Resubmissions

03/08/2023, 21:22 UTC

230803-z79h3sgb67 7

03/08/2023, 21:17 UTC

230803-z48sdagb57 8

03/08/2023, 21:14 UTC

230803-z3rsgagb52 7

Analysis

  • max time kernel
    243s
  • max time network
    248s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/08/2023, 21:17 UTC

General

  • Target

    https://transfiles.ru/wjvp4

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Executes dropped EXE 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 5 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 12 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://transfiles.ru/wjvp4
    1⤵
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4992
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff950019758,0x7ff950019768,0x7ff950019778
      2⤵
        PID:4260
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1648 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:2
        2⤵
          PID:928
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:8
          2⤵
            PID:4252
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2232 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:8
            2⤵
              PID:4480
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3004 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:1
              2⤵
                PID:4124
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3012 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:1
                2⤵
                  PID:3536
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=5024 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:1
                  2⤵
                    PID:3428
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4792 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:1
                    2⤵
                      PID:2104
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4628 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:1
                      2⤵
                        PID:3492
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3916 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:1
                        2⤵
                          PID:4920
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5884 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:8
                          2⤵
                            PID:4500
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5848 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:8
                            2⤵
                              PID:4184
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6124 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:8
                              2⤵
                                PID:1380
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5148 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:8
                                2⤵
                                  PID:4872
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1000 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:8
                                  2⤵
                                    PID:5068
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5780 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:1
                                    2⤵
                                      PID:5044
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5800 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:1
                                      2⤵
                                        PID:3372
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6292 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:8
                                        2⤵
                                          PID:4408
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6428 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:8
                                          2⤵
                                            PID:4868
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:8
                                            2⤵
                                              PID:1612
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6416 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:8
                                              2⤵
                                                PID:1172
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6600 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:8
                                                2⤵
                                                  PID:1572
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6264 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:1
                                                  2⤵
                                                    PID:4292
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5992 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:1
                                                    2⤵
                                                      PID:2256
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6544 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:8
                                                      2⤵
                                                        PID:2104
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5316 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:8
                                                        2⤵
                                                          PID:368
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6488 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:2
                                                          2⤵
                                                          • Suspicious behavior: EnumeratesProcesses
                                                          PID:3124
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2372 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:8
                                                          2⤵
                                                            PID:1220
                                                          • C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe
                                                            "C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe"
                                                            2⤵
                                                            • Executes dropped EXE
                                                            • Suspicious behavior: EnumeratesProcesses
                                                            • Suspicious behavior: GetForegroundWindowSpam
                                                            • Suspicious use of SetWindowsHookEx
                                                            PID:2508
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5380 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:1
                                                            2⤵
                                                              PID:2092
                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=4896 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:1
                                                              2⤵
                                                                PID:1104
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1596 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:8
                                                                2⤵
                                                                  PID:1236
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6736 --field-trial-handle=364,i,12530926026554719188,11257064165664113937,131072 /prefetch:8
                                                                  2⤵
                                                                    PID:3804
                                                                • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                                                  "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                                                  1⤵
                                                                    PID:636
                                                                  • C:\Windows\system32\taskmgr.exe
                                                                    "C:\Windows\system32\taskmgr.exe" /4
                                                                    1⤵
                                                                    • Suspicious use of FindShellTrayWindow
                                                                    • Suspicious use of SendNotifyMessage
                                                                    PID:488
                                                                  • C:\Windows\System32\rundll32.exe
                                                                    C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                                                    1⤵
                                                                      PID:1120
                                                                    • C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe
                                                                      "C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe"
                                                                      1⤵
                                                                      • Executes dropped EXE
                                                                      • Suspicious behavior: GetForegroundWindowSpam
                                                                      • Suspicious use of SetWindowsHookEx
                                                                      PID:392
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe"
                                                                      1⤵
                                                                        PID:1816
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff950019758,0x7ff950019768,0x7ff950019778
                                                                          2⤵
                                                                            PID:4732
                                                                        • C:\Program Files\7-Zip\7zFM.exe
                                                                          "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe"
                                                                          1⤵
                                                                          • Suspicious behavior: GetForegroundWindowSpam
                                                                          PID:4436
                                                                          • C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe
                                                                            "C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe"
                                                                            2⤵
                                                                            • Executes dropped EXE
                                                                            • Suspicious behavior: GetForegroundWindowSpam
                                                                            • Suspicious use of SetWindowsHookEx
                                                                            PID:636
                                                                        • C:\Program Files\7-Zip\7zFM.exe
                                                                          "C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe"
                                                                          1⤵
                                                                          • Suspicious behavior: GetForegroundWindowSpam
                                                                          PID:3576

