2Cvoterchrome.exeRemote address:74.125.34.46:443RequestGET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/votes?relationships=item%2Cvoter HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTkwNzYwODkzNTMtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjU0Mw==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
-
GEThttps://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/comments?relationships=item%2Cauthorchrome.exeRemote address:74.125.34.46:443RequestGET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/comments?relationships=item%2Cauthor HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTg2MTQ3MTk4NDgtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjU1Mw==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
-
GEThttps://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/graphs?relationships=owner%2Cviewers%2Ceditorschrome.exeRemote address:74.125.34.46:443RequestGET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/graphs?relationships=owner%2Cviewers%2Ceditors HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTQ5NTY4NDc3NzUtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjU1NA==
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
-
Remote address:74.125.34.46:443RequestPOST /ui/collect HTTP/2.0
host: www.virustotal.com
content-length: 11
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
x-app-version: v1x203x4
x-tool: vt-ui-main
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
accept-ianguage: en-US,en;q=0.9,es;q=0.8
x-vt-anti-abuse-header: MTI1NTEwMDA3NTMtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTQ3LjYyOA==
sec-ch-ua-platform: "Windows"
origin: https://www.virustotal.com
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ga=GA1.2.1600203771.1691097512
cookie: _gid=GA1.2.1310385550.1691097512
cookie: _gat=1
cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
-
Remote address:8.8.8.8:53Request21.32.239.216.in-addr.arpaIN PTRResponse21.32.239.216.in-addr.arpaIN PTRany-in-20151e100net
-
Remote address:8.8.8.8:53Requestwww.recaptcha.netIN AResponsewww.recaptcha.netIN A142.250.179.163
-
Remote address:142.250.179.163:443RequestGET /recaptcha/api.js?render=explicit HTTP/2.0
host: www.recaptcha.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Requestrecaptcha.netIN AResponserecaptcha.netIN A142.251.39.99
-
Remote address:142.251.39.99:443RequestGET /recaptcha/api.js?render=explicit HTTP/2.0
host: recaptcha.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Request46.34.125.74.in-addr.arpaIN PTRResponse46.34.125.74.in-addr.arpaIN PTRghs-vip-any-c46ghs-sslgooglehostedcom
-
Remote address:8.8.8.8:53Request163.179.250.142.in-addr.arpaIN PTRResponse163.179.250.142.in-addr.arpaIN PTRams15s41-in-f31e100net
-
Remote address:8.8.8.8:53Request99.39.251.142.in-addr.arpaIN PTRResponse99.39.251.142.in-addr.arpaIN PTRams15s48-in-f31e100net
-
Remote address:8.8.8.8:53Requestanalytics.google.comIN AResponseanalytics.google.comIN CNAMEanalytics-alv.google.comanalytics-alv.google.comIN A216.239.36.181analytics-alv.google.comIN A216.239.32.181analytics-alv.google.comIN A216.239.38.181analytics-alv.google.comIN A216.239.34.181
-
Remote address:8.8.8.8:53Requeststats.g.doubleclick.netIN AResponsestats.g.doubleclick.netIN A142.250.102.157stats.g.doubleclick.netIN A142.250.102.156stats.g.doubleclick.netIN A142.250.102.155stats.g.doubleclick.netIN A142.250.102.154
-
POSThttps://analytics.google.com/g/collect?v=2&tid=G-BLNDV9X2JR>m=45je3820&_p=2082768090&_gaz=1&ul=en-us&sr=1280x720&cid=1600203771.1691097512&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.virustotal.com%2Fgui%2Fhome%2Fupload&dt=VirusTotal%20-%20Home&sid=1691097512&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1chrome.exeRemote address:216.239.36.181:443RequestPOST /g/collect?v=2&tid=G-BLNDV9X2JR>m=45je3820&_p=2082768090&_gaz=1&ul=en-us&sr=1280x720&cid=1600203771.1691097512&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.virustotal.com%2Fgui%2Fhome%2Fupload&dt=VirusTotal%20-%20Home&sid=1691097512&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/2.0
host: analytics.google.com
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.virustotal.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
POSThttps://stats.g.doubleclick.net/g/collect?v=2&tid=G-BLNDV9X2JR&cid=1600203771.1691097512>m=45je3820&aip=1chrome.exeRemote address:142.250.102.157:443RequestPOST /g/collect?v=2&tid=G-BLNDV9X2JR&cid=1600203771.1691097512>m=45je3820&aip=1 HTTP/2.0
host: stats.g.doubleclick.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.virustotal.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: DSID=NO_DATA
cookie: IDE=AHWqTUmQKZxHcR7Wk3qlxeFd3XFrJz31Q3yeOFbq5BZKBzKCm_4p_elH4BHrlMSM2WY
-
Remote address:8.8.8.8:53Request181.36.239.216.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request181.36.239.216.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request181.36.239.216.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request181.36.239.216.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request181.36.239.216.in-addr.arpaIN PTR
