Analysis

  • max time kernel
    602s
  • max time network
    603s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-03-2024 01:40

General

  • Target

    http://katariatradersindia.com/css/Zyr.htm

Malware Config

Extracted

Family

kutaki

C2

http://linkwotowoto.club/new/two.php

Signatures

  • Kutaki

    Information stealer and keylogger that hides inside legitimate Visual Basic applications.

  • Kutaki Executable 1 IoCs
  • Checks computer location settings 2 TTPs 2 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Drops startup file 3 IoCs
  • Executes dropped EXE 2 IoCs
  • Drops file in Windows directory 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Kills process with taskkill 1 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 7 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 36 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of SetWindowsHookEx 23 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://katariatradersindia.com/css/Zyr.htm
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1100
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd94569758,0x7ffd94569768,0x7ffd94569778
      2⤵
        PID:700
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1744 --field-trial-handle=1900,i,3613740867456445217,1959528110586616198,131072 /prefetch:2
        2⤵
          PID:4532
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=1900,i,3613740867456445217,1959528110586616198,131072 /prefetch:8
          2⤵
            PID:4628
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2252 --field-trial-handle=1900,i,3613740867456445217,1959528110586616198,131072 /prefetch:8
            2⤵
              PID:3144
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3124 --field-trial-handle=1900,i,3613740867456445217,1959528110586616198,131072 /prefetch:1
              2⤵
                PID:6000
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3152 --field-trial-handle=1900,i,3613740867456445217,1959528110586616198,131072 /prefetch:1
                2⤵
                  PID:5872
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4108 --field-trial-handle=1900,i,3613740867456445217,1959528110586616198,131072 /prefetch:1
                  2⤵
                    PID:2440
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4564 --field-trial-handle=1900,i,3613740867456445217,1959528110586616198,131072 /prefetch:8
                    2⤵
                      PID:2816
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4748 --field-trial-handle=1900,i,3613740867456445217,1959528110586616198,131072 /prefetch:8
                      2⤵
                        PID:1608
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4520 --field-trial-handle=1900,i,3613740867456445217,1959528110586616198,131072 /prefetch:8
                        2⤵
                          PID:4492
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=820 --field-trial-handle=1900,i,3613740867456445217,1959528110586616198,131072 /prefetch:1
                          2⤵
                            PID:4684
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5208 --field-trial-handle=1900,i,3613740867456445217,1959528110586616198,131072 /prefetch:1
                            2⤵
                              PID:1056
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5388 --field-trial-handle=1900,i,3613740867456445217,1959528110586616198,131072 /prefetch:8
                              2⤵
                                PID:3264
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5372 --field-trial-handle=1900,i,3613740867456445217,1959528110586616198,131072 /prefetch:1
                                2⤵
                                  PID:5488
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5820 --field-trial-handle=1900,i,3613740867456445217,1959528110586616198,131072 /prefetch:1
                                  2⤵
                                    PID:4388
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5892 --field-trial-handle=1900,i,3613740867456445217,1959528110586616198,131072 /prefetch:8
                                    2⤵
                                      PID:528
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6112 --field-trial-handle=1900,i,3613740867456445217,1959528110586616198,131072 /prefetch:8
                                      2⤵
                                      • Modifies registry class
                                      • Suspicious use of SetWindowsHookEx
                                      PID:3620
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=6060 --field-trial-handle=1900,i,3613740867456445217,1959528110586616198,131072 /prefetch:2
                                      2⤵
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:404
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5724 --field-trial-handle=1900,i,3613740867456445217,1959528110586616198,131072 /prefetch:8
                                      2⤵
                                        PID:4944
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6000 --field-trial-handle=1900,i,3613740867456445217,1959528110586616198,131072 /prefetch:8
                                        2⤵
                                        • Modifies registry class
                                        • Suspicious use of SetWindowsHookEx
                                        PID:1608
                                    • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
                                      "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