                                                                        Network

                                                                        • flag-us
                                                                          DNS
                                                                          transfiles.ru
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          transfiles.ru
                                                                          IN A
                                                                          Response
                                                                          transfiles.ru
                                                                          IN A
                                                                          157.90.215.152
                                                                        • flag-us
                                                                          DNS
                                                                          59.128.231.4.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          59.128.231.4.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                        • flag-us
                                                                          DNS
                                                                          254.23.238.8.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          254.23.238.8.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                        • flag-us
                                                                          DNS
                                                                          slscr.update.microsoft.com
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          slscr.update.microsoft.com
                                                                          IN A
                                                                          Response
                                                                          slscr.update.microsoft.com
                                                                          IN CNAME
                                                                          sls.update.microsoft.com
                                                                          sls.update.microsoft.com
                                                                          IN CNAME
                                                                          glb.sls.prod.dcat.dsp.trafficmanager.net
                                                                          glb.sls.prod.dcat.dsp.trafficmanager.net
                                                                          IN A
                                                                          20.12.23.50
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/css/jquery.bxslider.css
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /css/jquery.bxslider.css HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: text/css,*/*;q=0.1
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: style
                                                                          Referer: https://transfiles.ru/wjvp4
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:38 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Wed, 21 Apr 2021 17:24:25 GMT
                                                                          ETag: "efc-5c07ed597c1fd-gzip"
                                                                          Accept-Ranges: bytes
                                                                          Vary: Accept-Encoding
                                                                          Content-Encoding: gzip
                                                                          Content-Length: 1193
                                                                          Keep-Alive: timeout=10, max=100
                                                                          Connection: Keep-Alive
                                                                          Content-Type: text/css
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/css/common.css?rnd=5
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /css/common.css?rnd=5 HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: text/css,*/*;q=0.1
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: style
                                                                          Referer: https://transfiles.ru/wjvp4
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:38 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Wed, 21 Apr 2021 17:24:25 GMT
                                                                          ETag: "af66-5c07ed5934d67-gzip"
                                                                          Accept-Ranges: bytes
                                                                          Vary: Accept-Encoding
                                                                          Content-Encoding: gzip
                                                                          Content-Length: 8167
                                                                          Keep-Alive: timeout=10, max=99
                                                                          Connection: Keep-Alive
                                                                          Content-Type: text/css
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/js/functions.js?rnd=5
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /js/functions.js?rnd=5 HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: */*
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: script
                                                                          Referer: https://transfiles.ru/wjvp4
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:38 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Tue, 11 Jan 2022 00:02:37 GMT
                                                                          ETag: "31fa-5d5432bbec140-gzip"
                                                                          Accept-Ranges: bytes
                                                                          Vary: Accept-Encoding
                                                                          Content-Encoding: gzip
                                                                          Content-Length: 3612
                                                                          Keep-Alive: timeout=10, max=98
                                                                          Connection: Keep-Alive
                                                                          Content-Type: application/javascript
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/js/jquery.mCustomScrollbar.concat.min.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /js/jquery.mCustomScrollbar.concat.min.js HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: */*
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: script
                                                                          Referer: https://transfiles.ru/wjvp4
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:38 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Wed, 21 Apr 2021 17:27:35 GMT
                                                                          ETag: "9f96-5c07ee0e797e3-gzip"
                                                                          Accept-Ranges: bytes
                                                                          Vary: Accept-Encoding
                                                                          Content-Encoding: gzip
                                                                          Content-Length: 12352
                                                                          Keep-Alive: timeout=10, max=97
                                                                          Connection: Keep-Alive
                                                                          Content-Type: application/javascript
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/images/donate.png
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /images/donate.png HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: image
                                                                          Referer: https://transfiles.ru/css/common.css?rnd=5
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:39 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Wed, 21 Apr 2021 17:27:28 GMT
                                                                          ETag: "33f-5c07ee087c57b"
                                                                          Accept-Ranges: bytes
                                                                          Content-Length: 831
                                                                          Keep-Alive: timeout=10, max=96
                                                                          Connection: Keep-Alive
                                                                          Content-Type: image/png
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/wjvp4
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /wjvp4 HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Upgrade-Insecure-Requests: 1
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                          Sec-Fetch-Site: none
                                                                          Sec-Fetch-Mode: navigate
                                                                          Sec-Fetch-User: ?1
                                                                          Sec-Fetch-Dest: document
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:38 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Set-Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd; path=/
                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                          Pragma: no-cache
                                                                          Vary: Accept-Encoding
                                                                          Content-Encoding: gzip
                                                                          Content-Length: 5709
                                                                          Keep-Alive: timeout=10, max=100
                                                                          Connection: Keep-Alive
                                                                          Content-Type: text/html; charset=UTF-8
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/css/jquery.mCustomScrollbar.css
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /css/jquery.mCustomScrollbar.css HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: text/css,*/*;q=0.1
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: style
                                                                          Referer: https://transfiles.ru/wjvp4
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:38 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Wed, 21 Apr 2021 17:24:25 GMT
                                                                          ETag: "a871-5c07ed594d403-gzip"
                                                                          Accept-Ranges: bytes
                                                                          Vary: Accept-Encoding
                                                                          Content-Encoding: gzip
                                                                          Content-Length: 3989
                                                                          Keep-Alive: timeout=10, max=99
                                                                          Connection: Keep-Alive
                                                                          Content-Type: text/css
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/css/common_m.css?rnd=5
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /css/common_m.css?rnd=5 HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: text/css,*/*;q=0.1
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: style
                                                                          Referer: https://transfiles.ru/wjvp4
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:38 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Wed, 21 Apr 2021 17:24:24 GMT
                                                                          ETag: "35b2-5c07ed58e2cf2-gzip"
                                                                          Accept-Ranges: bytes
                                                                          Vary: Accept-Encoding
                                                                          Content-Encoding: gzip
                                                                          Content-Length: 2795
                                                                          Keep-Alive: timeout=10, max=98
                                                                          Connection: Keep-Alive
                                                                          Content-Type: text/css
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/js/jquery.bxslider.min.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /js/jquery.bxslider.min.js HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: */*
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: script
                                                                          Referer: https://transfiles.ru/wjvp4
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:38 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Wed, 21 Apr 2021 17:27:32 GMT
                                                                          ETag: "4b9f-5c07ee0bbc585-gzip"
                                                                          Accept-Ranges: bytes
                                                                          Vary: Accept-Encoding
                                                                          Content-Encoding: gzip
                                                                          Content-Length: 5162
                                                                          Keep-Alive: timeout=10, max=97
                                                                          Connection: Keep-Alive
                                                                          Content-Type: application/javascript
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/images/bg.jpg
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /images/bg.jpg HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: image
                                                                          Referer: https://transfiles.ru/css/common.css?rnd=5
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:38 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Wed, 21 Apr 2021 17:27:29 GMT
                                                                          ETag: "1430-5c07ee0893c77"
                                                                          Accept-Ranges: bytes
                                                                          Content-Length: 5168
                                                                          Keep-Alive: timeout=10, max=96
                                                                          Connection: Keep-Alive
                                                                          Content-Type: image/jpeg
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/images/abuse.png
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /images/abuse.png HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: image
                                                                          Referer: https://transfiles.ru/css/common.css?rnd=5
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:39 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Wed, 21 Apr 2021 17:27:28 GMT
                                                                          ETag: "4c6-5c07ee07ae4b8"
                                                                          Accept-Ranges: bytes
                                                                          Content-Length: 1222
                                                                          Keep-Alive: timeout=10, max=95
                                                                          Connection: Keep-Alive
                                                                          Content-Type: image/png
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/images/loader.gif
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /images/loader.gif HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: image
                                                                          Referer: https://transfiles.ru/css/common.css?rnd=5
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd; _ga=GA1.2.1270369092.1691097458; _gid=GA1.2.1248136478.1691097458; _gat=1
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:39 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Wed, 21 Apr 2021 17:27:25 GMT
                                                                          ETag: "c7d-5c07ee053c570"
                                                                          Accept-Ranges: bytes
                                                                          Content-Length: 3197
                                                                          Keep-Alive: timeout=10, max=94
                                                                          Connection: Keep-Alive
                                                                          Content-Type: image/gif
                                                                        • flag-de
                                                                          POST
                                                                          https://transfiles.ru/getFilelist
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          POST /getFilelist HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          Content-Length: 10
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          Accept: application/json, text/javascript, */*; q=0.01
                                                                          Content-Type: application/x-www-form-urlencoded; charset=UTF-8
                                                                          X-Requested-With: XMLHttpRequest
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Origin: https://transfiles.ru
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: cors
                                                                          Sec-Fetch-Dest: empty
                                                                          Referer: https://transfiles.ru/wjvp4
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd; _ga=GA1.2.1270369092.1691097458; _gid=GA1.2.1248136478.1691097458; _gat=1
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:39 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                          Pragma: no-cache
                                                                          Vary: Accept-Encoding
                                                                          Content-Encoding: gzip
                                                                          Content-Length: 165
                                                                          Keep-Alive: timeout=10, max=93
                                                                          Connection: Keep-Alive
                                                                          Content-Type: text/html; charset=UTF-8
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/images/btn_ok_passive.png
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /images/btn_ok_passive.png HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: image
                                                                          Referer: https://transfiles.ru/css/common.css?rnd=5
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd; _ga=GA1.2.1270369092.1691097458; _gid=GA1.2.1248136478.1691097458; _gat=1
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:39 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Wed, 21 Apr 2021 17:27:24 GMT
                                                                          ETag: "fb-5c07ee046c56d"
                                                                          Accept-Ranges: bytes
                                                                          Content-Length: 251
                                                                          Keep-Alive: timeout=10, max=92
                                                                          Connection: Keep-Alive
                                                                          Content-Type: image/png
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/images/favicon.png
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /images/favicon.png HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: image
                                                                          Referer: https://transfiles.ru/wjvp4
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd; _ga=GA1.2.1270369092.1691097458; _gid=GA1.2.1248136478.1691097458; _gat=1; _ym_uid=1691097458144275843; _ym_d=1691097458; _ga_FG4BQLH20C=GS1.2.1691097458.1.0.1691097458.0.0.0; _ym_isad=2; __gads=ID=ef8c860f8acb870b:T=1691097459:RT=1691097459:S=ALNI_MYueA0ER2uMeV-qX4lFKXl8ent2sA; __gpi=UID=00000c4bf83f0247:T=1691097459:RT=1691097459:S=ALNI_MYejE6JnNvOTJfQAu3txOlKg0V8Vg; _ym_visorc=w
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:41 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Wed, 21 Apr 2021 17:27:30 GMT
                                                                          ETag: "84f-5c07ee09c186d"
                                                                          Accept-Ranges: bytes
                                                                          Content-Length: 2127
                                                                          Keep-Alive: timeout=10, max=91
                                                                          Connection: Keep-Alive
                                                                          Content-Type: image/png
                                                                        • flag-us
                                                                          DNS
                                                                          apps.identrust.com
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          apps.identrust.com
                                                                          IN A
                                                                          Response
                                                                          apps.identrust.com
                                                                          IN CNAME
                                                                          identrust.edgesuite.net
                                                                          identrust.edgesuite.net
                                                                          IN CNAME
                                                                          a1952.dscq.akamai.net
                                                                          a1952.dscq.akamai.net
                                                                          IN A
                                                                          23.72.252.171
                                                                          a1952.dscq.akamai.net
                                                                          IN A
                                                                          23.72.252.163
                                                                        • flag-nl
                                                                          GET
                                                                          http://apps.identrust.com/roots/dstrootcax3.p7c
                                                                          chrome.exe
                                                                          Remote address:
                                                                          23.72.252.171:80
                                                                          Request
                                                                          GET /roots/dstrootcax3.p7c HTTP/1.1
                                                                          Connection: Keep-Alive
                                                                          Accept: */*
                                                                          User-Agent: Microsoft-CryptoAPI/10.0
                                                                          Host: apps.identrust.com
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          X-XSS-Protection: 1; mode=block
                                                                          Strict-Transport-Security: max-age=15768000
                                                                          X-Frame-Options: SAMEORIGIN
                                                                          X-Content-Type-Options: nosniff
                                                                          Content-Security-Policy: default-src 'self' *.identrust.com
                                                                          Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT
                                                                          ETag: "37d-5f433188daa00"
                                                                          Accept-Ranges: bytes
                                                                          Content-Length: 893
                                                                          X-Content-Type-Options: nosniff
                                                                          X-Frame-Options: sameorigin
                                                                          Content-Type: application/pkcs7-mime
                                                                          Cache-Control: max-age=3600
                                                                          Expires: Thu, 03 Aug 2023 22:17:38 GMT
                                                                          Date: Thu, 03 Aug 2023 21:17:38 GMT
                                                                          Connection: keep-alive
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/assets/504097ca/jquery.min.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /assets/504097ca/jquery.min.js HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: */*
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: script
                                                                          Referer: https://transfiles.ru/wjvp4
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:38 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Wed, 21 Apr 2021 18:54:34 GMT
                                                                          ETag: "16dc4-5c08017fc8490-gzip"
                                                                          Accept-Ranges: bytes
                                                                          Vary: Accept-Encoding
                                                                          Content-Encoding: gzip
                                                                          Content-Length: 33430
                                                                          Keep-Alive: timeout=10, max=100
                                                                          Connection: Keep-Alive
                                                                          Content-Type: application/javascript
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/js/download.js?rnd=5
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /js/download.js?rnd=5 HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: */*
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: script
                                                                          Referer: https://transfiles.ru/wjvp4
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:38 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Fri, 04 Mar 2022 10:57:11 GMT
                                                                          ETag: "5022-5d9626067efc0-gzip"
                                                                          Accept-Ranges: bytes
                                                                          Vary: Accept-Encoding
                                                                          Content-Encoding: gzip
                                                                          Content-Length: 4944
                                                                          Keep-Alive: timeout=10, max=99
                                                                          Connection: Keep-Alive
                                                                          Content-Type: application/javascript
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/securimage/show
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /securimage/show HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: image
                                                                          Referer: https://transfiles.ru/wjvp4
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:38 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                          Pragma: no-cache
                                                                          Last-Modified: Thu, 03 Aug 2023 21:17:38GMT
                                                                          Cache-Control: post-check=0, pre-check=0
                                                                          Keep-Alive: timeout=10, max=98
                                                                          Connection: Keep-Alive
                                                                          Transfer-Encoding: chunked
                                                                          Content-Type: image/png
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/images/logo_footer.png
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /images/logo_footer.png HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: image
                                                                          Referer: https://transfiles.ru/css/common.css?rnd=5
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:39 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Wed, 21 Apr 2021 17:27:24 GMT
                                                                          ETag: "418-5c07ee0483c6a"
                                                                          Accept-Ranges: bytes
                                                                          Content-Length: 1048
                                                                          Keep-Alive: timeout=10, max=97
                                                                          Connection: Keep-Alive
                                                                          Content-Type: image/png
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/images/ru.png
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /images/ru.png HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: image
                                                                          Referer: https://transfiles.ru/wjvp4
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:38 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Wed, 21 Apr 2021 17:27:31 GMT
                                                                          ETag: "e0-5c07ee0b1c31c"
                                                                          Accept-Ranges: bytes
                                                                          Content-Length: 224
                                                                          Keep-Alive: timeout=10, max=100
                                                                          Connection: Keep-Alive
                                                                          Content-Type: image/png
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/images/logo.png
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /images/logo.png HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: image
                                                                          Referer: https://transfiles.ru/css/common.css?rnd=5
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:38 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Wed, 21 Apr 2021 17:27:24 GMT
                                                                          ETag: "16c3-5c07ee041185a"
                                                                          Accept-Ranges: bytes
                                                                          Content-Length: 5827
                                                                          Keep-Alive: timeout=10, max=99
                                                                          Connection: Keep-Alive
                                                                          Content-Type: image/png
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/images/btn_qrcode.png
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /images/btn_qrcode.png HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: image
                                                                          Referer: https://transfiles.ru/css/common.css?rnd=5
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:39 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Wed, 21 Apr 2021 17:27:24 GMT
                                                                          ETag: "270-5c07ee03cc303"
                                                                          Accept-Ranges: bytes
                                                                          Content-Length: 624
                                                                          Keep-Alive: timeout=10, max=98
                                                                          Connection: Keep-Alive
                                                                          Content-Type: image/png
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/images/en.png
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /images/en.png HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: no-cors
                                                                          Sec-Fetch-Dest: image
                                                                          Referer: https://transfiles.ru/wjvp4
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:38 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Wed, 21 Apr 2021 17:27:25 GMT
                                                                          ETag: "2f6-5c07ee0525e13"
                                                                          Accept-Ranges: bytes
                                                                          Content-Length: 758
                                                                          Keep-Alive: timeout=10, max=100
                                                                          Connection: Keep-Alive
                                                                          Content-Type: image/png
                                                                        • flag-us
                                                                          DNS
                                                                          mc.yandex.ru
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          mc.yandex.ru
                                                                          IN A
                                                                          Response
                                                                          mc.yandex.ru
                                                                          IN A
                                                                          77.88.21.119
                                                                          mc.yandex.ru
                                                                          IN A
                                                                          93.158.134.119
                                                                          mc.yandex.ru
                                                                          IN A
                                                                          87.250.251.119
                                                                          mc.yandex.ru
                                                                          IN A
                                                                          87.250.250.119
                                                                        • flag-ru
                                                                          GET
                                                                          https://mc.yandex.ru/metrika/tag.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          77.88.21.119:443
                                                                          Request
                                                                          GET /metrika/tag.js HTTP/2.0
                                                                          host: mc.yandex.ru
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: cross-site
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://transfiles.ru/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          DNS
                                                                          content-autofill.googleapis.com
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          content-autofill.googleapis.com
                                                                          IN A
                                                                          Response
                                                                          content-autofill.googleapis.com
                                                                          IN A
                                                                          142.250.179.170
                                                                          content-autofill.googleapis.com
                                                                          IN A
                                                                          142.250.179.202
                                                                          content-autofill.googleapis.com
                                                                          IN A
                                                                          142.251.36.10
                                                                          content-autofill.googleapis.com
                                                                          IN A
                                                                          142.251.39.106
                                                                          content-autofill.googleapis.com
                                                                          IN A
                                                                          172.217.23.202
                                                                          content-autofill.googleapis.com
                                                                          IN A
                                                                          216.58.208.106
                                                                          content-autofill.googleapis.com
                                                                          IN A
                                                                          142.250.179.138
                                                                          content-autofill.googleapis.com
                                                                          IN A
                                                                          142.251.36.42
                                                                        • flag-us
                                                                          DNS
                                                                          10.36.251.142.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          10.36.251.142.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          10.36.251.142.in-addr.arpa
                                                                          IN PTR
                                                                          ams15s44-in-f101e100net
                                                                        • flag-us
                                                                          DNS
                                                                          152.215.90.157.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          152.215.90.157.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          152.215.90.157.in-addr.arpa
                                                                          IN PTR
                                                                          static15221590157clients your-serverde
                                                                        • flag-us
                                                                          DNS
                                                                          171.252.72.23.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          171.252.72.23.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          171.252.72.23.in-addr.arpa
                                                                          IN PTR
                                                                          a23-72-252-171deploystaticakamaitechnologiescom
                                                                        • flag-us
                                                                          DNS
                                                                          130.179.250.142.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          130.179.250.142.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          130.179.250.142.in-addr.arpa
                                                                          IN PTR
                                                                          ams17s10-in-f21e100net
                                                                        • flag-us
                                                                          DNS
                                                                          206.23.217.172.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          206.23.217.172.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          206.23.217.172.in-addr.arpa
                                                                          IN PTR
                                                                          prg03s05-in-f2061e100net
                                                                          206.23.217.172.in-addr.arpa
                                                                          IN PTR
                                                                          ams16s37-in-f14�J
                                                                          206.23.217.172.in-addr.arpa
                                                                          IN PTR
                                                                          prg03s05-in-f14�J
                                                                        • flag-us
                                                                          DNS
                                                                          119.21.88.77.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          119.21.88.77.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          119.21.88.77.in-addr.arpa
                                                                          IN PTR
                                                                          mcyandexru
                                                                        • flag-us
                                                                          DNS
                                                                          googleads.g.doubleclick.net
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          googleads.g.doubleclick.net
                                                                          IN A
                                                                          Response
                                                                          googleads.g.doubleclick.net
                                                                          IN A
                                                                          172.217.168.226
                                                                        • flag-nl
                                                                          GET
                                                                          https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSHglTPZVogpCqOBIFDbVO8OESBQ3pjHeIEgUNdV-5QQ==?alt=proto
                                                                          chrome.exe
                                                                          Remote address:
                                                                          142.250.179.170:443
                                                                          Request
                                                                          GET /v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSHglTPZVogpCqOBIFDbVO8OESBQ3pjHeIEgUNdV-5QQ==?alt=proto HTTP/2.0