-
Remote address:74.125.34.46:443RequestGET /gui/manifest.json HTTP/2.0
host: www.virustotal.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: manifest
referer: https://www.virustotal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Requestbeacons.gcp.gvt2.comIN AResponsebeacons.gcp.gvt2.comIN CNAMEbeacons-handoff.gcp.gvt2.combeacons-handoff.gcp.gvt2.comIN CNAMEgce-beacons.gcp.gvt2.comgce-beacons.gcp.gvt2.comIN A35.190.89.216
-
Remote address:35.190.89.216:443RequestPOST /domainreliability/upload HTTP/2.0
host: beacons.gcp.gvt2.com
content-length: 279
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:35.190.89.216:443RequestPOST /domainreliability/upload HTTP/2.0
host: beacons.gcp.gvt2.com
content-length: 282
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Requeste2c2.gcp.gvt2.comIN AResponsee2c2.gcp.gvt2.comIN A34.92.53.177
-
Remote address:34.92.53.177:443RequestPOST /nel/ HTTP/2.0
host: e2c2.gcp.gvt2.com
content-length: 279
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 204
-
Remote address:8.8.8.8:53Requestb1.nel.googIN AResponseb1.nel.googIN A172.217.169.35
-
OPTIONShttps://b1.nel.goog/upload/1/AOY7FlgW_DPI_M_ku3jQiDVmjQh2wSDmU8pgbNE7drTfIqW_MNkj1tHJxoPfgis07tP899jNHqa2Bk0Fspj8Ij4T0ZRTbCRZ4eKrVJ-rZaFDPX7LUKOUOK5wTriNoE6QiPG608ViOHhdMJcTxRo0DRxUePlfbY_OFSTRWI5mhfbBbJBNK215xoI0M7s4jRwQT_2xhBruRGWjhYDawaAwKYq3y68Td-NCyXTJGS3Schrome.exeRemote address:172.217.169.35:443RequestOPTIONS /upload/1/AOY7FlgW_DPI_M_ku3jQiDVmjQh2wSDmU8pgbNE7drTfIqW_MNkj1tHJxoPfgis07tP899jNHqa2Bk0Fspj8Ij4T0ZRTbCRZ4eKrVJ-rZaFDPX7LUKOUOK5wTriNoE6QiPG608ViOHhdMJcTxRo0DRxUePlfbY_OFSTRWI5mhfbBbJBNK215xoI0M7s4jRwQT_2xhBruRGWjhYDawaAwKYq3y68Td-NCyXTJGS3S HTTP/2.0
host: b1.nel.goog
origin: https://beacons.gcp.gvt2.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Request216.89.190.35.in-addr.arpaIN PTRResponse216.89.190.35.in-addr.arpaIN PTR2168919035bcgoogleusercontentcom
-
Remote address:8.8.8.8:53Request35.169.217.172.in-addr.arpaIN PTRResponse35.169.217.172.in-addr.arpaIN PTRlhr48s08-in-f31e100net
-
Remote address:8.8.8.8:53Request177.53.92.34.in-addr.arpaIN PTRResponse177.53.92.34.in-addr.arpaIN PTR177539234bcgoogleusercontentcom
-
Remote address:8.8.8.8:53Request233.141.123.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestbeacons.gvt2.comIN AResponsebeacons.gvt2.comIN A216.58.204.67
-
Remote address:216.58.204.67:443RequestPOST /domainreliability/upload HTTP/2.0
host: beacons.gvt2.com
content-length: 279
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Request67.204.58.216.in-addr.arpaIN PTRResponse67.204.58.216.in-addr.arpaIN PTRlhr25s13-in-f31e100net67.204.58.216.in-addr.arpaIN PTRlhr48s49-in-f3�G67.204.58.216.in-addr.arpaIN PTRlhr25s13-in-f67�G
-
Remote address:8.8.8.8:53Requestclients2.google.comIN AResponseclients2.google.comIN CNAMEclients.l.google.comclients.l.google.comIN A142.251.36.46
-
Remote address:142.251.36.46:443RequestOPTIONS /domainreliability/upload-nel HTTP/2.0
host: clients2.google.com
origin: https://beacons.gvt2.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Requeste2c26.gcp.gvt2.comIN AResponsee2c26.gcp.gvt2.comIN A34.86.82.41
-
Remote address:8.8.8.8:53Request46.36.251.142.in-addr.arpaIN PTRResponse46.36.251.142.in-addr.arpaIN PTRams17s12-in-f141e100net
-
Remote address:34.86.82.41:443RequestPOST /nel/ HTTP/2.0
host: e2c26.gcp.gvt2.com
content-length: 272
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
ResponseHTTP/2.0 204
-
Remote address:8.8.8.8:53Request41.82.86.34.in-addr.arpaIN PTRResponse41.82.86.34.in-addr.arpaIN PTR41828634bcgoogleusercontentcom
-
Remote address:8.8.8.8:53Request84.65.42.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Requestogs.google.comIN AResponseogs.google.comIN CNAMEwww3.l.google.comwww3.l.google.comIN A142.250.179.206
-
GEThttps://ogs.google.com/widget/app/so?awwd=1&gm3=1&origin=chrome-untrusted%3A%2F%2Fnew-tab-page&origin=chrome%3A%2F%2Fnew-tab-page&cn=app&pid=1&spid=243&hl=enchrome.exeRemote address:142.250.179.206:443RequestGET /widget/app/so?awwd=1&gm3=1&origin=chrome-untrusted%3A%2F%2Fnew-tab-page&origin=chrome%3A%2F%2Fnew-tab-page&cn=app&pid=1&spid=243&hl=en HTTP/2.0
host: ogs.google.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Requestssl.gstatic.comIN AResponsessl.gstatic.comIN A172.217.23.195
-
Remote address:172.217.23.195:443RequestGET /gb/images/sprites/p_1x_bcbb8decf46e.png HTTP/2.0
host: ssl.gstatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ogs.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
-
Remote address:8.8.8.8:53Request206.179.250.142.in-addr.arpaIN PTRResponse206.179.250.142.in-addr.arpaIN PTRams15s42-in-f141e100net
-
Remote address:8.8.8.8:53Request195.23.217.172.in-addr.arpaIN PTRResponse195.23.217.172.in-addr.arpaIN PTRprg03s05-in-f1951e100net195.23.217.172.in-addr.arpaIN PTRams16s37-in-f3�J195.23.217.172.in-addr.arpaIN PTRprg03s05-in-f3�J