                                      1⤵
                                        PID:3576
                                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3936 --field-trial-handle=2280,i,1836084024518340990,18250262151825427757,262144 --variations-seed-version /prefetch:8
                                        1⤵
                                          PID:5608
                                        • C:\Windows\System32\rundll32.exe
                                          C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                          1⤵
                                            PID:2324
                                          • C:\Users\Admin\AppData\Local\Temp\Temp1_Tax Payment Challan.zip\Tax Payment Challan.exe
                                            "C:\Users\Admin\AppData\Local\Temp\Temp1_Tax Payment Challan.zip\Tax Payment Challan.exe"
                                            1⤵
                                            • Drops startup file
                                            • Suspicious use of SetWindowsHookEx
                                            PID:6008
                                            • C:\Windows\SysWOW64\cmd.exe
                                              cmd.exe /c C:\Users\Admin\AppData\Local\Temp\NewBitmapImage.bmp
                                              2⤵
                                              • Checks computer location settings
                                              • Modifies registry class
                                              PID:5116
                                              • C:\Windows\SysWOW64\mspaint.exe
                                                "C:\Windows\system32\mspaint.exe" "C:\Users\Admin\AppData\Local\Temp\NewBitmapImage.bmp"
                                                3⤵
                                                • Drops file in Windows directory
                                                • Suspicious behavior: EnumeratesProcesses
                                                • Suspicious use of SetWindowsHookEx
                                                PID:5612
                                            • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\admxvgfk.exe
                                              "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\admxvgfk.exe"
                                              2⤵
                                              • Executes dropped EXE
                                              • Suspicious use of SetWindowsHookEx
                                              PID:3660
                                          • C:\Users\Admin\AppData\Local\Temp\Temp1_Tax Payment Challan.zip\Tax Payment Challan.exe
                                            "C:\Users\Admin\AppData\Local\Temp\Temp1_Tax Payment Challan.zip\Tax Payment Challan.exe"
                                            1⤵
                                            • Drops startup file
                                            • Suspicious use of SetWindowsHookEx
                                            PID:4860
                                            • C:\Windows\SysWOW64\cmd.exe
                                              cmd.exe /c C:\Users\Admin\AppData\Local\Temp\NewBitmapImage.bmp
                                              2⤵
                                              • Checks computer location settings
                                              PID:4488
                                              • C:\Windows\SysWOW64\mspaint.exe
                                                "C:\Windows\system32\mspaint.exe" "C:\Users\Admin\AppData\Local\Temp\NewBitmapImage.bmp"
                                                3⤵
                                                • Drops file in Windows directory
                                                • Suspicious behavior: EnumeratesProcesses
                                                • Suspicious use of SetWindowsHookEx
                                                PID:2512
                                            • C:\Windows\SysWOW64\taskkill.exe
                                              taskkill /im admxvgfk.exe /f
                                              2⤵
                                              • Kills process with taskkill
                                              PID:6096
                                            • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\admxvgfk.exe
                                              "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\admxvgfk.exe"
                                              2⤵
                                              • Executes dropped EXE
                                              • Suspicious use of SetWindowsHookEx
                                              PID:4332
                                          • C:\Windows\system32\svchost.exe
                                            C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
                                            1⤵
                                              PID:1320
                                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3712 --field-trial-handle=2280,i,1836084024518340990,18250262151825427757,262144 --variations-seed-version /prefetch:8
                                              1⤵
                                                PID:4276