                                                                          host: content-autofill.googleapis.com
                                                                          x-goog-encode-response-if-executable: base64
                                                                          x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                                                                          x-client-data: CJv6ygE=
                                                                          sec-fetch-site: none
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: empty
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-nl
                                                                          GET
                                                                          https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html
                                                                          chrome.exe
                                                                          Remote address:
                                                                          172.217.168.226:443
                                                                          Request
                                                                          GET /pagead/html/r20230802/r20190131/zrt_lookup.html HTTP/2.0
                                                                          host: googleads.g.doubleclick.net
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          sec-ch-ua-platform: "Windows"
                                                                          upgrade-insecure-requests: 1
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                          sec-fetch-site: cross-site
                                                                          sec-fetch-mode: navigate
                                                                          sec-fetch-dest: iframe
                                                                          referer: https://transfiles.ru/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          DNS
                                                                          mc.yandex.com
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          mc.yandex.com
                                                                          IN A
                                                                          Response
                                                                          mc.yandex.com
                                                                          IN CNAME
                                                                          mc.yandex.ru
                                                                          mc.yandex.ru
                                                                          IN A
                                                                          77.88.21.119
                                                                          mc.yandex.ru
                                                                          IN A
                                                                          87.250.251.119
                                                                          mc.yandex.ru
                                                                          IN A
                                                                          87.250.250.119
                                                                          mc.yandex.ru
                                                                          IN A
                                                                          93.158.134.119
                                                                        • flag-us
                                                                          DNS
                                                                          200.179.250.142.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          200.179.250.142.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          200.179.250.142.in-addr.arpa
                                                                          IN PTR
                                                                          ams15s42-in-f81e100net
                                                                        • flag-us
                                                                          DNS
                                                                          170.179.250.142.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          170.179.250.142.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          170.179.250.142.in-addr.arpa
                                                                          IN PTR
                                                                          ams15s41-in-f101e100net
                                                                        • flag-us
                                                                          DNS
                                                                          226.168.217.172.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          226.168.217.172.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          226.168.217.172.in-addr.arpa
                                                                          IN PTR
                                                                          ams15s40-in-f21e100net
                                                                        • flag-us
                                                                          DNS
                                                                          17.160.190.20.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          17.160.190.20.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                        • flag-us
                                                                          DNS
                                                                          www.googletagservices.com
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          www.googletagservices.com
                                                                          IN A
                                                                          Response
                                                                          www.googletagservices.com
                                                                          IN A
                                                                          142.250.179.162
                                                                        • flag-us
                                                                          DNS
                                                                          tpc.googlesyndication.com
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          tpc.googlesyndication.com
                                                                          IN A
                                                                          Response
                                                                          tpc.googlesyndication.com
                                                                          IN A
                                                                          142.251.36.1
                                                                        • flag-nl
                                                                          GET
                                                                          https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
                                                                          chrome.exe
                                                                          Remote address:
                                                                          142.250.179.162:443
                                                                          Request
                                                                          GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/2.0
                                                                          host: www.googletagservices.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: cross-site
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://googleads.g.doubleclick.net/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-nl
                                                                          GET
                                                                          https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          142.251.36.1:443
                                                                          Request
                                                                          GET /pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js HTTP/2.0
                                                                          host: tpc.googlesyndication.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: cross-site
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://googleads.g.doubleclick.net/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-nl
                                                                          GET
                                                                          https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          142.251.36.1:443
                                                                          Request
                                                                          GET /pagead/js/r20230802/r20110914/elements/html/fullscreen_api_adapter_fy2021.js HTTP/2.0
                                                                          host: tpc.googlesyndication.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: cross-site
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://googleads.g.doubleclick.net/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-nl
                                                                          GET
                                                                          https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/interstitial_ad_frame_fy2021.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          142.251.36.1:443
                                                                          Request
                                                                          GET /pagead/js/r20230802/r20110914/elements/html/interstitial_ad_frame_fy2021.js HTTP/2.0
                                                                          host: tpc.googlesyndication.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: cross-site
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://googleads.g.doubleclick.net/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          DNS
                                                                          95.221.229.192.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          95.221.229.192.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                        • flag-us
                                                                          DNS
                                                                          195.179.250.142.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          195.179.250.142.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          195.179.250.142.in-addr.arpa
                                                                          IN PTR
                                                                          ams15s42-in-f31e100net
                                                                        • flag-us
                                                                          DNS
                                                                          162.179.250.142.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          162.179.250.142.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          162.179.250.142.in-addr.arpa
                                                                          IN PTR
                                                                          ams15s41-in-f21e100net
                                                                        • flag-us
                                                                          DNS
                                                                          1.36.251.142.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          1.36.251.142.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          1.36.251.142.in-addr.arpa
                                                                          IN PTR
                                                                          ams15s44-in-f11e100net
                                                                        • flag-us
                                                                          DNS
                                                                          106.208.58.216.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          106.208.58.216.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          106.208.58.216.in-addr.arpa
                                                                          IN PTR
                                                                          sof01s11-in-f1061e100net
                                                                          106.208.58.216.in-addr.arpa
                                                                          IN PTR
                                                                          ams17s08-in-f10�J
                                                                        • flag-us
                                                                          DNS
                                                                          131.179.250.142.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          131.179.250.142.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          131.179.250.142.in-addr.arpa
                                                                          IN PTR
                                                                          ams17s10-in-f31e100net
                                                                        • flag-us
                                                                          DNS
                                                                          196.168.217.172.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          196.168.217.172.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          196.168.217.172.in-addr.arpa
                                                                          IN PTR
                                                                          ams16s32-in-f41e100net
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/manifest.json
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /manifest.json HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Accept: */*
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: cors
                                                                          Sec-Fetch-Dest: manifest
                                                                          Referer: https://transfiles.ru/wjvp4
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:17:41 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Last-Modified: Wed, 21 Apr 2021 17:25:59 GMT
                                                                          ETag: "c0-5c07edb300543"
                                                                          Accept-Ranges: bytes
                                                                          Content-Length: 192
                                                                          Keep-Alive: timeout=10, max=100
                                                                          Connection: Keep-Alive
                                                                          Content-Type: application/json
                                                                        • flag-us
                                                                          DNS
                                                                          208.194.73.20.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          208.194.73.20.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                        • flag-us
                                                                          DNS
                                                                          26.165.165.52.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          26.165.165.52.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                        • flag-us
                                                                          DNS
                                                                          157.102.250.142.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          157.102.250.142.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          157.102.250.142.in-addr.arpa
                                                                          IN PTR
                                                                          rb-in-f1571e100net
                                                                        • flag-us
                                                                          DNS
                                                                          198.187.3.20.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          198.187.3.20.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                        • flag-us
                                                                          DNS
                                                                          254.158.241.8.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          254.158.241.8.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                        • flag-de
                                                                          GET
                                                                          https://transfiles.ru/getFiles/3115092
                                                                          chrome.exe
                                                                          Remote address:
                                                                          157.90.215.152:443
                                                                          Request
                                                                          GET /getFiles/3115092 HTTP/1.1
                                                                          Host: transfiles.ru
                                                                          Connection: keep-alive
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          sec-ch-ua-platform: "Windows"
                                                                          Upgrade-Insecure-Requests: 1
                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                          Sec-Fetch-Site: same-origin
                                                                          Sec-Fetch-Mode: navigate
                                                                          Sec-Fetch-User: ?1
                                                                          Sec-Fetch-Dest: document
                                                                          Referer: https://transfiles.ru/wjvp4
                                                                          Accept-Encoding: gzip, deflate, br
                                                                          Accept-Language: en-US,en;q=0.9
                                                                          Cookie: PHPSESSID=ovnnumpoic39f54thdmido67gd; _ga=GA1.2.1270369092.1691097458; _gid=GA1.2.1248136478.1691097458; _gat=1; _ym_uid=1691097458144275843; _ym_d=1691097458; _ga_FG4BQLH20C=GS1.2.1691097458.1.0.1691097458.0.0.0; _ym_isad=2; __gads=ID=ef8c860f8acb870b:T=1691097459:RT=1691097459:S=ALNI_MYueA0ER2uMeV-qX4lFKXl8ent2sA; __gpi=UID=00000c4bf83f0247:T=1691097459:RT=1691097459:S=ALNI_MYejE6JnNvOTJfQAu3txOlKg0V8Vg; _ym_visorc=w
                                                                          Response
                                                                          HTTP/1.1 200 OK
                                                                          Date: Thu, 03 Aug 2023 21:18:25 GMT
                                                                          Server: Apache/2.4.41 (Ubuntu)
                                                                          Expires: 0
                                                                          Cache-Control: must-revalidate
                                                                          Pragma: public
                                                                          Content-Description: File Transfer
                                                                          Content-Disposition: attachment; filename="CoolSoftWare 2.1.exe"
                                                                          Content-Transfer-Encoding: binary
                                                                          Content-Length: 835072
                                                                          Keep-Alive: timeout=10, max=100
                                                                          Connection: Keep-Alive
                                                                          Content-Type: application/octet-stream
                                                                        • flag-us
                                                                          DNS
                                                                          apis.google.com
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          apis.google.com
                                                                          IN A
                                                                          Response
                                                                          apis.google.com
                                                                          IN CNAME
                                                                          plus.l.google.com
                                                                          plus.l.google.com
                                                                          IN A
                                                                          172.217.23.206
                                                                        • flag-us
                                                                          DNS
                                                                          virustotal.com
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          virustotal.com
                                                                          IN A
                                                                          Response
                                                                          virustotal.com
                                                                          IN A
                                                                          216.239.32.21
                                                                          virustotal.com
                                                                          IN A
                                                                          216.239.36.21
                                                                          virustotal.com
                                                                          IN A
                                                                          216.239.34.21
                                                                          virustotal.com
                                                                          IN A
                                                                          216.239.38.21
                                                                        • flag-us
                                                                          GET
                                                                          https://virustotal.com/
                                                                          chrome.exe
                                                                          Remote address:
                                                                          216.239.32.21:443
                                                                          Request
                                                                          GET / HTTP/2.0
                                                                          host: virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          sec-ch-ua-platform: "Windows"
                                                                          upgrade-insecure-requests: 1
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                          sec-ch-ua-arch: "x86"
                                                                          sec-ch-ua-platform-version: "10.0.0"
                                                                          sec-ch-ua-model: ""
                                                                          sec-ch-ua-bitness: "64"
                                                                          sec-ch-ua-wow64: ?0
                                                                          sec-ch-ua-full-version-list: "Chromium";v="106.0.5249.119", "Google Chrome";v="106.0.5249.119", "Not;A=Brand";v="99.0.0.0"
                                                                          sec-fetch-site: none
                                                                          sec-fetch-mode: navigate
                                                                          sec-fetch-user: ?1
                                                                          sec-fetch-dest: document
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          DNS
                                                                          www.virustotal.com
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          www.virustotal.com
                                                                          IN A
                                                                          Response
                                                                          www.virustotal.com
                                                                          IN CNAME
                                                                          ghs-svc-https-c46.ghs-ssl.googlehosted.com
                                                                          ghs-svc-https-c46.ghs-ssl.googlehosted.com
                                                                          IN A
                                                                          74.125.34.46
                                                                        • flag-us
                                                                          DNS
                                                                          www.virustotal.com
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          www.virustotal.com
                                                                          IN A
                                                                          Response
                                                                          www.virustotal.com
                                                                          IN CNAME
                                                                          ghs-svc-https-c46.ghs-ssl.googlehosted.com
                                                                          ghs-svc-https-c46.ghs-ssl.googlehosted.com
                                                                          IN A
                                                                          74.125.34.46
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/ HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          upgrade-insecure-requests: 1
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-ch-ua-arch: "x86"
                                                                          sec-ch-ua-platform-version: "10.0.0"
                                                                          sec-ch-ua-model: ""
                                                                          sec-ch-ua-bitness: "64"
                                                                          sec-ch-ua-wow64: ?0
                                                                          sec-ch-ua-full-version-list: "Chromium";v="106.0.5249.119", "Google Chrome";v="106.0.5249.119", "Not;A=Brand";v="99.0.0.0"
                                                                          sec-fetch-site: none
                                                                          sec-fetch-mode: navigate
                                                                          sec-fetch-user: ?1
                                                                          sec-fetch-dest: document
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/static/fonts/iosevka-regular.woff2
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/static/fonts/iosevka-regular.woff2 HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          origin: https://www.virustotal.com
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: font
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/static/fonts/googlesans-regular.ttf
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/static/fonts/googlesans-regular.ttf HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          origin: https://www.virustotal.com
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: font
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/static/fonts/codicon.ttf
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/static/fonts/codicon.ttf HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          origin: https://www.virustotal.com
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: font
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/main.f914c13c358c6a73a542.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/main.f914c13c358c6a73a542.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/images/logo.svg
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/images/logo.svg HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: image
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/images/omnibar/vt_logo.svg
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/images/omnibar/vt_logo.svg HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: image
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/stackdriver-errors.891ec2baabef1d8e82de.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/stackdriver-errors.891ec2baabef1d8e82de.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          POST
                                                                          https://www.virustotal.com/ui/signin
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          POST /ui/signin HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          content-length: 4
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTI1MzAzMTk2NjAtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTExLjEyMw==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          origin: https://www.virustotal.com
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/user_notifications
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/user_notifications HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTI1NzEwMDM1ODYtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTExLjEyMw==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/search_modifiers
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/search_modifiers HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTYxMzQ1Mjk4NDEtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTExLjEyMw==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/33789.829134f57ebdda3078af.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/33789.829134f57ebdda3078af.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/18777.31a2c69a3cbb443a8e98.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/18777.31a2c69a3cbb443a8e98.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/66838.0137f6569d7b4286c625.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/66838.0137f6569d7b4286c625.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/cookie_disclaimer
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/cookie_disclaimer HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTM0ODk3OTI5NjktWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTExLjEyOQ==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/images/ioc-screen-dark.png
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/images/ioc-screen-dark.png HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: image
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/images/ioc-screen.png
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/images/ioc-screen.png HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: image
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/vt-ui-shell-extra-deps.5fbf3d624c4bcd15f231.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/vt-ui-shell-extra-deps.5fbf3d624c4bcd15f231.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/vt-ui-sw-installer.a88b3e9d68d3f41dac8d.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/vt-ui-sw-installer.a88b3e9d68d3f41dac8d.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/static/qrcode.min.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/static/qrcode.min.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/static/opensearch.xml
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/static/opensearch.xml HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: empty
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/images/favicon.png
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/images/favicon.png HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: image
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097512.60.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/service-worker.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/service-worker.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          cache-control: max-age=0
                                                                          accept: */*
                                                                          service-worker: script
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: same-origin
                                                                          sec-fetch-dest: serviceworker
                                                                          referer: https://www.virustotal.com/
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097512.60.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/sha256.worker.a6e2f1b9e97a4ea0b474.worker.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/sha256.worker.a6e2f1b9e97a4ea0b474.worker.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: same-origin
                                                                          sec-fetch-dest: worker
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097512.60.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/images/manifest/icon-192x192.png
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/images/manifest/icon-192x192.png HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: image
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6 HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTc0Njc5NzM1MDQtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTEzLjIyMw==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/monaco-editor-admin-0~admin-2~admin-4~admin-8~admin-12~admin-16~admin-24~admin-30~~~~~~~~~~~~~~-editor.main.css.13e4534f9a12c9bf1a94.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/monaco-editor-admin-0~admin-2~admin-4~admin-8~admin-12~admin-16~admin-24~admin-30~~~~~~~~~~~~~~-editor.main.css.13e4534f9a12c9bf1a94.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/93664.2226078913b58c7e18dc.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/93664.2226078913b58c7e18dc.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/29205.1c5bd79b21ec062954b4.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/29205.1c5bd79b21ec062954b4.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/94813.9bd18d8d996ed34a07f2.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/94813.9bd18d8d996ed34a07f2.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/996.0d70a6287eb58d2388d8.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/996.0d70a6287eb58d2388d8.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/52026.f1cc6a3783f6955e9d8b.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/52026.f1cc6a3783f6955e9d8b.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/36791.331433846b5cd7e6df7b.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/36791.331433846b5cd7e6df7b.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/35123.dc13bf2d1a9b5033fdf0.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/35123.dc13bf2d1a9b5033fdf0.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/44312.f34be3560892956062a3.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/44312.f34be3560892956062a3.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/329.79d3014c11298ed4896a.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/329.79d3014c11298ed4896a.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/40414.4dcf9cb2a471223691b6.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/40414.4dcf9cb2a471223691b6.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/36372.cda980d85347a3006ca1.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/36372.cda980d85347a3006ca1.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/42942.004dc106c9871dd5e7d9.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/42942.004dc106c9871dd5e7d9.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/63220.dcfe83ed55957b0479a7.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/63220.dcfe83ed55957b0479a7.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/92151.5debb07ff5f3dfe90e74.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/92151.5debb07ff5f3dfe90e74.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/27806.d7627d69bef749540743.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/27806.d7627d69bef749540743.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/52985.fd200fddb2662387c0fc.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/52985.fd200fddb2662387c0fc.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/2782.679f0815cff017ff4688.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/2782.679f0815cff017ff4688.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/69589.c52f0ad14713cba70612.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/69589.c52f0ad14713cba70612.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/64382.37e175fa0d6e9418c252.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/64382.37e175fa0d6e9418c252.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/29409.4c427ab433c0ae80ffcc.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/29409.4c427ab433c0ae80ffcc.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/50974.3fc0be2bd591ebd6e7f9.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/50974.3fc0be2bd591ebd6e7f9.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/21715.b4455da21d7fbec85695.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/21715.b4455da21d7fbec85695.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/25606.ad86380b59be7ecf7b2a.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/25606.ad86380b59be7ecf7b2a.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/84825.6c03f97e8ea93ee3bc3a.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/84825.6c03f97e8ea93ee3bc3a.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/72421.ab03439c8386f9373d96.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/72421.ab03439c8386f9373d96.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/1743.f9efb24e0fdf2e6a49de.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/1743.f9efb24e0fdf2e6a49de.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/81702.495b35dc2aca50425591.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/81702.495b35dc2aca50425591.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/92359.a60f9d9552b9bb2acabd.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/92359.a60f9d9552b9bb2acabd.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/81581.587df007a543623d0ccb.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/81581.587df007a543623d0ccb.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.0.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/files/submission/challenge
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/files/submission/challenge HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          cache-control: no-cache
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTA4NTQzMDc5MzYtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTEzLjczOA==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6 HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTY1NjY2NzExNDctWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE0LjA4Mg==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/icon.types-peexe.34670b381aaaa83f80c2.js
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/icon.types-peexe.34670b381aaaa83f80c2.js HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
                                                                        • flag-us
                                                                          POST
                                                                          https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/submissions/add
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          POST /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/submissions/add HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          content-length: 144
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTM0ODcyNDI2OTItWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE0Ljk0Nw==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          origin: https://www.virustotal.com
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/dropped_files
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/dropped_files HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTMzMTMyNjQ1MTctWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjQxNg==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/contacted_urls
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/contacted_urls HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTM0NDg0MTc1ODYtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjQxNw==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/contacted_domains
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/contacted_domains HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTA3NTU5NTI3NDUtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjQxNw==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/contacted_ips
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/contacted_ips HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTA0NzQzMzI5MDMtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjQyMQ==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/execution_parents
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/execution_parents HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTMyMTU1NjM2NTctWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjQyMg==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/pe_resource_parents
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/pe_resource_parents HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTgwMzg5MjIwNDQtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjQyMg==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/bundled_files
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/bundled_files HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTAwNjEyOTMzODQtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjQyNA==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/pe_resource_children
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/pe_resource_children HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTcxNTQ5MjkwMjEtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjQyNA==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/behaviour_mitre_trees
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/behaviour_mitre_trees HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTc5MjM0MjcyMDgtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjUzMw==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/mitre_format?link=true
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/mitre_format?link=true HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTUyODQxNjE1NDMtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjUzNA==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/behaviours?limit=40
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/behaviours?limit=40 HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTk4NTY0ODgzNDAtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjUzOA==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/votes?relationships=item%2Cvoter
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/votes?relationships=item%2Cvoter HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTkwNzYwODkzNTMtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjU0Mw==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/comments?relationships=item%2Cauthor
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/comments?relationships=item%2Cauthor HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTg2MTQ3MTk4NDgtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjU1Mw==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/graphs?relationships=owner%2Cviewers%2Ceditors