-
Remote address:8.8.8.8:53Requestplay.google.comIN AResponseplay.google.comIN A142.251.36.14
-
Remote address:142.251.36.14:443RequestPOST /log?hasfast=true&authuser=0&format=json HTTP/2.0
host: play.google.com
content-length: 643
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://ogs.google.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://ogs.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: NID=511=PKJhbvz3BOBWdao_2IsjrzE84Z3JUwLfak1z9CWVv4x2HgCYoE_gNt_PEZOOREzu9WLtU_Duc7U-ZNyRKfFJx2DPzg3oBkPPbZIfVYS5_5StjBwM8FM37jLYcEAbumADXfsuXTv3UpiEQDo5y--cyVkS5MCo1Y2oler1YA4-xLg
-
Remote address:8.8.8.8:53Request14.36.251.142.in-addr.arpaIN PTRResponse14.36.251.142.in-addr.arpaIN PTRams15s44-in-f141e100net
-
5.0kB 34.4kB 29 38
HTTP Request
GET https://transfiles.ru/css/jquery.bxslider.cssHTTP Response
200HTTP Request
GET https://transfiles.ru/css/common.css?rnd=5HTTP Response
200HTTP Request
GET https://transfiles.ru/js/functions.js?rnd=5HTTP Response
200HTTP Request
GET https://transfiles.ru/js/jquery.mCustomScrollbar.concat.min.jsHTTP Response
200HTTP Request
GET https://transfiles.ru/images/donate.pngHTTP Response
200 -
9.5kB 40.2kB 37 48
HTTP Request
GET https://transfiles.ru/wjvp4HTTP Response
200HTTP Request
GET https://transfiles.ru/css/jquery.mCustomScrollbar.cssHTTP Response
200HTTP Request
GET https://transfiles.ru/css/common_m.css?rnd=5HTTP Response
200HTTP Request
GET https://transfiles.ru/js/jquery.bxslider.min.jsHTTP Response
200HTTP Request
GET https://transfiles.ru/images/bg.jpgHTTP Response
200HTTP Request
GET https://transfiles.ru/images/abuse.pngHTTP Response
200HTTP Request
GET https://transfiles.ru/images/loader.gifHTTP Response
200HTTP Request
POST https://transfiles.ru/getFilelistHTTP Response
200HTTP Request
GET https://transfiles.ru/images/btn_ok_passive.pngHTTP Response
200HTTP Request
GET https://transfiles.ru/images/favicon.pngHTTP Response
200 -
468 B 1.7kB 7 6
HTTP Request
GET http://apps.identrust.com/roots/dstrootcax3.p7cHTTP Response
200 -
4.9kB 70.1kB 39 62
HTTP Request
GET https://transfiles.ru/assets/504097ca/jquery.min.jsHTTP Response
200HTTP Request
GET https://transfiles.ru/js/download.js?rnd=5HTTP Response
200HTTP Request
GET https://transfiles.ru/securimage/showHTTP Response
200HTTP Request
GET https://transfiles.ru/images/logo_footer.pngHTTP Response
200 -
3.3kB 8.7kB 16 17
HTTP Request
GET https://transfiles.ru/images/ru.pngHTTP Response
200HTTP Request
GET https://transfiles.ru/images/logo.pngHTTP Response
200HTTP Request
GET https://transfiles.ru/images/btn_qrcode.pngHTTP Response
200 -
1.8kB 6.4kB 13 15
HTTP Request
GET https://transfiles.ru/images/en.pngHTTP Response
200 -
897 B 679 B 7 8
-
78.0kB 99.1kB 168 183
HTTP Request
GET https://mc.yandex.ru/metrika/tag.js -
142.250.179.170:443https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSHglTPZVogpCqOBIFDbVO8OESBQ3pjHeIEgUNdV-5QQ==?alt=prototls, http2chrome.exe2.1kB 7.3kB 20 21
HTTP Request
GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSHglTPZVogpCqOBIFDbVO8OESBQ3pjHeIEgUNdV-5QQ==?alt=proto -
172.217.168.226:443https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.htmltls, http2chrome.exe2.2kB 11.9kB 21 22
HTTP Request
GET https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html -
142.250.179.162:443https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914tls, http2chrome.exe2.9kB 68.3kB 38 61
HTTP Request
GET https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 -
142.251.36.1:443https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/interstitial_ad_frame_fy2021.jstls, http2chrome.exe3.0kB 31.3kB 37 34
HTTP Request
GET https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.jsHTTP Request
GET https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/fullscreen_api_adapter_fy2021.jsHTTP Request
GET https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/interstitial_ad_frame_fy2021.js -
931 B 4.8kB 9 7
-
931 B 4.8kB 9 7
-
1.7kB 5.9kB 13 15
HTTP Request
GET https://transfiles.ru/manifest.jsonHTTP Response
200 -
16.6kB 862.1kB 324 628
HTTP Request
GET https://transfiles.ru/getFiles/3115092HTTP Response
200 -
897 B 679 B 7 8
-
2.1kB 4.7kB 15 17
HTTP Request
GET https://virustotal.com/ -
953 B 3.9kB 8 7
-
89.8kB 3.0MB 1654 2511
HTTP Request
GET https://www.virustotal.com/gui/HTTP Request
GET https://www.virustotal.com/gui/static/fonts/iosevka-regular.woff2HTTP Request
GET https://www.virustotal.com/gui/static/fonts/googlesans-regular.ttfHTTP Request
GET https://www.virustotal.com/gui/static/fonts/codicon.ttfHTTP Request
GET https://www.virustotal.com/gui/main.f914c13c358c6a73a542.jsHTTP Request
GET https://www.virustotal.com/gui/images/logo.svgHTTP Request
GET https://www.virustotal.com/gui/images/omnibar/vt_logo.svgHTTP Request
GET https://www.virustotal.com/gui/stackdriver-errors.891ec2baabef1d8e82de.jsHTTP Request
POST https://www.virustotal.com/ui/signinHTTP Request
GET https://www.virustotal.com/ui/user_notificationsHTTP Request