                                              Network

                                              • flag-us
                                                DNS
                                                136.32.126.40.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                136.32.126.40.in-addr.arpa
                                                IN PTR
                                                Response
                                              • flag-us
                                                DNS
                                                95.221.229.192.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                95.221.229.192.in-addr.arpa
                                                IN PTR
                                                Response
                                              • flag-us
                                                DNS
                                                katariatradersindia.com
                                                chrome.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                katariatradersindia.com
                                                IN A
                                                Response
                                                katariatradersindia.com
                                                IN A
                                                68.178.152.97
                                              • flag-us
                                                DNS
                                                241.154.82.20.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                241.154.82.20.in-addr.arpa
                                                IN PTR
                                                Response
                                              • flag-in
                                                GET
                                                http://katariatradersindia.com/css/Zyr.htm
                                                chrome.exe
                                                Remote address:
                                                68.178.152.97:80
                                                Request
                                                GET /css/Zyr.htm HTTP/1.1
                                                Host: katariatradersindia.com
                                                Connection: keep-alive
                                                Upgrade-Insecure-Requests: 1
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                Accept-Encoding: gzip, deflate
                                                Accept-Language: en-US,en;q=0.9
                                                Response
                                                HTTP/1.1 200 OK
                                                Date: Mon, 11 Mar 2024 01:45:03 GMT
                                                Server: Apache
                                                Upgrade: h2,h2c
                                                Connection: Upgrade, Keep-Alive
                                                Last-Modified: Sun, 10 Mar 2024 23:33:17 GMT
                                                ETag: "65c11ea-bc-61356d97f8971-gzip"
                                                Accept-Ranges: bytes
                                                Vary: Accept-Encoding
                                                Content-Encoding: gzip
                                                Content-Length: 167
                                                Keep-Alive: timeout=5
                                                Content-Type: text/html
                                              • flag-in
                                                GET
                                                http://katariatradersindia.com/favicon.ico
                                                chrome.exe
                                                Remote address:
                                                68.178.152.97:80
                                                Request
                                                GET /favicon.ico HTTP/1.1
                                                Host: katariatradersindia.com
                                                Connection: keep-alive
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                Referer: http://katariatradersindia.com/css/Zyr.htm
                                                Accept-Encoding: gzip, deflate
                                                Accept-Language: en-US,en;q=0.9
                                                Response
                                                HTTP/1.1 403 Forbidden
                                                Date: Mon, 11 Mar 2024 01:45:06 GMT
                                                Server: Apache
                                                Last-Modified: Sun, 10 Mar 2024 18:37:33 GMT
                                                ETag: "65c047c-17714-61352b7dfcde3"
                                                Accept-Ranges: bytes
                                                Content-Length: 96020
                                                Vary: Accept-Encoding
                                                Keep-Alive: timeout=5
                                                Connection: Keep-Alive
                                                Content-Type: text/html
                                              • flag-us
                                                DNS
                                                97.152.178.68.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                97.152.178.68.in-addr.arpa
                                                IN PTR
                                                Response
                                                97.152.178.68.in-addr.arpa
                                                IN PTR
                                                9715217868host secureservernet
                                              • flag-us
                                                DNS
                                                sgtglass.in
                                                chrome.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                sgtglass.in
                                                IN A
                                                Response
                                                sgtglass.in
                                                IN A
                                                68.178.145.137
                                              • flag-in
                                                GET
                                                http://sgtglass.in/happp/Tax%20Payment%20Challan.zip
                                                chrome.exe
                                                Remote address:
                                                68.178.145.137:80
                                                Request
                                                GET /happp/Tax%20Payment%20Challan.zip HTTP/1.1
                                                Host: sgtglass.in
                                                Connection: keep-alive
                                                Upgrade-Insecure-Requests: 1
                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                Referer: http://katariatradersindia.com/
                                                Accept-Encoding: gzip, deflate
                                                Accept-Language: en-US,en;q=0.9
                                                Response
                                                HTTP/1.1 200 OK
                                                Date: Mon, 11 Mar 2024 01:45:06 GMT
                                                Server: Apache
                                                Upgrade: h2,h2c
                                                Connection: Upgrade, Keep-Alive
                                                Last-Modified: Sun, 10 Mar 2024 23:20:00 GMT
                                                ETag: "a005aa-5b979-61356aa01b56b"
                                                Accept-Ranges: bytes
                                                Content-Length: 375161
                                                Vary: Accept-Encoding
                                                Keep-Alive: timeout=5
                                                Content-Type: application/zip
                                              • flag-us
                                                DNS
                                                240.221.184.93.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                240.221.184.93.in-addr.arpa
                                                IN PTR
                                                Response
                                              • flag-us
                                                DNS
                                                23.159.190.20.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                23.159.190.20.in-addr.arpa
                                                IN PTR
                                                Response
                                              • flag-us
                                                DNS
                                                137.145.178.68.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                137.145.178.68.in-addr.arpa
                                                IN PTR
                                                Response
                                                137.145.178.68.in-addr.arpa
                                                IN PTR
                                                13714517868host secureservernet
                                              • flag-us
                                                DNS
                                                g.bing.com
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                g.bing.com
                                                IN A
                                                Response