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/graphs?relationships=owner%2Cviewers%2Ceditors HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTQ5NTY4NDc3NzUtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTE1LjU1NA==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
                                                                        • flag-us
                                                                          POST
                                                                          https://www.virustotal.com/ui/collect
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          POST /ui/collect HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          content-length: 11
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          x-app-version: v1x203x4
                                                                          x-tool: vt-ui-main
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: application/json
                                                                          accept: application/json
                                                                          accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                                          x-vt-anti-abuse-header: MTI1NTEwMDA3NTMtWkc5dWRDQmlaU0JsZG1scy0xNjkxMDk3NTQ3LjYyOA==
                                                                          sec-ch-ua-platform: "Windows"
                                                                          origin: https://www.virustotal.com
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: _ga=GA1.2.1600203771.1691097512
                                                                          cookie: _gid=GA1.2.1310385550.1691097512
                                                                          cookie: _gat=1
                                                                          cookie: _ga_BLNDV9X2JR=GS1.2.1691097512.1.1.1691097513.59.0.0
                                                                        • flag-us
                                                                          DNS
                                                                          21.32.239.216.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          21.32.239.216.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          21.32.239.216.in-addr.arpa
                                                                          IN PTR
                                                                          any-in-20151e100net
                                                                        • flag-us
                                                                          DNS
                                                                          www.recaptcha.net
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          www.recaptcha.net
                                                                          IN A
                                                                          Response
                                                                          www.recaptcha.net
                                                                          IN A
                                                                          142.250.179.163
                                                                        • flag-nl
                                                                          GET
                                                                          https://www.recaptcha.net/recaptcha/api.js?render=explicit
                                                                          chrome.exe
                                                                          Remote address:
                                                                          142.250.179.163:443
                                                                          Request
                                                                          GET /recaptcha/api.js?render=explicit HTTP/2.0
                                                                          host: www.recaptcha.net
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: cross-site
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          DNS
                                                                          recaptcha.net
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          recaptcha.net
                                                                          IN A
                                                                          Response
                                                                          recaptcha.net
                                                                          IN A
                                                                          142.251.39.99
                                                                        • flag-nl
                                                                          GET
                                                                          https://recaptcha.net/recaptcha/api.js?render=explicit
                                                                          chrome.exe
                                                                          Remote address:
                                                                          142.251.39.99:443
                                                                          Request
                                                                          GET /recaptcha/api.js?render=explicit HTTP/2.0
                                                                          host: recaptcha.net
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: cross-site
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: script
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          DNS
                                                                          46.34.125.74.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          46.34.125.74.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          46.34.125.74.in-addr.arpa
                                                                          IN PTR
                                                                          ghs-vip-any-c46ghs-ssl googlehostedcom
                                                                        • flag-us
                                                                          DNS
                                                                          163.179.250.142.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          163.179.250.142.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          163.179.250.142.in-addr.arpa
                                                                          IN PTR
                                                                          ams15s41-in-f31e100net
                                                                        • flag-us
                                                                          DNS
                                                                          99.39.251.142.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          99.39.251.142.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          99.39.251.142.in-addr.arpa
                                                                          IN PTR
                                                                          ams15s48-in-f31e100net
                                                                        • flag-us
                                                                          DNS
                                                                          analytics.google.com
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          analytics.google.com
                                                                          IN A
                                                                          Response
                                                                          analytics.google.com
                                                                          IN CNAME
                                                                          analytics-alv.google.com
                                                                          analytics-alv.google.com
                                                                          IN A
                                                                          216.239.36.181
                                                                          analytics-alv.google.com
                                                                          IN A
                                                                          216.239.32.181
                                                                          analytics-alv.google.com
                                                                          IN A
                                                                          216.239.38.181
                                                                          analytics-alv.google.com
                                                                          IN A
                                                                          216.239.34.181
                                                                        • flag-us
                                                                          DNS
                                                                          stats.g.doubleclick.net
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          stats.g.doubleclick.net
                                                                          IN A
                                                                          Response
                                                                          stats.g.doubleclick.net
                                                                          IN A
                                                                          142.250.102.157
                                                                          stats.g.doubleclick.net
                                                                          IN A
                                                                          142.250.102.156
                                                                          stats.g.doubleclick.net
                                                                          IN A
                                                                          142.250.102.155
                                                                          stats.g.doubleclick.net
                                                                          IN A
                                                                          142.250.102.154
                                                                        • flag-us
                                                                          POST
                                                                          https://analytics.google.com/g/collect?v=2&tid=G-BLNDV9X2JR&gtm=45je3820&_p=2082768090&_gaz=1&ul=en-us&sr=1280x720&cid=1600203771.1691097512&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.virustotal.com%2Fgui%2Fhome%2Fupload&dt=VirusTotal%20-%20Home&sid=1691097512&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
                                                                          chrome.exe
                                                                          Remote address:
                                                                          216.239.36.181:443
                                                                          Request
                                                                          POST /g/collect?v=2&tid=G-BLNDV9X2JR&gtm=45je3820&_p=2082768090&_gaz=1&ul=en-us&sr=1280x720&cid=1600203771.1691097512&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.virustotal.com%2Fgui%2Fhome%2Fupload&dt=VirusTotal%20-%20Home&sid=1691097512&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/2.0
                                                                          host: analytics.google.com
                                                                          content-length: 0
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          origin: https://www.virustotal.com
                                                                          sec-fetch-site: cross-site
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-nl
                                                                          POST
                                                                          https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BLNDV9X2JR&cid=1600203771.1691097512&gtm=45je3820&aip=1
                                                                          chrome.exe
                                                                          Remote address:
                                                                          142.250.102.157:443
                                                                          Request
                                                                          POST /g/collect?v=2&tid=G-BLNDV9X2JR&cid=1600203771.1691097512&gtm=45je3820&aip=1 HTTP/2.0
                                                                          host: stats.g.doubleclick.net
                                                                          content-length: 0
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          origin: https://www.virustotal.com
                                                                          sec-fetch-site: cross-site
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: DSID=NO_DATA
                                                                          cookie: IDE=AHWqTUmQKZxHcR7Wk3qlxeFd3XFrJz31Q3yeOFbq5BZKBzKCm_4p_elH4BHrlMSM2WY
                                                                        • flag-us
                                                                          DNS
                                                                          181.36.239.216.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          181.36.239.216.in-addr.arpa
                                                                          IN PTR
                                                                        • flag-us
                                                                          DNS
                                                                          181.36.239.216.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          181.36.239.216.in-addr.arpa
                                                                          IN PTR
                                                                        • flag-us
                                                                          DNS
                                                                          181.36.239.216.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          181.36.239.216.in-addr.arpa
                                                                          IN PTR
                                                                        • flag-us
                                                                          DNS
                                                                          181.36.239.216.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          181.36.239.216.in-addr.arpa
                                                                          IN PTR
                                                                        • flag-us
                                                                          DNS
                                                                          181.36.239.216.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          181.36.239.216.in-addr.arpa
                                                                          IN PTR
                                                                        • flag-us
                                                                          GET
                                                                          https://www.virustotal.com/gui/manifest.json
                                                                          chrome.exe
                                                                          Remote address:
                                                                          74.125.34.46:443
                                                                          Request
                                                                          GET /gui/manifest.json HTTP/2.0
                                                                          host: www.virustotal.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: */*
                                                                          sec-fetch-site: same-origin
                                                                          sec-fetch-mode: cors
                                                                          sec-fetch-dest: manifest
                                                                          referer: https://www.virustotal.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          DNS
                                                                          beacons.gcp.gvt2.com
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          beacons.gcp.gvt2.com
                                                                          IN A
                                                                          Response
                                                                          beacons.gcp.gvt2.com
                                                                          IN CNAME
                                                                          beacons-handoff.gcp.gvt2.com
                                                                          beacons-handoff.gcp.gvt2.com
                                                                          IN CNAME
                                                                          gce-beacons.gcp.gvt2.com
                                                                          gce-beacons.gcp.gvt2.com
                                                                          IN A
                                                                          35.190.89.216
                                                                        • flag-us
                                                                          POST
                                                                          https://beacons.gcp.gvt2.com/domainreliability/upload
                                                                          chrome.exe
                                                                          Remote address:
                                                                          35.190.89.216:443
                                                                          Request
                                                                          POST /domainreliability/upload HTTP/2.0
                                                                          host: beacons.gcp.gvt2.com
                                                                          content-length: 279
                                                                          content-type: application/json; charset=utf-8
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          POST
                                                                          https://beacons.gcp.gvt2.com/domainreliability/upload
                                                                          chrome.exe
                                                                          Remote address:
                                                                          35.190.89.216:443
                                                                          Request
                                                                          POST /domainreliability/upload HTTP/2.0
                                                                          host: beacons.gcp.gvt2.com
                                                                          content-length: 282
                                                                          content-type: application/json; charset=utf-8
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          DNS
                                                                          e2c2.gcp.gvt2.com
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          e2c2.gcp.gvt2.com
                                                                          IN A
                                                                          Response
                                                                          e2c2.gcp.gvt2.com
                                                                          IN A
                                                                          34.92.53.177
                                                                        • flag-hk
                                                                          POST
                                                                          https://e2c2.gcp.gvt2.com/nel/
                                                                          chrome.exe
                                                                          Remote address:
                                                                          34.92.53.177:443
                                                                          Request
                                                                          POST /nel/ HTTP/2.0
                                                                          host: e2c2.gcp.gvt2.com
                                                                          content-length: 279
                                                                          content-type: application/json; charset=utf-8
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          Response
                                                                          HTTP/2.0 204
                                                                          date: Thu, 03 Aug 2023 21:18:41 GMT
                                                                        • flag-us
                                                                          DNS
                                                                          b1.nel.goog
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          b1.nel.goog
                                                                          IN A
                                                                          Response
                                                                          b1.nel.goog
                                                                          IN A
                                                                          172.217.169.35
                                                                        • flag-gb
                                                                          OPTIONS
                                                                          https://b1.nel.goog/upload/1/AOY7FlgW_DPI_M_ku3jQiDVmjQh2wSDmU8pgbNE7drTfIqW_MNkj1tHJxoPfgis07tP899jNHqa2Bk0Fspj8Ij4T0ZRTbCRZ4eKrVJ-rZaFDPX7LUKOUOK5wTriNoE6QiPG608ViOHhdMJcTxRo0DRxUePlfbY_OFSTRWI5mhfbBbJBNK215xoI0M7s4jRwQT_2xhBruRGWjhYDawaAwKYq3y68Td-NCyXTJGS3S
                                                                          chrome.exe
                                                                          Remote address:
                                                                          172.217.169.35:443
                                                                          Request
                                                                          OPTIONS /upload/1/AOY7FlgW_DPI_M_ku3jQiDVmjQh2wSDmU8pgbNE7drTfIqW_MNkj1tHJxoPfgis07tP899jNHqa2Bk0Fspj8Ij4T0ZRTbCRZ4eKrVJ-rZaFDPX7LUKOUOK5wTriNoE6QiPG608ViOHhdMJcTxRo0DRxUePlfbY_OFSTRWI5mhfbBbJBNK215xoI0M7s4jRwQT_2xhBruRGWjhYDawaAwKYq3y68Td-NCyXTJGS3S HTTP/2.0
                                                                          host: b1.nel.goog
                                                                          origin: https://beacons.gcp.gvt2.com
                                                                          access-control-request-method: POST
                                                                          access-control-request-headers: content-type
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          DNS
                                                                          216.89.190.35.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          216.89.190.35.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          216.89.190.35.in-addr.arpa
                                                                          IN PTR
                                                                          2168919035bcgoogleusercontentcom
                                                                        • flag-us
                                                                          DNS
                                                                          35.169.217.172.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          35.169.217.172.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          35.169.217.172.in-addr.arpa
                                                                          IN PTR
                                                                          lhr48s08-in-f31e100net
                                                                        • flag-us
                                                                          DNS
                                                                          177.53.92.34.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          177.53.92.34.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          177.53.92.34.in-addr.arpa
                                                                          IN PTR
                                                                          177539234bcgoogleusercontentcom
                                                                        • flag-us
                                                                          DNS
                                                                          233.141.123.20.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          233.141.123.20.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                        • flag-us
                                                                          DNS
                                                                          beacons.gvt2.com
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          beacons.gvt2.com
                                                                          IN A
                                                                          Response
                                                                          beacons.gvt2.com
                                                                          IN A
                                                                          216.58.204.67
                                                                        • flag-gb
                                                                          POST
                                                                          https://beacons.gvt2.com/domainreliability/upload
                                                                          chrome.exe
                                                                          Remote address:
                                                                          216.58.204.67:443
                                                                          Request
                                                                          POST /domainreliability/upload HTTP/2.0
                                                                          host: beacons.gvt2.com
                                                                          content-length: 279
                                                                          content-type: application/json; charset=utf-8
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          DNS
                                                                          67.204.58.216.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          67.204.58.216.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          67.204.58.216.in-addr.arpa
                                                                          IN PTR
                                                                          lhr25s13-in-f31e100net
                                                                          67.204.58.216.in-addr.arpa
                                                                          IN PTR
                                                                          lhr48s49-in-f3�G
                                                                          67.204.58.216.in-addr.arpa
                                                                          IN PTR
                                                                          lhr25s13-in-f67�G
                                                                        • flag-us
                                                                          DNS
                                                                          clients2.google.com
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          clients2.google.com
                                                                          IN A
                                                                          Response
                                                                          clients2.google.com
                                                                          IN CNAME
                                                                          clients.l.google.com
                                                                          clients.l.google.com
                                                                          IN A
                                                                          142.251.36.46
                                                                        • flag-nl
                                                                          OPTIONS
                                                                          https://clients2.google.com/domainreliability/upload-nel
                                                                          chrome.exe
                                                                          Remote address:
                                                                          142.251.36.46:443
                                                                          Request
                                                                          OPTIONS /domainreliability/upload-nel HTTP/2.0
                                                                          host: clients2.google.com
                                                                          origin: https://beacons.gvt2.com
                                                                          access-control-request-method: POST
                                                                          access-control-request-headers: content-type
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          DNS
                                                                          e2c26.gcp.gvt2.com
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          e2c26.gcp.gvt2.com
                                                                          IN A
                                                                          Response
                                                                          e2c26.gcp.gvt2.com
                                                                          IN A
                                                                          34.86.82.41
                                                                        • flag-us
                                                                          DNS
                                                                          46.36.251.142.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          46.36.251.142.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          46.36.251.142.in-addr.arpa
                                                                          IN PTR
                                                                          ams17s12-in-f141e100net
                                                                        • flag-us
                                                                          POST
                                                                          https://e2c26.gcp.gvt2.com/nel/
                                                                          chrome.exe
                                                                          Remote address:
                                                                          34.86.82.41:443
                                                                          Request
                                                                          POST /nel/ HTTP/2.0
                                                                          host: e2c26.gcp.gvt2.com
                                                                          content-length: 272
                                                                          content-type: application/json; charset=utf-8
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          Response
                                                                          HTTP/2.0 204
                                                                          date: Thu, 03 Aug 2023 21:19:41 GMT
                                                                        • flag-us
                                                                          DNS
                                                                          41.82.86.34.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          41.82.86.34.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          41.82.86.34.in-addr.arpa
                                                                          IN PTR
                                                                          41828634bcgoogleusercontentcom
                                                                        • flag-us
                                                                          DNS
                                                                          84.65.42.20.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          84.65.42.20.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                        • flag-us
                                                                          DNS
                                                                          ogs.google.com
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          ogs.google.com
                                                                          IN A
                                                                          Response
                                                                          ogs.google.com
                                                                          IN CNAME
                                                                          www3.l.google.com
                                                                          www3.l.google.com
                                                                          IN A
                                                                          142.250.179.206
                                                                        • flag-nl
                                                                          GET
                                                                          https://ogs.google.com/widget/app/so?awwd=1&gm3=1&origin=chrome-untrusted%3A%2F%2Fnew-tab-page&origin=chrome%3A%2F%2Fnew-tab-page&cn=app&pid=1&spid=243&hl=en
                                                                          chrome.exe
                                                                          Remote address:
                                                                          142.250.179.206:443
                                                                          Request
                                                                          GET /widget/app/so?awwd=1&gm3=1&origin=chrome-untrusted%3A%2F%2Fnew-tab-page&origin=chrome%3A%2F%2Fnew-tab-page&cn=app&pid=1&spid=243&hl=en HTTP/2.0
                                                                          host: ogs.google.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          sec-ch-ua-platform: "Windows"
                                                                          upgrade-insecure-requests: 1
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                          sec-fetch-site: cross-site
                                                                          sec-fetch-mode: navigate
                                                                          sec-fetch-dest: iframe
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          DNS
                                                                          ssl.gstatic.com
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          ssl.gstatic.com
                                                                          IN A
                                                                          Response
                                                                          ssl.gstatic.com
                                                                          IN A
                                                                          172.217.23.195
                                                                        • flag-de
                                                                          GET
                                                                          https://ssl.gstatic.com/gb/images/sprites/p_1x_bcbb8decf46e.png
                                                                          chrome.exe
                                                                          Remote address:
                                                                          172.217.23.195:443
                                                                          Request
                                                                          GET /gb/images/sprites/p_1x_bcbb8decf46e.png HTTP/2.0
                                                                          host: ssl.gstatic.com
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          sec-ch-ua-platform: "Windows"
                                                                          accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                          sec-fetch-site: cross-site
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: image
                                                                          referer: https://ogs.google.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                        • flag-us
                                                                          DNS
                                                                          206.179.250.142.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          206.179.250.142.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          206.179.250.142.in-addr.arpa
                                                                          IN PTR
                                                                          ams15s42-in-f141e100net
                                                                        • flag-us
                                                                          DNS
                                                                          195.23.217.172.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          195.23.217.172.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          195.23.217.172.in-addr.arpa
                                                                          IN PTR
                                                                          prg03s05-in-f1951e100net
                                                                          195.23.217.172.in-addr.arpa
                                                                          IN PTR
                                                                          ams16s37-in-f3�J
                                                                          195.23.217.172.in-addr.arpa
                                                                          IN PTR
                                                                          prg03s05-in-f3�J
                                                                        • flag-us
                                                                          DNS
                                                                          play.google.com
                                                                          chrome.exe
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          play.google.com
                                                                          IN A
                                                                          Response
                                                                          play.google.com
                                                                          IN A
                                                                          142.251.36.14
                                                                        • flag-nl
                                                                          POST
                                                                          https://play.google.com/log?hasfast=true&authuser=0&format=json
                                                                          chrome.exe
                                                                          Remote address:
                                                                          142.251.36.14:443
                                                                          Request
                                                                          POST /log?hasfast=true&authuser=0&format=json HTTP/2.0
                                                                          host: play.google.com
                                                                          content-length: 643
                                                                          sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                                          sec-ch-ua-platform: "Windows"
                                                                          sec-ch-ua-mobile: ?0
                                                                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                                          content-type: text/plain;charset=UTF-8
                                                                          accept: */*
                                                                          origin: https://ogs.google.com
                                                                          sec-fetch-site: same-site
                                                                          sec-fetch-mode: no-cors
                                                                          sec-fetch-dest: empty
                                                                          referer: https://ogs.google.com/
                                                                          accept-encoding: gzip, deflate, br
                                                                          accept-language: en-US,en;q=0.9
                                                                          cookie: NID=511=PKJhbvz3BOBWdao_2IsjrzE84Z3JUwLfak1z9CWVv4x2HgCYoE_gNt_PEZOOREzu9WLtU_Duc7U-ZNyRKfFJx2DPzg3oBkPPbZIfVYS5_5StjBwM8FM37jLYcEAbumADXfsuXTv3UpiEQDo5y--cyVkS5MCo1Y2oler1YA4-xLg
                                                                        • flag-us
                                                                          DNS
                                                                          14.36.251.142.in-addr.arpa
                                                                          Remote address:
                                                                          8.8.8.8:53
                                                                          Request
                                                                          14.36.251.142.in-addr.arpa
                                                                          IN PTR
                                                                          Response
                                                                          14.36.251.142.in-addr.arpa
                                                                          IN PTR
                                                                          ams15s44-in-f141e100net
                                                                        • 157.90.215.152:443
                                                                          https://transfiles.ru/images/donate.png
                                                                          tls, http
                                                                          chrome.exe
                                                                          5.0kB
                                                                          34.4kB
                                                                          29
                                                                          38