GET https://www.virustotal.com/ui/search_modifiersHTTP Request
GET https://www.virustotal.com/gui/33789.829134f57ebdda3078af.jsHTTP Request
GET https://www.virustotal.com/gui/18777.31a2c69a3cbb443a8e98.jsHTTP Request
GET https://www.virustotal.com/gui/66838.0137f6569d7b4286c625.jsHTTP Request
GET https://www.virustotal.com/ui/cookie_disclaimerHTTP Request
GET https://www.virustotal.com/gui/images/ioc-screen-dark.pngHTTP Request
GET https://www.virustotal.com/gui/images/ioc-screen.pngHTTP Request
GET https://www.virustotal.com/gui/vt-ui-shell-extra-deps.5fbf3d624c4bcd15f231.jsHTTP Request
GET https://www.virustotal.com/gui/vt-ui-sw-installer.a88b3e9d68d3f41dac8d.jsHTTP Request
GET https://www.virustotal.com/gui/static/qrcode.min.jsHTTP Request
GET https://www.virustotal.com/gui/static/opensearch.xmlHTTP Request
GET https://www.virustotal.com/gui/images/favicon.pngHTTP Request
GET https://www.virustotal.com/gui/service-worker.jsHTTP Request
GET https://www.virustotal.com/gui/sha256.worker.a6e2f1b9e97a4ea0b474.worker.jsHTTP Request
GET https://www.virustotal.com/gui/images/manifest/icon-192x192.pngHTTP Request
GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6HTTP Request
GET https://www.virustotal.com/gui/monaco-editor-admin-0~admin-2~admin-4~admin-8~admin-12~admin-16~admin-24~admin-30~~~~~~~~~~~~~~-editor.main.css.13e4534f9a12c9bf1a94.jsHTTP Request
GET https://www.virustotal.com/gui/93664.2226078913b58c7e18dc.jsHTTP Request
GET https://www.virustotal.com/gui/29205.1c5bd79b21ec062954b4.jsHTTP Request
GET https://www.virustotal.com/gui/94813.9bd18d8d996ed34a07f2.jsHTTP Request
GET https://www.virustotal.com/gui/996.0d70a6287eb58d2388d8.jsHTTP Request
GET https://www.virustotal.com/gui/52026.f1cc6a3783f6955e9d8b.jsHTTP Request
GET https://www.virustotal.com/gui/36791.331433846b5cd7e6df7b.jsHTTP Request
GET https://www.virustotal.com/gui/35123.dc13bf2d1a9b5033fdf0.jsHTTP Request
GET https://www.virustotal.com/gui/44312.f34be3560892956062a3.jsHTTP Request
GET https://www.virustotal.com/gui/329.79d3014c11298ed4896a.jsHTTP Request
GET https://www.virustotal.com/gui/40414.4dcf9cb2a471223691b6.jsHTTP Request
GET https://www.virustotal.com/gui/36372.cda980d85347a3006ca1.jsHTTP Request
GET https://www.virustotal.com/gui/42942.004dc106c9871dd5e7d9.jsHTTP Request
GET https://www.virustotal.com/gui/63220.dcfe83ed55957b0479a7.jsHTTP Request
GET https://www.virustotal.com/gui/92151.5debb07ff5f3dfe90e74.jsHTTP Request
GET https://www.virustotal.com/gui/27806.d7627d69bef749540743.jsHTTP Request
GET https://www.virustotal.com/gui/52985.fd200fddb2662387c0fc.jsHTTP Request
GET https://www.virustotal.com/gui/2782.679f0815cff017ff4688.jsHTTP Request
GET https://www.virustotal.com/gui/69589.c52f0ad14713cba70612.jsHTTP Request
GET https://www.virustotal.com/gui/64382.37e175fa0d6e9418c252.jsHTTP Request
GET https://www.virustotal.com/gui/29409.4c427ab433c0ae80ffcc.jsHTTP Request
GET https://www.virustotal.com/gui/50974.3fc0be2bd591ebd6e7f9.jsHTTP Request
GET https://www.virustotal.com/gui/21715.b4455da21d7fbec85695.jsHTTP Request
GET https://www.virustotal.com/gui/25606.ad86380b59be7ecf7b2a.jsHTTP Request
GET https://www.virustotal.com/gui/84825.6c03f97e8ea93ee3bc3a.jsHTTP Request
GET https://www.virustotal.com/gui/72421.ab03439c8386f9373d96.jsHTTP Request
GET https://www.virustotal.com/gui/1743.f9efb24e0fdf2e6a49de.jsHTTP Request
GET https://www.virustotal.com/gui/81702.495b35dc2aca50425591.jsHTTP Request
GET https://www.virustotal.com/gui/92359.a60f9d9552b9bb2acabd.jsHTTP Request
GET https://www.virustotal.com/gui/81581.587df007a543623d0ccb.jsHTTP Request
GET https://www.virustotal.com/ui/files/submission/challengeHTTP Request
GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6HTTP Request
GET https://www.virustotal.com/gui/icon.types-peexe.34670b381aaaa83f80c2.jsHTTP Request
POST https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/submissions/addHTTP Request
GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/dropped_filesHTTP Request
GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/contacted_urlsHTTP Request
GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/contacted_domainsHTTP Request
GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/contacted_ipsHTTP Request
GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/execution_parentsHTTP Request
GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/pe_resource_parentsHTTP Request
GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/bundled_filesHTTP Request
GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/pe_resource_childrenHTTP Request
GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/behaviour_mitre_treesHTTP Request
GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/mitre_format?link=trueHTTP Request
GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/behaviours?limit=40HTTP Request
GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/votes?relationships=item%2CvoterHTTP Request
GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/comments?relationships=item%2CauthorHTTP Request
GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/graphs?relationships=owner%2Cviewers%2CeditorsHTTP Request
POST https://www.virustotal.com/ui/collect -
142.250.179.163:443https://www.recaptcha.net/recaptcha/api.js?render=explicittls, http2chrome.exe1.9kB 14.4kB 18 24
HTTP Request
GET https://www.recaptcha.net/recaptcha/api.js?render=explicit -
2.0kB 14.4kB 20 24
HTTP Request
GET https://recaptcha.net/recaptcha/api.js?render=explicit -
216.239.36.181:443https://analytics.google.com/g/collect?v=2&tid=G-BLNDV9X2JR>m=45je3820&_p=2082768090&_gaz=1&ul=en-us&sr=1280x720&cid=1600203771.1691097512&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.virustotal.com%2Fgui%2Fhome%2Fupload&dt=VirusTotal%20-%20Home&sid=1691097512&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1tls, http2chrome.exe2.2kB 8.9kB 16 16
HTTP Request
POST https://analytics.google.com/g/collect?v=2&tid=G-BLNDV9X2JR>m=45je3820&_p=2082768090&_gaz=1&ul=en-us&sr=1280x720&cid=1600203771.1691097512&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.virustotal.com%2Fgui%2Fhome%2Fupload&dt=VirusTotal%20-%20Home&sid=1691097512&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1 -
142.250.102.157:443https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BLNDV9X2JR&cid=1600203771.1691097512>m=45je3820&aip=1tls, http2chrome.exe2.0kB 6.8kB 16 18
HTTP Request
POST https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BLNDV9X2JR&cid=1600203771.1691097512>m=45je3820&aip=1 -
1.8kB 5.2kB 16 19
HTTP Request
GET https://www.virustotal.com/gui/manifest.json -
2.6kB 7.1kB 20 19
HTTP Request
POST https://beacons.gcp.gvt2.com/domainreliability/uploadHTTP Request
POST https://beacons.gcp.gvt2.com/domainreliability/upload -
989 B 5.6kB 9 8
-
1.9kB 5.8kB 15 15
HTTP Request
POST https://e2c2.gcp.gvt2.com/nel/HTTP Response
204 -
172.217.169.35:443https://b1.nel.goog/upload/1/AOY7FlgW_DPI_M_ku3jQiDVmjQh2wSDmU8pgbNE7drTfIqW_MNkj1tHJxoPfgis07tP899jNHqa2Bk0Fspj8Ij4T0ZRTbCRZ4eKrVJ-rZaFDPX7LUKOUOK5wTriNoE6QiPG608ViOHhdMJcTxRo0DRxUePlfbY_OFSTRWI5mhfbBbJBNK215xoI0M7s4jRwQT_2xhBruRGWjhYDawaAwKYq3y68Td-NCyXTJGS3Stls, http2chrome.exe2.1kB 15.2kB 19 24
HTTP Request
OPTIONS https://b1.nel.goog/upload/1/AOY7FlgW_DPI_M_ku3jQiDVmjQh2wSDmU8pgbNE7drTfIqW_MNkj1tHJxoPfgis07tP899jNHqa2Bk0Fspj8Ij4T0ZRTbCRZ4eKrVJ-rZaFDPX7LUKOUOK5wTriNoE6QiPG608ViOHhdMJcTxRo0DRxUePlfbY_OFSTRWI5mhfbBbJBNK215xoI0M7s4jRwQT_2xhBruRGWjhYDawaAwKYq3y68Td-NCyXTJGS3S -
1.2kB 5.5kB 13 11
-
2.1kB 7.2kB 17 17
HTTP Request
POST https://beacons.gvt2.com/domainreliability/upload -
1.8kB 10.6kB 17 20
HTTP Request
OPTIONS https://clients2.google.com/domainreliability/upload-nel -
2.0kB 5.9kB 17 16
HTTP Request
POST https://e2c26.gcp.gvt2.com/nel/HTTP Response
204 -
142.250.179.206:443https://ogs.google.com/widget/app/so?awwd=1&gm3=1&origin=chrome-untrusted%3A%2F%2Fnew-tab-page&origin=chrome%3A%2F%2Fnew-tab-page&cn=app&pid=1&spid=243&hl=entls, http2chrome.exe2.2kB 26.2kB 19 27
HTTP Request
GET https://ogs.google.com/widget/app/so?awwd=1&gm3=1&origin=chrome-untrusted%3A%2F%2Fnew-tab-page&origin=chrome%3A%2F%2Fnew-tab-page&cn=app&pid=1&spid=243&hl=en -
172.217.23.195:443https://ssl.gstatic.com/gb/images/sprites/p_1x_bcbb8decf46e.pngtls, http2chrome.exe2.7kB 70.3kB 34 57
HTTP Request
GET https://ssl.gstatic.com/gb/images/sprites/p_1x_bcbb8decf46e.png -
142.251.36.14:443https://play.google.com/log?hasfast=true&authuser=0&format=jsontls, http2chrome.exe2.6kB 8.9kB 13 16
HTTP Request
POST https://play.google.com/log?hasfast=true&authuser=0&format=json
-
59 B 75 B 1 1
DNS Request
transfiles.ru
DNS Response
157.90.215.152
-
71 B 157 B 1 1
DNS Request
59.128.231.4.in-addr.arpa
-
143 B 285 B 2 2
DNS Request
254.23.238.8.in-addr.arpa
DNS Request
slscr.update.microsoft.com
DNS Response
20.12.23.50
-
64 B 165 B 1 1
DNS Request
apps.identrust.com
DNS Response
23.72.252.17123.72.252.163
-
58 B 122 B 1 1
DNS Request
mc.yandex.ru
DNS Response
77.88.21.11993.158.134.11987.250.251.11987.250.250.119
-
77 B 205 B 1 1
DNS Request
content-autofill.googleapis.com
DNS Response
142.250.179.170142.250.179.202142.251.36.10142.251.39.106172.217.23.202216.58.208.106142.250.179.138142.251.36.42
-
72 B 111 B 1 1
DNS Request
10.36.251.142.in-addr.arpa
-
73 B 131 B 1 1
DNS Request
152.215.90.157.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
171.252.72.23.in-addr.arpa
-
74 B 112 B 1 1
DNS Request
130.179.250.142.in-addr.arpa
-
73 B 173 B 1 1
DNS Request
206.23.217.172.in-addr.arpa
-
71 B 97 B 1 1
DNS Request
119.21.88.77.in-addr.arpa
-
73 B 89 B 1 1
DNS Request
googleads.g.doubleclick.net
DNS Response
172.217.168.226
-
59 B 149 B 1 1
DNS Request
mc.yandex.com
DNS Response
77.88.21.11987.250.251.11987.250.250.11993.158.134.119
-
12.4kB 113.9kB 75 117
-
74 B 112 B 1 1
DNS Request
200.179.250.142.in-addr.arpa
-
74 B 113 B 1 1
DNS Request
170.179.250.142.in-addr.arpa
-
74 B 112 B 1 1