                                                g.bing.com
                                                IN CNAME
                                                g-bing-com.a-0001.a-msedge.net
                                                g-bing-com.a-0001.a-msedge.net
                                                IN CNAME
                                                dual-a-0001.a-msedge.net
                                                dual-a-0001.a-msedge.net
                                                IN A
                                                204.79.197.200
                                                dual-a-0001.a-msedge.net
                                                IN A
                                                13.107.21.200
                                              • flag-us
                                                GET
                                                https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=
                                                Remote address:
                                                204.79.197.200:443
                                                Request
                                                GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid= HTTP/2.0
                                                host: g.bing.com
                                                accept-encoding: gzip, deflate
                                                user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                                                Response
                                                HTTP/2.0 204
                                                cache-control: no-cache, must-revalidate
                                                pragma: no-cache
                                                expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                set-cookie: MUID=052439CF716D652921AA2DF0708D64AD; domain=.bing.com; expires=Sat, 05-Apr-2025 01:45:09 GMT; path=/; SameSite=None; Secure; Priority=High;
                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                access-control-allow-origin: *
                                                x-cache: CONFIG_NOCACHE
                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                x-msedge-ref: Ref A: 2EF3106887F542D2BCA931EB10E40E45 Ref B: LON04EDGE1012 Ref C: 2024-03-11T01:45:09Z
                                                date: Mon, 11 Mar 2024 01:45:09 GMT
                                              • flag-us
                                                GET
                                                https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=
                                                Remote address:
                                                204.79.197.200:443
                                                Request
                                                GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid= HTTP/2.0
                                                host: g.bing.com
                                                accept-encoding: gzip, deflate
                                                user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                                                cookie: MUID=052439CF716D652921AA2DF0708D64AD
                                                Response
                                                HTTP/2.0 204
                                                cache-control: no-cache, must-revalidate
                                                pragma: no-cache
                                                expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                set-cookie: MSPTC=MvnzoFtPmmqK-sSkdle9osRe9GKjKOqQPR9vF_7Or5M; domain=.bing.com; expires=Sat, 05-Apr-2025 01:45:09 GMT; path=/; Partitioned; secure; SameSite=None
                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                access-control-allow-origin: *
                                                x-cache: CONFIG_NOCACHE
                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                x-msedge-ref: Ref A: E3E744068C5948789BACB2F9A68D4C34 Ref B: LON04EDGE1012 Ref C: 2024-03-11T01:45:09Z
                                                date: Mon, 11 Mar 2024 01:45:09 GMT
                                              • flag-us
                                                GET
                                                https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=
                                                Remote address:
                                                204.79.197.200:443
                                                Request
                                                GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid= HTTP/2.0
                                                host: g.bing.com
                                                accept-encoding: gzip, deflate
                                                user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                                                cookie: MUID=052439CF716D652921AA2DF0708D64AD; MSPTC=MvnzoFtPmmqK-sSkdle9osRe9GKjKOqQPR9vF_7Or5M
                                                Response
                                                HTTP/2.0 204
                                                cache-control: no-cache, must-revalidate
                                                pragma: no-cache
                                                expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                strict-transport-security: max-age=31536000; includeSubDomains; preload
                                                access-control-allow-origin: *
                                                x-cache: CONFIG_NOCACHE
                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                x-msedge-ref: Ref A: DB01801CC1A143B8ADD7AF747BAE0DEA Ref B: LON04EDGE1012 Ref C: 2024-03-11T01:45:10Z
                                                date: Mon, 11 Mar 2024 01:45:10 GMT
                                              • flag-us
                                                DNS
                                                26.35.223.20.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                26.35.223.20.in-addr.arpa
                                                IN PTR
                                                Response
                                              • flag-us
                                                DNS
                                                200.197.79.204.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                200.197.79.204.in-addr.arpa
                                                IN PTR
                                                Response
                                                200.197.79.204.in-addr.arpa
                                                IN PTR
                                                a-0001a-msedgenet
                                              • flag-us
                                                DNS
                                                41.110.16.96.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                41.110.16.96.in-addr.arpa
                                                IN PTR
                                                Response
                                                41.110.16.96.in-addr.arpa
                                                IN PTR
                                                a96-16-110-41deploystaticakamaitechnologiescom
                                              • flag-us
                                                DNS
                                                183.142.211.20.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                183.142.211.20.in-addr.arpa
                                                IN PTR
                                                Response
                                              • flag-us
                                                DNS
                                                26.165.165.52.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                26.165.165.52.in-addr.arpa
                                                IN PTR
                                                Response
                                              • flag-us
                                                DNS
                                                15.164.165.52.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                15.164.165.52.in-addr.arpa
                                                IN PTR
                                                Response
                                              • flag-us
                                                DNS
                                                15.164.165.52.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                15.164.165.52.in-addr.arpa
                                                IN PTR
                                              • flag-us
                                                DNS
                                                217.135.221.88.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                217.135.221.88.in-addr.arpa
                                                IN PTR
                                                Response
                                                217.135.221.88.in-addr.arpa
                                                IN PTR
                                                a88-221-135-217deploystaticakamaitechnologiescom
                                              • flag-us
                                                DNS
                                                28.118.140.52.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                28.118.140.52.in-addr.arpa
                                                IN PTR
                                                Response
                                              • flag-us
                                                DNS
                                                203.197.79.204.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                203.197.79.204.in-addr.arpa