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/css/jquery.bxslider.css

                                                                          HTTP Response

                                                                          200

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/css/common.css?rnd=5

                                                                          HTTP Response

                                                                          200

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/js/functions.js?rnd=5

                                                                          HTTP Response

                                                                          200

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/js/jquery.mCustomScrollbar.concat.min.js

                                                                          HTTP Response

                                                                          200

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/images/donate.png

                                                                          HTTP Response

                                                                          200
                                                                        • 157.90.215.152:443
                                                                          https://transfiles.ru/images/favicon.png
                                                                          tls, http
                                                                          chrome.exe
                                                                          9.5kB
                                                                          40.2kB
                                                                          37
                                                                          48

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/wjvp4

                                                                          HTTP Response

                                                                          200

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/css/jquery.mCustomScrollbar.css

                                                                          HTTP Response

                                                                          200

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/css/common_m.css?rnd=5

                                                                          HTTP Response

                                                                          200

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/js/jquery.bxslider.min.js

                                                                          HTTP Response

                                                                          200

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/images/bg.jpg

                                                                          HTTP Response

                                                                          200

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/images/abuse.png

                                                                          HTTP Response

                                                                          200

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/images/loader.gif

                                                                          HTTP Response

                                                                          200

                                                                          HTTP Request

                                                                          POST https://transfiles.ru/getFilelist

                                                                          HTTP Response

                                                                          200

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/images/btn_ok_passive.png

                                                                          HTTP Response

                                                                          200

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/images/favicon.png

                                                                          HTTP Response

                                                                          200
                                                                        • 23.72.252.171:80
                                                                          http://apps.identrust.com/roots/dstrootcax3.p7c
                                                                          http
                                                                          chrome.exe
                                                                          468 B
                                                                          1.7kB
                                                                          7
                                                                          6

                                                                          HTTP Request

                                                                          GET http://apps.identrust.com/roots/dstrootcax3.p7c

                                                                          HTTP Response

                                                                          200
                                                                        • 157.90.215.152:443
                                                                          https://transfiles.ru/images/logo_footer.png
                                                                          tls, http
                                                                          chrome.exe
                                                                          4.9kB
                                                                          70.1kB
                                                                          39
                                                                          62

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/assets/504097ca/jquery.min.js

                                                                          HTTP Response

                                                                          200

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/js/download.js?rnd=5

                                                                          HTTP Response

                                                                          200

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/securimage/show

                                                                          HTTP Response

                                                                          200

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/images/logo_footer.png

                                                                          HTTP Response

                                                                          200
                                                                        • 157.90.215.152:443
                                                                          https://transfiles.ru/images/btn_qrcode.png
                                                                          tls, http
                                                                          chrome.exe
                                                                          3.3kB
                                                                          8.7kB
                                                                          16
                                                                          17

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/images/ru.png

                                                                          HTTP Response

                                                                          200

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/images/logo.png

                                                                          HTTP Response

                                                                          200

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/images/btn_qrcode.png

                                                                          HTTP Response

                                                                          200
                                                                        • 157.90.215.152:443
                                                                          https://transfiles.ru/images/en.png
                                                                          tls, http
                                                                          chrome.exe
                                                                          1.8kB
                                                                          6.4kB
                                                                          13
                                                                          15

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/images/en.png

                                                                          HTTP Response

                                                                          200
                                                                        • 157.90.215.152:443
                                                                          transfiles.ru
                                                                          tls
                                                                          chrome.exe
                                                                          897 B
                                                                          679 B
                                                                          7
                                                                          8
                                                                        • 77.88.21.119:443
                                                                          https://mc.yandex.ru/metrika/tag.js
                                                                          tls, http2
                                                                          chrome.exe
                                                                          78.0kB
                                                                          99.1kB
                                                                          168
                                                                          183

                                                                          HTTP Request

                                                                          GET https://mc.yandex.ru/metrika/tag.js
                                                                        • 142.250.179.170:443
                                                                          https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSHglTPZVogpCqOBIFDbVO8OESBQ3pjHeIEgUNdV-5QQ==?alt=proto
                                                                          tls, http2
                                                                          chrome.exe
                                                                          2.1kB
                                                                          7.3kB
                                                                          20
                                                                          21

                                                                          HTTP Request

                                                                          GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSHglTPZVogpCqOBIFDbVO8OESBQ3pjHeIEgUNdV-5QQ==?alt=proto
                                                                        • 172.217.168.226:443
                                                                          https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html
                                                                          tls, http2
                                                                          chrome.exe
                                                                          2.2kB
                                                                          11.9kB
                                                                          21
                                                                          22

                                                                          HTTP Request

                                                                          GET https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html
                                                                        • 142.250.179.162:443
                                                                          https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
                                                                          tls, http2
                                                                          chrome.exe
                                                                          2.9kB
                                                                          68.3kB
                                                                          38
                                                                          61

                                                                          HTTP Request

                                                                          GET https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
                                                                        • 142.251.36.1:443
                                                                          https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/interstitial_ad_frame_fy2021.js
                                                                          tls, http2
                                                                          chrome.exe
                                                                          3.0kB
                                                                          31.3kB
                                                                          37
                                                                          34

                                                                          HTTP Request

                                                                          GET https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/client/qs_click_protection_fy2021.js

                                                                          HTTP Request

                                                                          GET https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

                                                                          HTTP Request

                                                                          GET https://tpc.googlesyndication.com/pagead/js/r20230802/r20110914/elements/html/interstitial_ad_frame_fy2021.js
                                                                        • 142.251.36.1:443
                                                                          tpc.googlesyndication.com
                                                                          tls
                                                                          chrome.exe
                                                                          931 B
                                                                          4.8kB
                                                                          9
                                                                          7
                                                                        • 142.251.36.1:443
                                                                          tpc.googlesyndication.com
                                                                          tls
                                                                          chrome.exe
                                                                          931 B
                                                                          4.8kB
                                                                          9
                                                                          7
                                                                        • 157.90.215.152:443
                                                                          https://transfiles.ru/manifest.json
                                                                          tls, http
                                                                          chrome.exe
                                                                          1.7kB
                                                                          5.9kB
                                                                          13
                                                                          15

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/manifest.json

                                                                          HTTP Response

                                                                          200
                                                                        • 157.90.215.152:443
                                                                          https://transfiles.ru/getFiles/3115092
                                                                          tls, http
                                                                          chrome.exe
                                                                          16.6kB
                                                                          862.1kB
                                                                          324
                                                                          628

                                                                          HTTP Request

                                                                          GET https://transfiles.ru/getFiles/3115092

                                                                          HTTP Response

                                                                          200
                                                                        • 157.90.215.152:443
                                                                          transfiles.ru
                                                                          tls
                                                                          chrome.exe
                                                                          897 B
                                                                          679 B
                                                                          7
                                                                          8
                                                                        • 216.239.32.21:443
                                                                          https://virustotal.com/
                                                                          tls, http2
                                                                          chrome.exe
                                                                          2.1kB
                                                                          4.7kB
                                                                          15
                                                                          17

                                                                          HTTP Request

                                                                          GET https://virustotal.com/
                                                                        • 216.239.32.21:443
                                                                          virustotal.com
                                                                          tls, http2
                                                                          chrome.exe
                                                                          953 B
                                                                          3.9kB
                                                                          8
                                                                          7
                                                                        • 74.125.34.46:443
                                                                          https://www.virustotal.com/ui/collect
                                                                          tls, http2
                                                                          chrome.exe
                                                                          89.8kB
                                                                          3.0MB
                                                                          1654
                                                                          2511

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/static/fonts/iosevka-regular.woff2

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/static/fonts/googlesans-regular.ttf

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/static/fonts/codicon.ttf

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/main.f914c13c358c6a73a542.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/images/logo.svg

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/images/omnibar/vt_logo.svg

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/stackdriver-errors.891ec2baabef1d8e82de.js

                                                                          HTTP Request

                                                                          POST https://www.virustotal.com/ui/signin

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/user_notifications

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/search_modifiers

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/33789.829134f57ebdda3078af.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/18777.31a2c69a3cbb443a8e98.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/66838.0137f6569d7b4286c625.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/cookie_disclaimer

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/images/ioc-screen-dark.png

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/images/ioc-screen.png

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/vt-ui-shell-extra-deps.5fbf3d624c4bcd15f231.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/vt-ui-sw-installer.a88b3e9d68d3f41dac8d.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/static/qrcode.min.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/static/opensearch.xml

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/images/favicon.png

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/service-worker.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/sha256.worker.a6e2f1b9e97a4ea0b474.worker.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/images/manifest/icon-192x192.png

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/monaco-editor-admin-0~admin-2~admin-4~admin-8~admin-12~admin-16~admin-24~admin-30~~~~~~~~~~~~~~-editor.main.css.13e4534f9a12c9bf1a94.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/93664.2226078913b58c7e18dc.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/29205.1c5bd79b21ec062954b4.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/94813.9bd18d8d996ed34a07f2.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/996.0d70a6287eb58d2388d8.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/52026.f1cc6a3783f6955e9d8b.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/36791.331433846b5cd7e6df7b.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/35123.dc13bf2d1a9b5033fdf0.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/44312.f34be3560892956062a3.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/329.79d3014c11298ed4896a.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/40414.4dcf9cb2a471223691b6.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/36372.cda980d85347a3006ca1.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/42942.004dc106c9871dd5e7d9.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/63220.dcfe83ed55957b0479a7.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/92151.5debb07ff5f3dfe90e74.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/27806.d7627d69bef749540743.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/52985.fd200fddb2662387c0fc.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/2782.679f0815cff017ff4688.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/69589.c52f0ad14713cba70612.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/64382.37e175fa0d6e9418c252.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/29409.4c427ab433c0ae80ffcc.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/50974.3fc0be2bd591ebd6e7f9.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/21715.b4455da21d7fbec85695.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/25606.ad86380b59be7ecf7b2a.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/84825.6c03f97e8ea93ee3bc3a.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/72421.ab03439c8386f9373d96.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/1743.f9efb24e0fdf2e6a49de.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/81702.495b35dc2aca50425591.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/92359.a60f9d9552b9bb2acabd.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/81581.587df007a543623d0ccb.js

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/files/submission/challenge

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/icon.types-peexe.34670b381aaaa83f80c2.js

                                                                          HTTP Request

                                                                          POST https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/submissions/add

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/dropped_files

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/contacted_urls

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/contacted_domains

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/contacted_ips

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/execution_parents

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/pe_resource_parents

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/bundled_files

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/pe_resource_children

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/behaviour_mitre_trees

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/mitre_format?link=true

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/behaviours?limit=40

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/votes?relationships=item%2Cvoter

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/comments?relationships=item%2Cauthor

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/ui/files/1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6/graphs?relationships=owner%2Cviewers%2Ceditors

                                                                          HTTP Request

                                                                          POST https://www.virustotal.com/ui/collect
                                                                        • 142.250.179.163:443
                                                                          https://www.recaptcha.net/recaptcha/api.js?render=explicit
                                                                          tls, http2
                                                                          chrome.exe
                                                                          1.9kB
                                                                          14.4kB
                                                                          18
                                                                          24

                                                                          HTTP Request

                                                                          GET https://www.recaptcha.net/recaptcha/api.js?render=explicit
                                                                        • 142.251.39.99:443
                                                                          https://recaptcha.net/recaptcha/api.js?render=explicit
                                                                          tls, http2
                                                                          chrome.exe
                                                                          2.0kB
                                                                          14.4kB
                                                                          20
                                                                          24

                                                                          HTTP Request

                                                                          GET https://recaptcha.net/recaptcha/api.js?render=explicit
                                                                        • 216.239.36.181:443
                                                                          https://analytics.google.com/g/collect?v=2&tid=G-BLNDV9X2JR&gtm=45je3820&_p=2082768090&_gaz=1&ul=en-us&sr=1280x720&cid=1600203771.1691097512&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.virustotal.com%2Fgui%2Fhome%2Fupload&dt=VirusTotal%20-%20Home&sid=1691097512&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
                                                                          tls, http2
                                                                          chrome.exe
                                                                          2.2kB
                                                                          8.9kB
                                                                          16
                                                                          16