DNS Request
226.168.217.172.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
17.160.190.20.in-addr.arpa
-
71 B 87 B 1 1
DNS Request
www.googletagservices.com
DNS Response
142.250.179.162
-
71 B 87 B 1 1
DNS Request
tpc.googlesyndication.com
DNS Response
142.251.36.1
-
5.5kB 32.7kB 34 42
-
73 B 144 B 1 1
DNS Request
95.221.229.192.in-addr.arpa
-
74 B 112 B 1 1
DNS Request
195.179.250.142.in-addr.arpa
-
74 B 112 B 1 1
DNS Request
162.179.250.142.in-addr.arpa
-
71 B 109 B 1 1
DNS Request
1.36.251.142.in-addr.arpa
-
73 B 143 B 1 1
DNS Request
106.208.58.216.in-addr.arpa
-
74 B 112 B 1 1
DNS Request
131.179.250.142.in-addr.arpa
-
74 B 112 B 1 1
DNS Request
196.168.217.172.in-addr.arpa
-
204 B 3
-
72 B 158 B 1 1
DNS Request
208.194.73.20.in-addr.arpa
-
146 B 254 B 2 2
DNS Request
26.165.165.52.in-addr.arpa
DNS Request
157.102.250.142.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
198.187.3.20.in-addr.arpa
-
72 B 126 B 1 1
DNS Request
254.158.241.8.in-addr.arpa
-
61 B 98 B 1 1
DNS Request
apis.google.com
DNS Response
172.217.23.206
-
60 B 124 B 1 1
DNS Request
virustotal.com
DNS Response
216.239.32.21216.239.36.21216.239.34.21216.239.38.21
-
128 B 266 B 2 2
DNS Request
www.virustotal.com
DNS Request
www.virustotal.com
DNS Response
74.125.34.46
DNS Response
74.125.34.46
-
72 B 107 B 1 1
DNS Request
21.32.239.216.in-addr.arpa
-
63 B 79 B 1 1
DNS Request
www.recaptcha.net
DNS Response
142.250.179.163
-
59 B 75 B 1 1
DNS Request
recaptcha.net
DNS Response
142.251.39.99
-
71 B 125 B 1 1
DNS Request
46.34.125.74.in-addr.arpa
-
74 B 112 B 1 1
DNS Request
163.179.250.142.in-addr.arpa
-
72 B 110 B 1 1
DNS Request
99.39.251.142.in-addr.arpa
-
4.9kB 40.2kB 24 41
-
3.5kB 7.1kB 9 11
-
66 B 158 B 1 1
DNS Request
analytics.google.com
DNS Response
216.239.36.181216.239.32.181216.239.38.181216.239.34.181
-
69 B 133 B 1 1
DNS Request
stats.g.doubleclick.net
DNS Response
142.250.102.157142.250.102.156142.250.102.155142.250.102.154
-
365 B 5
DNS Request
181.36.239.216.in-addr.arpa
DNS Request
181.36.239.216.in-addr.arpa
DNS Request
181.36.239.216.in-addr.arpa
DNS Request
181.36.239.216.in-addr.arpa
DNS Request
181.36.239.216.in-addr.arpa
-
4.0kB 7.5kB 7 10
-
66 B 138 B 1 1
DNS Request
beacons.gcp.gvt2.com
DNS Response
35.190.89.216
-
63 B 79 B 1 1
DNS Request
e2c2.gcp.gvt2.com
DNS Response
34.92.53.177
-
2.3kB 5.8kB 7 9
-
57 B 73 B 1 1
DNS Request
b1.nel.goog
DNS Response
172.217.169.35
-
72 B 124 B 1 1
DNS Request
216.89.190.35.in-addr.arpa
-
73 B 111 B 1 1
DNS Request
35.169.217.172.in-addr.arpa
-
71 B 122 B 1 1
DNS Request
177.53.92.34.in-addr.arpa
-
73 B 159 B 1 1
DNS Request
233.141.123.20.in-addr.arpa
-
62 B 78 B 1 1
DNS Request
beacons.gvt2.com
DNS Response
216.58.204.67
-
72 B 169 B 1 1
DNS Request
67.204.58.216.in-addr.arpa
-
3.6kB 10.3kB 10 12
-
65 B 105 B 1 1
DNS Request
clients2.google.com
DNS Response
142.251.36.46
-
4.3kB 3.8kB 9 8
-
64 B 80 B 1 1
DNS Request
e2c26.gcp.gvt2.com
DNS Response
34.86.82.41
-
72 B 111 B 1 1
DNS Request
46.36.251.142.in-addr.arpa
-
70 B 120 B 1 1
DNS Request
41.82.86.34.in-addr.arpa
-
3.5kB 7.4kB 8 11
-
70 B 156 B 1 1
DNS Request
84.65.42.20.in-addr.arpa
-
4.0kB 10.5kB 13 15
-
2.2kB 4.7kB 9 10
-
4.2kB 3.2kB 8 9
-
60 B 97 B 1 1
DNS Request
ogs.google.com
DNS Response
142.250.179.206
-
61 B 77 B 1 1
DNS Request
ssl.gstatic.com
DNS Response
172.217.23.195
-
74 B 113 B 1 1
DNS Request
206.179.250.142.in-addr.arpa
-
73 B 171 B 1 1
DNS Request
195.23.217.172.in-addr.arpa
-
61 B 77 B 1 1
DNS Request
play.google.com
DNS Response
142.251.36.14
-
72 B 111 B 1 1
DNS Request
14.36.251.142.in-addr.arpa
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
40B
MD5f083bcd6a0628fa4aca1d134179c94f7
SHA1dad1bdfa0fa12bbf89581b0f2349d34d5e48c412
SHA256598abb8646aa2b6371f79de998960b5bc7a28e195a594ad15d8da9e86995892d
SHA51233d2a799420f46ee769a83499852bf7a62f4f0887a036a7a1989c096fd977763685c230616429a4840636d0f0cc9eb9f19c415271fade01a10eab5d92d2d3e8b
-
Filesize
40B
MD5f083bcd6a0628fa4aca1d134179c94f7
SHA1dad1bdfa0fa12bbf89581b0f2349d34d5e48c412
SHA256598abb8646aa2b6371f79de998960b5bc7a28e195a594ad15d8da9e86995892d
SHA51233d2a799420f46ee769a83499852bf7a62f4f0887a036a7a1989c096fd977763685c230616429a4840636d0f0cc9eb9f19c415271fade01a10eab5d92d2d3e8b
-
Filesize
40B
MD5f083bcd6a0628fa4aca1d134179c94f7
SHA1dad1bdfa0fa12bbf89581b0f2349d34d5e48c412
SHA256598abb8646aa2b6371f79de998960b5bc7a28e195a594ad15d8da9e86995892d
SHA51233d2a799420f46ee769a83499852bf7a62f4f0887a036a7a1989c096fd977763685c230616429a4840636d0f0cc9eb9f19c415271fade01a10eab5d92d2d3e8b
-
Filesize
173KB
MD5d3d1aff7a71e5f6f4537a0b3cbbd5c23
SHA182bbaa35980290986094ec5b2f33da17fe0e1ca8
SHA256d3ac13e9bebf6119830ea38adf6715f42a193e7cc5834087abcd77bec3c07291
SHA5129f5a8f657438a49e2b60db1372ced7edca4ca714efc63ff8791ff232d4252178b5a148a02b049f279007f095e7ac5b649367a2fb3dbffa14b39b637f1d30d42b
-
Filesize
1KB
MD57da2da10262b3d126947c5663c0f576a
SHA100dd04e477833707161e7a84578144babfe55acb