                                                                          HTTP Request

                                                                          POST https://analytics.google.com/g/collect?v=2&tid=G-BLNDV9X2JR&gtm=45je3820&_p=2082768090&_gaz=1&ul=en-us&sr=1280x720&cid=1600203771.1691097512&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.virustotal.com%2Fgui%2Fhome%2Fupload&dt=VirusTotal%20-%20Home&sid=1691097512&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
                                                                        • 142.250.102.157:443
                                                                          https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BLNDV9X2JR&cid=1600203771.1691097512&gtm=45je3820&aip=1
                                                                          tls, http2
                                                                          chrome.exe
                                                                          2.0kB
                                                                          6.8kB
                                                                          16
                                                                          18

                                                                          HTTP Request

                                                                          POST https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BLNDV9X2JR&cid=1600203771.1691097512&gtm=45je3820&aip=1
                                                                        • 74.125.34.46:443
                                                                          https://www.virustotal.com/gui/manifest.json
                                                                          tls, http2
                                                                          chrome.exe
                                                                          1.8kB
                                                                          5.2kB
                                                                          16
                                                                          19

                                                                          HTTP Request

                                                                          GET https://www.virustotal.com/gui/manifest.json
                                                                        • 35.190.89.216:443
                                                                          https://beacons.gcp.gvt2.com/domainreliability/upload
                                                                          tls, http2
                                                                          chrome.exe
                                                                          2.6kB
                                                                          7.1kB
                                                                          20
                                                                          19

                                                                          HTTP Request

                                                                          POST https://beacons.gcp.gvt2.com/domainreliability/upload

                                                                          HTTP Request

                                                                          POST https://beacons.gcp.gvt2.com/domainreliability/upload
                                                                        • 35.190.89.216:443
                                                                          beacons.gcp.gvt2.com
                                                                          tls, http2
                                                                          chrome.exe
                                                                          989 B
                                                                          5.6kB
                                                                          9
                                                                          8
                                                                        • 34.92.53.177:443
                                                                          https://e2c2.gcp.gvt2.com/nel/
                                                                          tls, http2
                                                                          chrome.exe
                                                                          1.9kB
                                                                          5.8kB
                                                                          15
                                                                          15

                                                                          HTTP Request

                                                                          POST https://e2c2.gcp.gvt2.com/nel/

                                                                          HTTP Response

                                                                          204
                                                                        • 172.217.169.35:443
                                                                          https://b1.nel.goog/upload/1/AOY7FlgW_DPI_M_ku3jQiDVmjQh2wSDmU8pgbNE7drTfIqW_MNkj1tHJxoPfgis07tP899jNHqa2Bk0Fspj8Ij4T0ZRTbCRZ4eKrVJ-rZaFDPX7LUKOUOK5wTriNoE6QiPG608ViOHhdMJcTxRo0DRxUePlfbY_OFSTRWI5mhfbBbJBNK215xoI0M7s4jRwQT_2xhBruRGWjhYDawaAwKYq3y68Td-NCyXTJGS3S
                                                                          tls, http2
                                                                          chrome.exe
                                                                          2.1kB
                                                                          15.2kB
                                                                          19
                                                                          24

                                                                          HTTP Request

                                                                          OPTIONS https://b1.nel.goog/upload/1/AOY7FlgW_DPI_M_ku3jQiDVmjQh2wSDmU8pgbNE7drTfIqW_MNkj1tHJxoPfgis07tP899jNHqa2Bk0Fspj8Ij4T0ZRTbCRZ4eKrVJ-rZaFDPX7LUKOUOK5wTriNoE6QiPG608ViOHhdMJcTxRo0DRxUePlfbY_OFSTRWI5mhfbBbJBNK215xoI0M7s4jRwQT_2xhBruRGWjhYDawaAwKYq3y68Td-NCyXTJGS3S
                                                                        • 34.92.53.177:443
                                                                          e2c2.gcp.gvt2.com
                                                                          tls, http2
                                                                          chrome.exe
                                                                          1.2kB
                                                                          5.5kB
                                                                          13
                                                                          11
                                                                        • 216.58.204.67:443
                                                                          https://beacons.gvt2.com/domainreliability/upload
                                                                          tls, http2
                                                                          chrome.exe
                                                                          2.1kB
                                                                          7.2kB
                                                                          17
                                                                          17

                                                                          HTTP Request

                                                                          POST https://beacons.gvt2.com/domainreliability/upload
                                                                        • 142.251.36.46:443
                                                                          https://clients2.google.com/domainreliability/upload-nel
                                                                          tls, http2
                                                                          chrome.exe
                                                                          1.8kB
                                                                          10.6kB
                                                                          17
                                                                          20

                                                                          HTTP Request

                                                                          OPTIONS https://clients2.google.com/domainreliability/upload-nel
                                                                        • 34.86.82.41:443
                                                                          https://e2c26.gcp.gvt2.com/nel/
                                                                          tls, http2
                                                                          chrome.exe
                                                                          2.0kB
                                                                          5.9kB
                                                                          17
                                                                          16

                                                                          HTTP Request

                                                                          POST https://e2c26.gcp.gvt2.com/nel/

                                                                          HTTP Response

                                                                          204
                                                                        • 142.250.179.206:443
                                                                          https://ogs.google.com/widget/app/so?awwd=1&gm3=1&origin=chrome-untrusted%3A%2F%2Fnew-tab-page&origin=chrome%3A%2F%2Fnew-tab-page&cn=app&pid=1&spid=243&hl=en
                                                                          tls, http2
                                                                          chrome.exe
                                                                          2.2kB
                                                                          26.2kB
                                                                          19
                                                                          27

                                                                          HTTP Request

                                                                          GET https://ogs.google.com/widget/app/so?awwd=1&gm3=1&origin=chrome-untrusted%3A%2F%2Fnew-tab-page&origin=chrome%3A%2F%2Fnew-tab-page&cn=app&pid=1&spid=243&hl=en
                                                                        • 172.217.23.195:443
                                                                          https://ssl.gstatic.com/gb/images/sprites/p_1x_bcbb8decf46e.png
                                                                          tls, http2
                                                                          chrome.exe
                                                                          2.7kB
                                                                          70.3kB
                                                                          34
                                                                          57

                                                                          HTTP Request

                                                                          GET https://ssl.gstatic.com/gb/images/sprites/p_1x_bcbb8decf46e.png
                                                                        • 142.251.36.14:443
                                                                          https://play.google.com/log?hasfast=true&authuser=0&format=json
                                                                          tls, http2
                                                                          chrome.exe
                                                                          2.6kB
                                                                          8.9kB
                                                                          13
                                                                          16

                                                                          HTTP Request

                                                                          POST https://play.google.com/log?hasfast=true&authuser=0&format=json
                                                                        • 8.8.8.8:53
                                                                          transfiles.ru
                                                                          dns
                                                                          chrome.exe
                                                                          59 B
                                                                          75 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          transfiles.ru

                                                                          DNS Response

                                                                          157.90.215.152

                                                                        • 8.8.8.8:53
                                                                          59.128.231.4.in-addr.arpa
                                                                          dns
                                                                          71 B
                                                                          157 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          59.128.231.4.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          254.23.238.8.in-addr.arpa
                                                                          dns
                                                                          143 B
                                                                          285 B
                                                                          2
                                                                          2

                                                                          DNS Request

                                                                          254.23.238.8.in-addr.arpa

                                                                          DNS Request

                                                                          slscr.update.microsoft.com

                                                                          DNS Response

                                                                          20.12.23.50

                                                                        • 8.8.8.8:53
                                                                          apps.identrust.com
                                                                          dns
                                                                          chrome.exe
                                                                          64 B
                                                                          165 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          apps.identrust.com

                                                                          DNS Response

                                                                          23.72.252.171
                                                                          23.72.252.163

                                                                        • 8.8.8.8:53
                                                                          mc.yandex.ru
                                                                          dns
                                                                          chrome.exe
                                                                          58 B
                                                                          122 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          mc.yandex.ru

                                                                          DNS Response

                                                                          77.88.21.119
                                                                          93.158.134.119
                                                                          87.250.251.119
                                                                          87.250.250.119

                                                                        • 8.8.8.8:53
                                                                          content-autofill.googleapis.com
                                                                          dns
                                                                          chrome.exe
                                                                          77 B
                                                                          205 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          content-autofill.googleapis.com

                                                                          DNS Response

                                                                          142.250.179.170
                                                                          142.250.179.202
                                                                          142.251.36.10
                                                                          142.251.39.106
                                                                          172.217.23.202
                                                                          216.58.208.106
                                                                          142.250.179.138
                                                                          142.251.36.42

                                                                        • 8.8.8.8:53
                                                                          10.36.251.142.in-addr.arpa
                                                                          dns
                                                                          72 B
                                                                          111 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          10.36.251.142.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          152.215.90.157.in-addr.arpa
                                                                          dns
                                                                          73 B
                                                                          131 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          152.215.90.157.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          171.252.72.23.in-addr.arpa
                                                                          dns
                                                                          72 B
                                                                          137 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          171.252.72.23.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          130.179.250.142.in-addr.arpa
                                                                          dns
                                                                          74 B
                                                                          112 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          130.179.250.142.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          206.23.217.172.in-addr.arpa
                                                                          dns
                                                                          73 B
                                                                          173 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          206.23.217.172.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          119.21.88.77.in-addr.arpa
                                                                          dns
                                                                          71 B
                                                                          97 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          119.21.88.77.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          googleads.g.doubleclick.net
                                                                          dns
                                                                          chrome.exe
                                                                          73 B
                                                                          89 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          googleads.g.doubleclick.net

                                                                          DNS Response

                                                                          172.217.168.226

                                                                        • 8.8.8.8:53
                                                                          mc.yandex.com
                                                                          dns
                                                                          chrome.exe
                                                                          59 B
                                                                          149 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          mc.yandex.com

                                                                          DNS Response

                                                                          77.88.21.119
                                                                          87.250.251.119
                                                                          87.250.250.119
                                                                          93.158.134.119

                                                                        • 172.217.168.226:443
                                                                          googleads.g.doubleclick.net
                                                                          https
                                                                          chrome.exe
                                                                          12.4kB
                                                                          113.9kB
                                                                          75
                                                                          117
                                                                        • 8.8.8.8:53
                                                                          200.179.250.142.in-addr.arpa
                                                                          dns
                                                                          74 B
                                                                          112 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          200.179.250.142.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          170.179.250.142.in-addr.arpa
                                                                          dns
                                                                          74 B
                                                                          113 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          170.179.250.142.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          226.168.217.172.in-addr.arpa
                                                                          dns
                                                                          74 B
                                                                          112 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          226.168.217.172.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          17.160.190.20.in-addr.arpa
                                                                          dns
                                                                          72 B
                                                                          158 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          17.160.190.20.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          www.googletagservices.com
                                                                          dns
                                                                          chrome.exe
                                                                          71 B
                                                                          87 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          www.googletagservices.com

                                                                          DNS Response

                                                                          142.250.179.162

                                                                        • 8.8.8.8:53
                                                                          tpc.googlesyndication.com
                                                                          dns
                                                                          chrome.exe
                                                                          71 B
                                                                          87 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          tpc.googlesyndication.com

                                                                          DNS Response

                                                                          142.251.36.1

                                                                        • 142.251.36.1:443
                                                                          tpc.googlesyndication.com
                                                                          https
                                                                          chrome.exe
                                                                          5.5kB
                                                                          32.7kB
                                                                          34
                                                                          42
                                                                        • 8.8.8.8:53
                                                                          95.221.229.192.in-addr.arpa
                                                                          dns
                                                                          73 B
                                                                          144 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          95.221.229.192.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          195.179.250.142.in-addr.arpa
                                                                          dns
                                                                          74 B
                                                                          112 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          195.179.250.142.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          162.179.250.142.in-addr.arpa
                                                                          dns
                                                                          74 B
                                                                          112 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          162.179.250.142.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          1.36.251.142.in-addr.arpa
                                                                          dns
                                                                          71 B
                                                                          109 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          1.36.251.142.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          106.208.58.216.in-addr.arpa
                                                                          dns
                                                                          73 B
                                                                          143 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          106.208.58.216.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          131.179.250.142.in-addr.arpa
                                                                          dns
                                                                          74 B
                                                                          112 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          131.179.250.142.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          196.168.217.172.in-addr.arpa
                                                                          dns
                                                                          74 B
                                                                          112 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          196.168.217.172.in-addr.arpa

                                                                        • 224.0.0.251:5353
                                                                          chrome.exe
                                                                          204 B
                                                                          3
                                                                        • 8.8.8.8:53
                                                                          208.194.73.20.in-addr.arpa
                                                                          dns
                                                                          72 B
                                                                          158 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          208.194.73.20.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          26.165.165.52.in-addr.arpa
                                                                          dns
                                                                          146 B
                                                                          254 B
                                                                          2
                                                                          2

                                                                          DNS Request

                                                                          26.165.165.52.in-addr.arpa

                                                                          DNS Request

                                                                          157.102.250.142.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          198.187.3.20.in-addr.arpa
                                                                          dns
                                                                          71 B
                                                                          157 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          198.187.3.20.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          254.158.241.8.in-addr.arpa
                                                                          dns
                                                                          72 B
                                                                          126 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          254.158.241.8.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          apis.google.com
                                                                          dns
                                                                          chrome.exe
                                                                          61 B
                                                                          98 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          apis.google.com

                                                                          DNS Response

                                                                          172.217.23.206

                                                                        • 8.8.8.8:53
                                                                          virustotal.com
                                                                          dns
                                                                          chrome.exe
                                                                          60 B
                                                                          124 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          virustotal.com

                                                                          DNS Response

                                                                          216.239.32.21
                                                                          216.239.36.21
                                                                          216.239.34.21
                                                                          216.239.38.21

                                                                        • 8.8.8.8:53
                                                                          www.virustotal.com
                                                                          dns
                                                                          chrome.exe
                                                                          128 B
                                                                          266 B
                                                                          2
                                                                          2

                                                                          DNS Request

                                                                          www.virustotal.com

                                                                          DNS Request

                                                                          www.virustotal.com

                                                                          DNS Response

                                                                          74.125.34.46

                                                                          DNS Response

                                                                          74.125.34.46

                                                                        • 8.8.8.8:53
                                                                          21.32.239.216.in-addr.arpa
                                                                          dns
                                                                          72 B
                                                                          107 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          21.32.239.216.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          www.recaptcha.net
                                                                          dns
                                                                          chrome.exe
                                                                          63 B
                                                                          79 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          www.recaptcha.net

                                                                          DNS Response

                                                                          142.250.179.163

                                                                        • 8.8.8.8:53
                                                                          recaptcha.net
                                                                          dns
                                                                          chrome.exe
                                                                          59 B
                                                                          75 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          recaptcha.net

                                                                          DNS Response

                                                                          142.251.39.99

                                                                        • 8.8.8.8:53
                                                                          46.34.125.74.in-addr.arpa
                                                                          dns
                                                                          71 B
                                                                          125 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          46.34.125.74.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          163.179.250.142.in-addr.arpa
                                                                          dns
                                                                          74 B
                                                                          112 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          163.179.250.142.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          99.39.251.142.in-addr.arpa
                                                                          dns
                                                                          72 B
                                                                          110 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          99.39.251.142.in-addr.arpa

                                                                        • 142.251.39.99:443
                                                                          recaptcha.net
                                                                          https
                                                                          chrome.exe
                                                                          4.9kB
                                                                          40.2kB
                                                                          24
                                                                          41
                                                                        • 142.250.179.170:443
                                                                          content-autofill.googleapis.com
                                                                          https
                                                                          chrome.exe
                                                                          3.5kB
                                                                          7.1kB
                                                                          9
                                                                          11
                                                                        • 8.8.8.8:53
                                                                          analytics.google.com
                                                                          dns
                                                                          chrome.exe
                                                                          66 B
                                                                          158 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          analytics.google.com

                                                                          DNS Response

                                                                          216.239.36.181
                                                                          216.239.32.181
                                                                          216.239.38.181
                                                                          216.239.34.181

                                                                        • 8.8.8.8:53
                                                                          stats.g.doubleclick.net
                                                                          dns
                                                                          chrome.exe
                                                                          69 B
                                                                          133 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          stats.g.doubleclick.net

                                                                          DNS Response

                                                                          142.250.102.157
                                                                          142.250.102.156
                                                                          142.250.102.155
                                                                          142.250.102.154

                                                                        • 8.8.8.8:53
                                                                          181.36.239.216.in-addr.arpa
                                                                          dns
                                                                          365 B
                                                                          5

                                                                          DNS Request

                                                                          181.36.239.216.in-addr.arpa

                                                                          DNS Request

                                                                          181.36.239.216.in-addr.arpa

                                                                          DNS Request

                                                                          181.36.239.216.in-addr.arpa

                                                                          DNS Request

                                                                          181.36.239.216.in-addr.arpa

                                                                          DNS Request

                                                                          181.36.239.216.in-addr.arpa

                                                                        • 216.239.36.181:443
                                                                          analytics.google.com
                                                                          https
                                                                          chrome.exe
                                                                          4.0kB
                                                                          7.5kB
                                                                          7
                                                                          10
                                                                        • 8.8.8.8:53
                                                                          beacons.gcp.gvt2.com
                                                                          dns
                                                                          chrome.exe
                                                                          66 B
                                                                          138 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          beacons.gcp.gvt2.com

                                                                          DNS Response

                                                                          35.190.89.216

                                                                        • 8.8.8.8:53
                                                                          e2c2.gcp.gvt2.com
                                                                          dns
                                                                          chrome.exe
                                                                          63 B
                                                                          79 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          e2c2.gcp.gvt2.com

                                                                          DNS Response

                                                                          34.92.53.177

                                                                        • 35.190.89.216:443
                                                                          beacons.gcp.gvt2.com
                                                                          https
                                                                          chrome.exe
                                                                          2.3kB
                                                                          5.8kB
                                                                          7
                                                                          9
                                                                        • 8.8.8.8:53
                                                                          b1.nel.goog
                                                                          dns
                                                                          chrome.exe
                                                                          57 B
                                                                          73 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          b1.nel.goog

                                                                          DNS Response

                                                                          172.217.169.35

                                                                        • 8.8.8.8:53
                                                                          216.89.190.35.in-addr.arpa
                                                                          dns
                                                                          72 B
                                                                          124 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          216.89.190.35.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          35.169.217.172.in-addr.arpa
                                                                          dns
                                                                          73 B
                                                                          111 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          35.169.217.172.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          177.53.92.34.in-addr.arpa
                                                                          dns
                                                                          71 B
                                                                          122 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          177.53.92.34.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          233.141.123.20.in-addr.arpa
                                                                          dns
                                                                          73 B
                                                                          159 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          233.141.123.20.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          beacons.gvt2.com
                                                                          dns
                                                                          chrome.exe
                                                                          62 B
                                                                          78 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          beacons.gvt2.com

                                                                          DNS Response

                                                                          216.58.204.67

                                                                        • 8.8.8.8:53
                                                                          67.204.58.216.in-addr.arpa
                                                                          dns
                                                                          72 B
                                                                          169 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          67.204.58.216.in-addr.arpa

                                                                        • 172.217.169.35:443
                                                                          b1.nel.goog
                                                                          https
                                                                          chrome.exe
                                                                          3.6kB
                                                                          10.3kB
                                                                          10
                                                                          12
                                                                        • 8.8.8.8:53
                                                                          clients2.google.com
                                                                          dns
                                                                          chrome.exe
                                                                          65 B
                                                                          105 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          clients2.google.com

                                                                          DNS Response

                                                                          142.251.36.46

                                                                        • 35.190.89.216:443
                                                                          beacons.gcp.gvt2.com
                                                                          https
                                                                          chrome.exe
                                                                          4.3kB
                                                                          3.8kB
                                                                          9
                                                                          8
                                                                        • 8.8.8.8:53
                                                                          e2c26.gcp.gvt2.com
                                                                          dns
                                                                          chrome.exe
                                                                          64 B
                                                                          80 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          e2c26.gcp.gvt2.com

                                                                          DNS Response

                                                                          34.86.82.41

                                                                        • 8.8.8.8:53
                                                                          46.36.251.142.in-addr.arpa
                                                                          dns
                                                                          72 B
                                                                          111 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          46.36.251.142.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          41.82.86.34.in-addr.arpa
                                                                          dns
                                                                          70 B
                                                                          120 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          41.82.86.34.in-addr.arpa

                                                                        • 216.58.204.67:443
                                                                          beacons.gvt2.com
                                                                          https
                                                                          chrome.exe
                                                                          3.5kB
                                                                          7.4kB
                                                                          8
                                                                          11
                                                                        • 8.8.8.8:53
                                                                          84.65.42.20.in-addr.arpa
                                                                          dns
                                                                          70 B
                                                                          156 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          84.65.42.20.in-addr.arpa

                                                                        • 142.251.36.46:443
                                                                          clients2.google.com
                                                                          https
                                                                          chrome.exe
                                                                          4.0kB
                                                                          10.5kB
                                                                          13
                                                                          15
                                                                        • 172.217.169.35:443
                                                                          b1.nel.goog
                                                                          https
                                                                          chrome.exe
                                                                          2.2kB
                                                                          4.7kB
                                                                          9
                                                                          10
                                                                        • 35.190.89.216:443
                                                                          beacons.gcp.gvt2.com
                                                                          https
                                                                          chrome.exe
                                                                          4.2kB
                                                                          3.2kB
                                                                          8
                                                                          9
                                                                        • 8.8.8.8:53
                                                                          ogs.google.com
                                                                          dns
                                                                          chrome.exe
                                                                          60 B
                                                                          97 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          ogs.google.com

                                                                          DNS Response

                                                                          142.250.179.206

                                                                        • 8.8.8.8:53
                                                                          ssl.gstatic.com
                                                                          dns
                                                                          chrome.exe
                                                                          61 B
                                                                          77 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          ssl.gstatic.com

                                                                          DNS Response

                                                                          172.217.23.195

                                                                        • 8.8.8.8:53
                                                                          206.179.250.142.in-addr.arpa
                                                                          dns
                                                                          74 B
                                                                          113 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          206.179.250.142.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          195.23.217.172.in-addr.arpa
                                                                          dns
                                                                          73 B
                                                                          171 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          195.23.217.172.in-addr.arpa

                                                                        • 8.8.8.8:53
                                                                          play.google.com
                                                                          dns
                                                                          chrome.exe
                                                                          61 B
                                                                          77 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          play.google.com

                                                                          DNS Response

                                                                          142.251.36.14

                                                                        • 8.8.8.8:53
                                                                          14.36.251.142.in-addr.arpa
                                                                          dns
                                                                          72 B
                                                                          111 B
                                                                          1
                                                                          1

                                                                          DNS Request

                                                                          14.36.251.142.in-addr.arpa

                                                                        MITRE ATT&CK Matrix

                                                                        Replay Monitor

                                                                        Loading Replay Monitor...

                                                                        Downloads

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

                                                                          Filesize

                                                                          40B

                                                                          MD5

                                                                          f083bcd6a0628fa4aca1d134179c94f7

                                                                          SHA1

                                                                          dad1bdfa0fa12bbf89581b0f2349d34d5e48c412

                                                                          SHA256

                                                                          598abb8646aa2b6371f79de998960b5bc7a28e195a594ad15d8da9e86995892d

                                                                          SHA512

                                                                          33d2a799420f46ee769a83499852bf7a62f4f0887a036a7a1989c096fd977763685c230616429a4840636d0f0cc9eb9f19c415271fade01a10eab5d92d2d3e8b

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

                                                                          Filesize

                                                                          40B

                                                                          MD5

                                                                          f083bcd6a0628fa4aca1d134179c94f7

                                                                          SHA1

                                                                          dad1bdfa0fa12bbf89581b0f2349d34d5e48c412

                                                                          SHA256

                                                                          598abb8646aa2b6371f79de998960b5bc7a28e195a594ad15d8da9e86995892d

                                                                          SHA512

                                                                          33d2a799420f46ee769a83499852bf7a62f4f0887a036a7a1989c096fd977763685c230616429a4840636d0f0cc9eb9f19c415271fade01a10eab5d92d2d3e8b

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

                                                                          Filesize

                                                                          40B

                                                                          MD5

                                                                          f083bcd6a0628fa4aca1d134179c94f7

                                                                          SHA1

                                                                          dad1bdfa0fa12bbf89581b0f2349d34d5e48c412

                                                                          SHA256

                                                                          598abb8646aa2b6371f79de998960b5bc7a28e195a594ad15d8da9e86995892d

                                                                          SHA512

                                                                          33d2a799420f46ee769a83499852bf7a62f4f0887a036a7a1989c096fd977763685c230616429a4840636d0f0cc9eb9f19c415271fade01a10eab5d92d2d3e8b

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

                                                                          Filesize

                                                                          173KB

                                                                          MD5

                                                                          d3d1aff7a71e5f6f4537a0b3cbbd5c23

                                                                          SHA1

                                                                          82bbaa35980290986094ec5b2f33da17fe0e1ca8

                                                                          SHA256

                                                                          d3ac13e9bebf6119830ea38adf6715f42a193e7cc5834087abcd77bec3c07291

                                                                          SHA512

                                                                          9f5a8f657438a49e2b60db1372ced7edca4ca714efc63ff8791ff232d4252178b5a148a02b049f279007f095e7ac5b649367a2fb3dbffa14b39b637f1d30d42b

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                          Filesize

                                                                          1KB

                                                                          MD5

                                                                          7da2da10262b3d126947c5663c0f576a

                                                                          SHA1

                                                                          00dd04e477833707161e7a84578144babfe55acb

                                                                          SHA256

                                                                          caf12b61acdaf0dbb394f4003b23610ef0b0e2101ac14c17b6a18650d15ae43f

                                                                          SHA512

                                                                          8634a6731615b6fdd1342bfcccee5f7271e1fd7459dcd74011b64376380504574bb2602c8c6010d002d6793396b16ebf5a471576ca268b4b54bdda6eff248d81

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                          Filesize

                                                                          696B

                                                                          MD5

                                                                          c62b029c3519d98f6ccffb367459b359

                                                                          SHA1

                                                                          43d5fff8f05900854e7b05ac3ce4ac2ded331c66

                                                                          SHA256

                                                                          0682a69afa18bd350e177b8822dcfc1025e23cf2a55b683801e1fc0f11679129

                                                                          SHA512

                                                                          bb2f9f6789d4218f9a9bd9337dfab4dab8fdc248df4bf72594684b01f3359a16a24de6acd5a44d936d59902771884fad721011da8d485f5e9bb26ae67d106512

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                          Filesize

                                                                          1KB

                                                                          MD5

                                                                          4373a64e2e79f1a77e46db10b03618f6

                                                                          SHA1

                                                                          1f575b5cfa097dc75df682aecdca66bc97d2ffe7

                                                                          SHA256

                                                                          3f8cf3196a95a97f5ff56259b2592146840a4f1567ee5ef4318175427aaa4e18

                                                                          SHA512

                                                                          ff34763051109a32e233d9b38a08373d9e388f86711fabcc920bafa1171c5bd85c524225bb72b10e817566566e2afd654a04f0427b2b6063f1b1c44d039c9522

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT

                                                                          Filesize

                                                                          16B

                                                                          MD5

                                                                          46295cac801e5d4857d09837238a6394

                                                                          SHA1

                                                                          44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                          SHA256

                                                                          0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                          SHA512

                                                                          8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                          Filesize

                                                                          5KB

                                                                          MD5

                                                                          b77273525b0fecde8c6fbd0b16581c2a

                                                                          SHA1

                                                                          d5418024ae421aba077c776837e8805d04de4763

                                                                          SHA256

                                                                          93ebbb72157011829cf9d61a1699cb5826ee3e65853699cd266b0cf82fece7ee

                                                                          SHA512

                                                                          06c35500314769297c7384d7ac931d9a9192b710c9a967a8dcfd04a96d909f5fefcf5d1f2b459b8ba5218f17ab389233521a05f6516cb31f35265e0172268df0

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                          Filesize

                                                                          4KB

                                                                          MD5

                                                                          5a2a3a475d32a06d885d245fec2c6713

                                                                          SHA1

                                                                          56c6e3dc514baca5f52c219445c4a1d3b1af3d2a

                                                                          SHA256

                                                                          28017af6c72b8871b7c9c22b1200e8a0df8147082615a2c26274cf136bfd22d0

                                                                          SHA512

                                                                          c04c768e92d544d7adee15706e4e4262ea0ac84e0214bfa13391d25defd3adbd9b015773c1ed77fc9243825b4d4ff5571e1b0b1e6ef2e23f9d881a3adb83fa64

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                          Filesize

                                                                          4KB

                                                                          MD5

                                                                          673af4b2cfb15ce5dc0841c1550ef972

                                                                          SHA1

                                                                          b4d4905a41b2348a8268843baedcca7c414c9cd2

                                                                          SHA256

                                                                          80fb094ffd665ef1d5f45fa6a1c1f2b3fa07364e4348f6b9d374cc96e7f3431e

                                                                          SHA512

                                                                          581063eaf620754632d6b659cc6a604f68184cf6caefde996efc69e16ac93f243d714f6f483b72b9c56662fd7545750305331594f091246e896580be955e5a7f

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                          Filesize

                                                                          1KB

                                                                          MD5

                                                                          7bfb1f23b44f7ca33f3b2122a4e58f4a

                                                                          SHA1

                                                                          267e3dc6b946fb699bc7f19ec287cf3bddce5961

                                                                          SHA256

                                                                          49156a0e628329b74f88fd9f195a5fff5c7d5b4ce069ebe7e8d4b0a8b5bd6d83

                                                                          SHA512

                                                                          5a5bd2a1fb2bf5470311309ea0478b2aba73c551e6a53debc14270d2f36b7bf6057a6bfbff9ec85a543e6b13421702201ad3faaaaf81c6f080ff888377d07c74

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                          Filesize

                                                                          1KB

                                                                          MD5

                                                                          bdd8eb69f3ca6093d017106b0252606e

                                                                          SHA1

                                                                          cfd4f21c91be7bd67bcf96500c5e1c03e6fc2929

                                                                          SHA256

                                                                          b7876335521802455ddb2057f5a9741379b639842ae333e672e76d7e1dc8e46b

                                                                          SHA512

                                                                          bcd9e18441642c49537b6d388309ba373806d6a5a5a0db64b5a4931dcb51708bb310e6db867e3a78a5d683a0b40e834caa04f093e53d9f2bb700b1362795194e

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                          Filesize

                                                                          1KB

                                                                          MD5

                                                                          25a81b937d8ac5ee4ad5ea5a15606d67

                                                                          SHA1

                                                                          a9c6e0b3dba98a07804dc7aea7454f7c710bb62e

                                                                          SHA256

                                                                          8a579fce4717ae54bf0ef7a86d6d8896c505a5842770d9207c92afb474cfe496

                                                                          SHA512

                                                                          e6f4d00b5347b92f182c61e9d5040e8fe801ae5c1cefed874c1a01fa4e5e70081a37614b63fbee9754aba5b97bc2d8881cf7114e65a2c8ffa3910bc7bdad58fa