SHA256caf12b61acdaf0dbb394f4003b23610ef0b0e2101ac14c17b6a18650d15ae43f
SHA5128634a6731615b6fdd1342bfcccee5f7271e1fd7459dcd74011b64376380504574bb2602c8c6010d002d6793396b16ebf5a471576ca268b4b54bdda6eff248d81
-
Filesize
696B
MD5c62b029c3519d98f6ccffb367459b359
SHA143d5fff8f05900854e7b05ac3ce4ac2ded331c66
SHA2560682a69afa18bd350e177b8822dcfc1025e23cf2a55b683801e1fc0f11679129
SHA512bb2f9f6789d4218f9a9bd9337dfab4dab8fdc248df4bf72594684b01f3359a16a24de6acd5a44d936d59902771884fad721011da8d485f5e9bb26ae67d106512
-
Filesize
1KB
MD54373a64e2e79f1a77e46db10b03618f6
SHA11f575b5cfa097dc75df682aecdca66bc97d2ffe7
SHA2563f8cf3196a95a97f5ff56259b2592146840a4f1567ee5ef4318175427aaa4e18
SHA512ff34763051109a32e233d9b38a08373d9e388f86711fabcc920bafa1171c5bd85c524225bb72b10e817566566e2afd654a04f0427b2b6063f1b1c44d039c9522
-
Filesize
16B
MD546295cac801e5d4857d09837238a6394
SHA144e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA2560f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA5128969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23
-
Filesize
5KB
MD5b77273525b0fecde8c6fbd0b16581c2a
SHA1d5418024ae421aba077c776837e8805d04de4763
SHA25693ebbb72157011829cf9d61a1699cb5826ee3e65853699cd266b0cf82fece7ee
SHA51206c35500314769297c7384d7ac931d9a9192b710c9a967a8dcfd04a96d909f5fefcf5d1f2b459b8ba5218f17ab389233521a05f6516cb31f35265e0172268df0
-
Filesize
4KB
MD55a2a3a475d32a06d885d245fec2c6713
SHA156c6e3dc514baca5f52c219445c4a1d3b1af3d2a
SHA25628017af6c72b8871b7c9c22b1200e8a0df8147082615a2c26274cf136bfd22d0
SHA512c04c768e92d544d7adee15706e4e4262ea0ac84e0214bfa13391d25defd3adbd9b015773c1ed77fc9243825b4d4ff5571e1b0b1e6ef2e23f9d881a3adb83fa64
-
Filesize
4KB
MD5673af4b2cfb15ce5dc0841c1550ef972
SHA1b4d4905a41b2348a8268843baedcca7c414c9cd2
SHA25680fb094ffd665ef1d5f45fa6a1c1f2b3fa07364e4348f6b9d374cc96e7f3431e
SHA512581063eaf620754632d6b659cc6a604f68184cf6caefde996efc69e16ac93f243d714f6f483b72b9c56662fd7545750305331594f091246e896580be955e5a7f
-
Filesize
1KB
MD57bfb1f23b44f7ca33f3b2122a4e58f4a
SHA1267e3dc6b946fb699bc7f19ec287cf3bddce5961
SHA25649156a0e628329b74f88fd9f195a5fff5c7d5b4ce069ebe7e8d4b0a8b5bd6d83
SHA5125a5bd2a1fb2bf5470311309ea0478b2aba73c551e6a53debc14270d2f36b7bf6057a6bfbff9ec85a543e6b13421702201ad3faaaaf81c6f080ff888377d07c74
-
Filesize
1KB
MD5bdd8eb69f3ca6093d017106b0252606e
SHA1cfd4f21c91be7bd67bcf96500c5e1c03e6fc2929
SHA256b7876335521802455ddb2057f5a9741379b639842ae333e672e76d7e1dc8e46b
SHA512bcd9e18441642c49537b6d388309ba373806d6a5a5a0db64b5a4931dcb51708bb310e6db867e3a78a5d683a0b40e834caa04f093e53d9f2bb700b1362795194e
-
Filesize
1KB
MD525a81b937d8ac5ee4ad5ea5a15606d67
SHA1a9c6e0b3dba98a07804dc7aea7454f7c710bb62e
SHA2568a579fce4717ae54bf0ef7a86d6d8896c505a5842770d9207c92afb474cfe496
SHA512e6f4d00b5347b92f182c61e9d5040e8fe801ae5c1cefed874c1a01fa4e5e70081a37614b63fbee9754aba5b97bc2d8881cf7114e65a2c8ffa3910bc7bdad58fa
-
Filesize
1KB
MD51342b59484d82398a3854092c379a83f
SHA1b20f272a166d0458f199a71a4aaee8561eacbb55
SHA256a054675a238b7130a9dda51876b97b5e0074778b021906100458494b124035a3
SHA5123ba66e1c6cd14e75d630ad22c2221f902c2083cb25a2079a56162fa277ff050f48606357d630719a10e02f0310012f7f24538f445d0007d70d26ac7ae32e910f
-
Filesize
1KB
MD53355d9de037d7ea3700cb2d3bfb904f7
SHA16ef232bf21a8189a74c3c5df37d3c4fe7e5d131b
SHA256ad2442987693a9c50682fa7f7f565d3a9e941ffcc3a61c7b7519259ba3e2c4df
SHA5126e327ff83ee035dab82c51fe4c88412ff3418b6d7d59afecf5d2062b48f8e5a3ef9d0614c948c1b14d9fdba7a412bec5fe72d2c7d4de4f3bef82b28b79d40c33
-
Filesize
1KB
MD5f4f37d8780e630bc193b9c9ad7579e38
SHA1a9f10ffa6c2c78f52f6fe350bf5c4bb521e1b3e6
SHA256a716fb50720ba82d21d2098e7f76e25d5078877a9928ec1e6ce18f6243fd1cbc
SHA5129365ecf4eaff1fe6578889adf87afc2a07609663ace48ac46e9c3a4d94f86604918d47ceddac98143d8fd8cca52b64b67b7155a73c3e0828efc6b8056e8cbd45
-
Filesize
1KB
MD586da7431c6fd1b4f5e8e72a959df9de2
SHA139ae71a335c2e4bcb407b43495e520fa2a6d2242
SHA256ac2bf54979d0e02be6f4d72e318551b94a388227aa7e3139dc38274aadef5aad
SHA512a5736015f0c6d6bb1af304a9fed46cf7e124112ec1045ec9dca825f387c1ae5e6822a6e4d4cd70c3a29e9729356b2d0950d6565810ecd7362facfb49f9bab355
-
Filesize
7KB
MD59c808ea3dc2446443498c18949301ef8
SHA1942ff90515b9483c1b0a02363b06855f7870351a
SHA256ff1005c25fb81494ec41a39158c8f34f3cfdb5f02ba82095c0b486f808dc294e
SHA5121caa67463dd7b489f9e4b2ee0b0fd62d05322f5349dbb251ca2342a9d05edb9ed47355fbcf19c088f638ca0aefd0a50e9ad8622aaad61a3e390e3724ca7ddb5d
-
Filesize
7KB
MD5bd856b7e3b96fd19e2d0cb363307a436
SHA190ebaf5506109b6bde4ad60065852346a1d093e9
SHA256bbf07ecdf16e7a326c9a6428246de1215b962df004b95cb2540100995eee8c26
SHA5128ee0f23a2da7bc42e42c159542c29929a799c6fee539e9ebb311a3a7f1253c5b999abbd0a85b6a813295cf5f7b0c786bad100c9eedf63298b2335f56f2d35aef
-
Filesize
6KB
MD5e8f69e8d0b9033d91b326ac4b8099175
SHA15079dde922333ee8bc98ebc62dc6ea0f7382b8bc
SHA256e1dbad3c335acccbb9ba7dabc56981b851a6891063045b226f62cc304abaca0a
SHA512ebf084ace2b94ced5981b82c099a6aa4285466827bb4111064d498b9009c701c365aa9a5e666a1f187e2b09b45cc6af5665822eb77d52efd53662dd650fe610c
-
Filesize
7KB
MD55cd9b20c0cd75d52cb2520b7e8adf602
SHA1e081f432d8673bceb8f4fa359945aae4217ae870
SHA256eca072f2f41351708ae630f226ff1ae7351f7056906c483b7dc91f4377779284
SHA5129785023296eab9ba21bde271503d7143ca8ecac7f5b433afc540e8b74e838d4c514b1f521c09227f7f5e9d2261f7dd1543f9bdfb7526aca135f01265f4b7709a
-
Filesize
7KB
MD5398bd381da0e2a10b9040cb602ea3295
SHA1170d84bb4d4ddfca1ff76c117082915546ce74ee
SHA25633d1d1ebea735d3631639a7a8fe442fe31a71e29e4593dcee72ad3c9ecbfb7a7
SHA512e0850e8555c5cc79622b76f22f170ca23e13413024e603d68b581a8bbe97ab6acc9ddcd277c1a9ce0b9461a0c2be6245f96f11a46a84329e6675a74b88d0f6c9
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\MANIFEST-000001
Filesize41B
MD55af87dfd673ba2115e2fcf5cfdb727ab
SHA1d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
Filesize72B
MD557e7c1d36c0dbf9056b35b43b76a53dd
SHA1e257533ce78d49da3620aca7c8658d6f43c4eecf
SHA256128ec78d75876b8b8e5842a14be7e7d456aed1e7bbca39f21d23fb84c7174a5c
SHA5127d34a9ab3f41bd9fb7b94dc035aad2c2fea2415c984b436a3a35923d6d6f2bc7741c0197033cb0c279b47a5277b79fa405e4e96b944f16bec6f43c58a548fe15
-
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58af08.TMP
Filesize48B
MD55970af7a0ae0b340076326e3d8a694aa
SHA12ad2b6058006ec3d4a915aea9e81f9a596b66076
SHA256812f2f805522a7555e4bf05ed3b8a3de326c68d6922a5c26e3e5eb6ab4cc0031
SHA512098b42522b87326bb326a2b10b18940536ab795581a1731a2cf5906a837ba4cf6cfdb6e50a0011b9ae80bb5eff7bc1e77d0dc1d1aa2411be902198f583e00040
-
Filesize
87KB
MD5203a15395b96e5d482d3f2820151a567
SHA10cd0a805682e148081d5d85ca05d4aa7dd445eb8
SHA256683954bf495919a87bc81c888dc9e8f94ca2463d7a64d1524b9be7939f080510
SHA512321bc22d50e630338c3481b19cdbd07a437e949fdbd3b5768ac84d91642515bcac4cea56ff20caac06784b5185323be475a999d94bb062dceca2d27f600e309b
-
Filesize
87KB
MD5106e091f2b62348faa1472de2644a078
SHA1632a751b91b3e37f0be473d86abcd75d0535ca89
SHA256e0c056a8132c80b8a77e83ae0adaae0563a1b54e36c3affd454c05776e1f7b79
SHA512da17de1b9be8492dce1d71df4274e75125b6a4578de03278ea02e9d07978c300e659943a8aa5c5d438f059e9bfd4f0150ccf06556a4138e0a1e302e4f7af4f08
-
Filesize
87KB
MD5f8697c22e0bc58ba1dfecfe41a3ac89d
SHA1c56d68de7ac5fcc84b7032eb7afa9ca22621d305
SHA25607bc1d845d13718c12072f505f7cfe3b2d5596595fba6ec2799ac49855e80f55
SHA512a8ec2261775b033d9ecdaf60a12f9d5ad249aee391989b9ab47478d19dc226c4173b548148b989cbd083b2aaa884070d75c44460add0e6d3d57c289c48163362
-
Filesize
117KB
MD587140834637bcb106f8da5326ce6de04
SHA1a38f8ab39cb576b7992b74f996bcb2005bae886a
SHA256d89fe0a8b3369bc2952c5eb396924a624e665316ccf3ba148870b192a69b1855
SHA512c8462d3524e83c0a794c1e2cf3ef736272ab0396093cdcbf12ca050eae1e6fd373b1c98ea83b300d1783659354d143905f4a85c627a1788e67dc069fe4d91dd1
-
Filesize
110KB
MD5ad76fddb608978656d5fa473038c7fdf
SHA14609990c6d4b27bf74a60d0d0288595ea638b8c9
SHA25604e8423ab986f2dbf62b583de6074f19a0ee9eabb4236a5321d1452bc466eeef
SHA512308dd9eac8438e89c81dfffbd111bf89e91fe234a1bb264b4e614edf3312617e4f0805a5a248b798df95339f5a617720847ba80aab79b15b2595880c0728f6b6
-
Filesize
104KB
MD5452c7bd0a449f49802680a3a680b3a5b
SHA168c0397fdb5e154aa025dfd2c618dc21a62c2834
SHA2562e50a232840e1c77ef3117816bee788dbb92e2b025d7fe6c3a342a4c9b8acd60
SHA512f5a2b248f082cb3b7bf912e77d63937a6d5ff1300d0b4f57524a17e27f6c4acaab16143df73fc04a3cdfd697a2e36ca1015f667a1f81205ab92a38d07830dbc1
-
Filesize
2B
MD599914b932bd37a50b983c5e7c90ae93b
SHA1bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA25644136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA51227c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd
-
Filesize
815KB
MD51341a7db06d95d52a5702eef0c864cf6
SHA1378d7751911b0783a798c3bdd9616d6c684570fc
SHA2561b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6
SHA512c8ac4a9ab50cc5d60af97712dfe6836cd62e35e67471af2506e2779d2b9c2260aa3e88b95e9cb253a0b6d7b5cfb72ea4e328c809b6fea531627c620430168a0f
-
Filesize
815KB
MD51341a7db06d95d52a5702eef0c864cf6
SHA1378d7751911b0783a798c3bdd9616d6c684570fc
SHA2561b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6
SHA512c8ac4a9ab50cc5d60af97712dfe6836cd62e35e67471af2506e2779d2b9c2260aa3e88b95e9cb253a0b6d7b5cfb72ea4e328c809b6fea531627c620430168a0f
-
Filesize
815KB
MD51341a7db06d95d52a5702eef0c864cf6
SHA1378d7751911b0783a798c3bdd9616d6c684570fc
SHA2561b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6
SHA512c8ac4a9ab50cc5d60af97712dfe6836cd62e35e67471af2506e2779d2b9c2260aa3e88b95e9cb253a0b6d7b5cfb72ea4e328c809b6fea531627c620430168a0f
-
Filesize
815KB
MD51341a7db06d95d52a5702eef0c864cf6
SHA1378d7751911b0783a798c3bdd9616d6c684570fc
SHA2561b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6
SHA512c8ac4a9ab50cc5d60af97712dfe6836cd62e35e67471af2506e2779d2b9c2260aa3e88b95e9cb253a0b6d7b5cfb72ea4e328c809b6fea531627c620430168a0f
-
Filesize
815KB
MD51341a7db06d95d52a5702eef0c864cf6
SHA1378d7751911b0783a798c3bdd9616d6c684570fc
SHA2561b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6
SHA512c8ac4a9ab50cc5d60af97712dfe6836cd62e35e67471af2506e2779d2b9c2260aa3e88b95e9cb253a0b6d7b5cfb72ea4e328c809b6fea531627c620430168a0f