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                          Filesize

                                                                          1KB

                                                                          MD5

                                                                          1342b59484d82398a3854092c379a83f

                                                                          SHA1

                                                                          b20f272a166d0458f199a71a4aaee8561eacbb55

                                                                          SHA256

                                                                          a054675a238b7130a9dda51876b97b5e0074778b021906100458494b124035a3

                                                                          SHA512

                                                                          3ba66e1c6cd14e75d630ad22c2221f902c2083cb25a2079a56162fa277ff050f48606357d630719a10e02f0310012f7f24538f445d0007d70d26ac7ae32e910f

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                          Filesize

                                                                          1KB

                                                                          MD5

                                                                          3355d9de037d7ea3700cb2d3bfb904f7

                                                                          SHA1

                                                                          6ef232bf21a8189a74c3c5df37d3c4fe7e5d131b

                                                                          SHA256

                                                                          ad2442987693a9c50682fa7f7f565d3a9e941ffcc3a61c7b7519259ba3e2c4df

                                                                          SHA512

                                                                          6e327ff83ee035dab82c51fe4c88412ff3418b6d7d59afecf5d2062b48f8e5a3ef9d0614c948c1b14d9fdba7a412bec5fe72d2c7d4de4f3bef82b28b79d40c33

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                          Filesize

                                                                          1KB

                                                                          MD5

                                                                          f4f37d8780e630bc193b9c9ad7579e38

                                                                          SHA1

                                                                          a9f10ffa6c2c78f52f6fe350bf5c4bb521e1b3e6

                                                                          SHA256

                                                                          a716fb50720ba82d21d2098e7f76e25d5078877a9928ec1e6ce18f6243fd1cbc

                                                                          SHA512

                                                                          9365ecf4eaff1fe6578889adf87afc2a07609663ace48ac46e9c3a4d94f86604918d47ceddac98143d8fd8cca52b64b67b7155a73c3e0828efc6b8056e8cbd45

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                          Filesize

                                                                          1KB

                                                                          MD5

                                                                          86da7431c6fd1b4f5e8e72a959df9de2

                                                                          SHA1

                                                                          39ae71a335c2e4bcb407b43495e520fa2a6d2242

                                                                          SHA256

                                                                          ac2bf54979d0e02be6f4d72e318551b94a388227aa7e3139dc38274aadef5aad

                                                                          SHA512

                                                                          a5736015f0c6d6bb1af304a9fed46cf7e124112ec1045ec9dca825f387c1ae5e6822a6e4d4cd70c3a29e9729356b2d0950d6565810ecd7362facfb49f9bab355

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                          Filesize

                                                                          7KB

                                                                          MD5

                                                                          9c808ea3dc2446443498c18949301ef8

                                                                          SHA1

                                                                          942ff90515b9483c1b0a02363b06855f7870351a

                                                                          SHA256

                                                                          ff1005c25fb81494ec41a39158c8f34f3cfdb5f02ba82095c0b486f808dc294e

                                                                          SHA512

                                                                          1caa67463dd7b489f9e4b2ee0b0fd62d05322f5349dbb251ca2342a9d05edb9ed47355fbcf19c088f638ca0aefd0a50e9ad8622aaad61a3e390e3724ca7ddb5d

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                          Filesize

                                                                          7KB

                                                                          MD5

                                                                          bd856b7e3b96fd19e2d0cb363307a436

                                                                          SHA1

                                                                          90ebaf5506109b6bde4ad60065852346a1d093e9

                                                                          SHA256

                                                                          bbf07ecdf16e7a326c9a6428246de1215b962df004b95cb2540100995eee8c26

                                                                          SHA512

                                                                          8ee0f23a2da7bc42e42c159542c29929a799c6fee539e9ebb311a3a7f1253c5b999abbd0a85b6a813295cf5f7b0c786bad100c9eedf63298b2335f56f2d35aef

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                          Filesize

                                                                          6KB

                                                                          MD5

                                                                          e8f69e8d0b9033d91b326ac4b8099175

                                                                          SHA1

                                                                          5079dde922333ee8bc98ebc62dc6ea0f7382b8bc

                                                                          SHA256

                                                                          e1dbad3c335acccbb9ba7dabc56981b851a6891063045b226f62cc304abaca0a

                                                                          SHA512

                                                                          ebf084ace2b94ced5981b82c099a6aa4285466827bb4111064d498b9009c701c365aa9a5e666a1f187e2b09b45cc6af5665822eb77d52efd53662dd650fe610c

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                          Filesize

                                                                          7KB

                                                                          MD5

                                                                          5cd9b20c0cd75d52cb2520b7e8adf602

                                                                          SHA1

                                                                          e081f432d8673bceb8f4fa359945aae4217ae870

                                                                          SHA256

                                                                          eca072f2f41351708ae630f226ff1ae7351f7056906c483b7dc91f4377779284

                                                                          SHA512

                                                                          9785023296eab9ba21bde271503d7143ca8ecac7f5b433afc540e8b74e838d4c514b1f521c09227f7f5e9d2261f7dd1543f9bdfb7526aca135f01265f4b7709a

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                          Filesize

                                                                          7KB

                                                                          MD5

                                                                          398bd381da0e2a10b9040cb602ea3295

                                                                          SHA1

                                                                          170d84bb4d4ddfca1ff76c117082915546ce74ee

                                                                          SHA256

                                                                          33d1d1ebea735d3631639a7a8fe442fe31a71e29e4593dcee72ad3c9ecbfb7a7

                                                                          SHA512

                                                                          e0850e8555c5cc79622b76f22f170ca23e13413024e603d68b581a8bbe97ab6acc9ddcd277c1a9ce0b9461a0c2be6245f96f11a46a84329e6675a74b88d0f6c9

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\MANIFEST-000001

                                                                          Filesize

                                                                          41B

                                                                          MD5

                                                                          5af87dfd673ba2115e2fcf5cfdb727ab

                                                                          SHA1

                                                                          d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                          SHA256

                                                                          f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                          SHA512

                                                                          de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                                          Filesize

                                                                          72B

                                                                          MD5

                                                                          57e7c1d36c0dbf9056b35b43b76a53dd

                                                                          SHA1

                                                                          e257533ce78d49da3620aca7c8658d6f43c4eecf

                                                                          SHA256

                                                                          128ec78d75876b8b8e5842a14be7e7d456aed1e7bbca39f21d23fb84c7174a5c

                                                                          SHA512

                                                                          7d34a9ab3f41bd9fb7b94dc035aad2c2fea2415c984b436a3a35923d6d6f2bc7741c0197033cb0c279b47a5277b79fa405e4e96b944f16bec6f43c58a548fe15

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58af08.TMP

                                                                          Filesize

                                                                          48B

                                                                          MD5

                                                                          5970af7a0ae0b340076326e3d8a694aa

                                                                          SHA1

                                                                          2ad2b6058006ec3d4a915aea9e81f9a596b66076

                                                                          SHA256

                                                                          812f2f805522a7555e4bf05ed3b8a3de326c68d6922a5c26e3e5eb6ab4cc0031

                                                                          SHA512

                                                                          098b42522b87326bb326a2b10b18940536ab795581a1731a2cf5906a837ba4cf6cfdb6e50a0011b9ae80bb5eff7bc1e77d0dc1d1aa2411be902198f583e00040

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                          Filesize

                                                                          87KB

                                                                          MD5

                                                                          203a15395b96e5d482d3f2820151a567

                                                                          SHA1

                                                                          0cd0a805682e148081d5d85ca05d4aa7dd445eb8

                                                                          SHA256

                                                                          683954bf495919a87bc81c888dc9e8f94ca2463d7a64d1524b9be7939f080510

                                                                          SHA512

                                                                          321bc22d50e630338c3481b19cdbd07a437e949fdbd3b5768ac84d91642515bcac4cea56ff20caac06784b5185323be475a999d94bb062dceca2d27f600e309b

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                          Filesize

                                                                          87KB

                                                                          MD5

                                                                          106e091f2b62348faa1472de2644a078

                                                                          SHA1

                                                                          632a751b91b3e37f0be473d86abcd75d0535ca89

                                                                          SHA256

                                                                          e0c056a8132c80b8a77e83ae0adaae0563a1b54e36c3affd454c05776e1f7b79

                                                                          SHA512

                                                                          da17de1b9be8492dce1d71df4274e75125b6a4578de03278ea02e9d07978c300e659943a8aa5c5d438f059e9bfd4f0150ccf06556a4138e0a1e302e4f7af4f08

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                          Filesize

                                                                          87KB

                                                                          MD5

                                                                          f8697c22e0bc58ba1dfecfe41a3ac89d

                                                                          SHA1

                                                                          c56d68de7ac5fcc84b7032eb7afa9ca22621d305

                                                                          SHA256

                                                                          07bc1d845d13718c12072f505f7cfe3b2d5596595fba6ec2799ac49855e80f55

                                                                          SHA512

                                                                          a8ec2261775b033d9ecdaf60a12f9d5ad249aee391989b9ab47478d19dc226c4173b548148b989cbd083b2aaa884070d75c44460add0e6d3d57c289c48163362

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                                          Filesize

                                                                          117KB

                                                                          MD5

                                                                          87140834637bcb106f8da5326ce6de04

                                                                          SHA1

                                                                          a38f8ab39cb576b7992b74f996bcb2005bae886a

                                                                          SHA256

                                                                          d89fe0a8b3369bc2952c5eb396924a624e665316ccf3ba148870b192a69b1855

                                                                          SHA512

                                                                          c8462d3524e83c0a794c1e2cf3ef736272ab0396093cdcbf12ca050eae1e6fd373b1c98ea83b300d1783659354d143905f4a85c627a1788e67dc069fe4d91dd1

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                                          Filesize

                                                                          110KB

                                                                          MD5

                                                                          ad76fddb608978656d5fa473038c7fdf

                                                                          SHA1

                                                                          4609990c6d4b27bf74a60d0d0288595ea638b8c9

                                                                          SHA256

                                                                          04e8423ab986f2dbf62b583de6074f19a0ee9eabb4236a5321d1452bc466eeef

                                                                          SHA512

                                                                          308dd9eac8438e89c81dfffbd111bf89e91fe234a1bb264b4e614edf3312617e4f0805a5a248b798df95339f5a617720847ba80aab79b15b2595880c0728f6b6

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5883b2.TMP

                                                                          Filesize

                                                                          104KB

                                                                          MD5

                                                                          452c7bd0a449f49802680a3a680b3a5b

                                                                          SHA1

                                                                          68c0397fdb5e154aa025dfd2c618dc21a62c2834

                                                                          SHA256

                                                                          2e50a232840e1c77ef3117816bee788dbb92e2b025d7fe6c3a342a4c9b8acd60

                                                                          SHA512

                                                                          f5a2b248f082cb3b7bf912e77d63937a6d5ff1300d0b4f57524a17e27f6c4acaab16143df73fc04a3cdfd697a2e36ca1015f667a1f81205ab92a38d07830dbc1

                                                                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

                                                                          Filesize

                                                                          2B

                                                                          MD5

                                                                          99914b932bd37a50b983c5e7c90ae93b

                                                                          SHA1

                                                                          bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                                          SHA256

                                                                          44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                                          SHA512

                                                                          27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                                                        • C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe

                                                                          Filesize

                                                                          815KB

                                                                          MD5

                                                                          1341a7db06d95d52a5702eef0c864cf6

                                                                          SHA1

                                                                          378d7751911b0783a798c3bdd9616d6c684570fc

                                                                          SHA256

                                                                          1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6

                                                                          SHA512

                                                                          c8ac4a9ab50cc5d60af97712dfe6836cd62e35e67471af2506e2779d2b9c2260aa3e88b95e9cb253a0b6d7b5cfb72ea4e328c809b6fea531627c620430168a0f

                                                                        • C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe

                                                                          Filesize

                                                                          815KB

                                                                          MD5

                                                                          1341a7db06d95d52a5702eef0c864cf6

                                                                          SHA1

                                                                          378d7751911b0783a798c3bdd9616d6c684570fc

                                                                          SHA256

                                                                          1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6

                                                                          SHA512

                                                                          c8ac4a9ab50cc5d60af97712dfe6836cd62e35e67471af2506e2779d2b9c2260aa3e88b95e9cb253a0b6d7b5cfb72ea4e328c809b6fea531627c620430168a0f

                                                                        • C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe

                                                                          Filesize

                                                                          815KB

                                                                          MD5

                                                                          1341a7db06d95d52a5702eef0c864cf6

                                                                          SHA1

                                                                          378d7751911b0783a798c3bdd9616d6c684570fc

                                                                          SHA256

                                                                          1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6

                                                                          SHA512

                                                                          c8ac4a9ab50cc5d60af97712dfe6836cd62e35e67471af2506e2779d2b9c2260aa3e88b95e9cb253a0b6d7b5cfb72ea4e328c809b6fea531627c620430168a0f

                                                                        • C:\Users\Admin\Downloads\CoolSoftWare 2.1.exe

                                                                          Filesize

                                                                          815KB

                                                                          MD5

                                                                          1341a7db06d95d52a5702eef0c864cf6

                                                                          SHA1

                                                                          378d7751911b0783a798c3bdd9616d6c684570fc

                                                                          SHA256

                                                                          1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6

                                                                          SHA512

                                                                          c8ac4a9ab50cc5d60af97712dfe6836cd62e35e67471af2506e2779d2b9c2260aa3e88b95e9cb253a0b6d7b5cfb72ea4e328c809b6fea531627c620430168a0f

                                                                        • C:\Users\Admin\Downloads\Unconfirmed 79393.crdownload

                                                                          Filesize

                                                                          815KB

                                                                          MD5

                                                                          1341a7db06d95d52a5702eef0c864cf6

                                                                          SHA1

                                                                          378d7751911b0783a798c3bdd9616d6c684570fc

                                                                          SHA256

                                                                          1b3b8d589987482a5d43ec9df5ba8ef745e3fd6077d3bbed0d31dba562f129a6

                                                                          SHA512

                                                                          c8ac4a9ab50cc5d60af97712dfe6836cd62e35e67471af2506e2779d2b9c2260aa3e88b95e9cb253a0b6d7b5cfb72ea4e328c809b6fea531627c620430168a0f

                                                                        • memory/488-577-0x00000255564D0000-0x00000255564D1000-memory.dmp

                                                                          Filesize

                                                                          4KB

                                                                        • memory/488-578-0x00000255564D0000-0x00000255564D1000-memory.dmp

                                                                          Filesize

                                                                          4KB

                                                                        • memory/488-581-0x00000255564D0000-0x00000255564D1000-memory.dmp

                                                                          Filesize

                                                                          4KB

                                                                        • memory/488-576-0x00000255564D0000-0x00000255564D1000-memory.dmp

                                                                          Filesize

                                                                          4KB

                                                                        • memory/488-572-0x00000255564D0000-0x00000255564D1000-memory.dmp

                                                                          Filesize

                                                                          4KB

                                                                        • memory/488-570-0x00000255564D0000-0x00000255564D1000-memory.dmp

                                                                          Filesize

                                                                          4KB

                                                                        • memory/488-571-0x00000255564D0000-0x00000255564D1000-memory.dmp

                                                                          Filesize

                                                                          4KB

                                                                        • memory/488-579-0x00000255564D0000-0x00000255564D1000-memory.dmp

                                                                          Filesize

                                                                          4KB

                                                                        • memory/488-580-0x00000255564D0000-0x00000255564D1000-memory.dmp

                                                                          Filesize

                                                                          4KB

                                                                        • memory/488-582-0x00000255564D0000-0x00000255564D1000-memory.dmp

                                                                          Filesize

                                                                          4KB

                                                                        We care about your privacy.

                                                                        This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.