                                                IN PTR
                                                Response
                                                203.197.79.204.in-addr.arpa
                                                IN PTR
                                                a-0003a-msedgenet
                                              • flag-us
                                                DNS
                                                www.google.com
                                                chrome.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                www.google.com
                                                IN A
                                                Response
                                                www.google.com
                                                IN A
                                                142.251.36.4
                                              • flag-us
                                                DNS
                                                4.36.251.142.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                4.36.251.142.in-addr.arpa
                                                IN PTR
                                                Response
                                                4.36.251.142.in-addr.arpa
                                                IN PTR
                                                ams15s44-in-f41e100net
                                              • flag-us
                                                DNS
                                                virustotal.com
                                                chrome.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                virustotal.com
                                                IN A
                                                Response
                                                virustotal.com
                                                IN A
                                                216.239.32.21
                                                virustotal.com
                                                IN A
                                                216.239.34.21
                                                virustotal.com
                                                IN A
                                                216.239.36.21
                                                virustotal.com
                                                IN A
                                                216.239.38.21
                                              • flag-us
                                                GET
                                                https://virustotal.com/
                                                chrome.exe
                                                Remote address:
                                                216.239.32.21:443
                                                Request
                                                GET / HTTP/2.0
                                                host: virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                sec-ch-ua-platform: "Windows"
                                                upgrade-insecure-requests: 1
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                sec-ch-ua-arch: "x86"
                                                sec-ch-ua-platform-version: "10.0.0"
                                                sec-ch-ua-model: ""
                                                sec-ch-ua-bitness: "64"
                                                sec-ch-ua-wow64: ?0
                                                sec-ch-ua-full-version-list: "Chromium";v="106.0.5249.119", "Google Chrome";v="106.0.5249.119", "Not;A=Brand";v="99.0.0.0"
                                                sec-fetch-site: none
                                                sec-fetch-mode: navigate
                                                sec-fetch-user: ?1
                                                sec-fetch-dest: document
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                DNS
                                                www.virustotal.com
                                                chrome.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                www.virustotal.com
                                                IN A
                                                Response
                                                www.virustotal.com
                                                IN CNAME
                                                ghs-svc-https-c46.ghs-ssl.googlehosted.com
                                                ghs-svc-https-c46.ghs-ssl.googlehosted.com
                                                IN A
                                                74.125.34.46
                                              • flag-us
                                                DNS
                                                www.virustotal.com
                                                chrome.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                www.virustotal.com
                                                IN A
                                              • flag-us
                                                DNS
                                                21.32.239.216.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                21.32.239.216.in-addr.arpa
                                                IN PTR
                                                Response
                                                21.32.239.216.in-addr.arpa
                                                IN PTR
                                                any-in-20151e100net
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/ HTTP/2.0
                                                host: www.virustotal.com
                                                upgrade-insecure-requests: 1
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                sec-ch-ua-platform: "Windows"
                                                sec-ch-ua-arch: "x86"
                                                sec-ch-ua-platform-version: "10.0.0"
                                                sec-ch-ua-model: ""
                                                sec-ch-ua-bitness: "64"
                                                sec-ch-ua-wow64: ?0
                                                sec-ch-ua-full-version-list: "Chromium";v="106.0.5249.119", "Google Chrome";v="106.0.5249.119", "Not;A=Brand";v="99.0.0.0"
                                                sec-fetch-site: none
                                                sec-fetch-mode: navigate
                                                sec-fetch-user: ?1
                                                sec-fetch-dest: document
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/main.e1baa10e713b97fe439b.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/main.e1baa10e713b97fe439b.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/stackdriver-errors.b289406877fe6574d5ac.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/stackdriver-errors.b289406877fe6574d5ac.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                POST
                                                https://www.virustotal.com/ui/signin
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                POST /ui/signin HTTP/2.0
                                                host: www.virustotal.com
                                                content-length: 4
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTEyNTM5MDQ4NjMtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxNTc1Ljc5Nw==
                                                sec-ch-ua-platform: "Windows"
                                                origin: https://www.virustotal.com
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/user_notifications
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/user_notifications HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTIxOTcxNTMyNzMtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxNTc1Ljc5OA==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/76446.08d9241a7dbb362fcae1.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/76446.08d9241a7dbb362fcae1.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/36386.836bfee147903547ea57.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/36386.836bfee147903547ea57.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/cookie_disclaimer
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/cookie_disclaimer HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTQ3MDc2MjY1NTQtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxNTc1LjgxMg==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/2121f4aabac6fbe523ec.woff2
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/2121f4aabac6fbe523ec.woff2 HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                origin: https://www.virustotal.com
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: font
                                                referer: https://www.virustotal.com/gui/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/1402accbefdec6a25762.woff2
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/1402accbefdec6a25762.woff2 HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                origin: https://www.virustotal.com
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: font
                                                referer: https://www.virustotal.com/gui/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/ee990a93df71bfdfb3b5.woff2
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/ee990a93df71bfdfb3b5.woff2 HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                origin: https://www.virustotal.com
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: font
                                                referer: https://www.virustotal.com/gui/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/vt-ui-shell-extra-deps.0ae30c20fe6979885247.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/vt-ui-shell-extra-deps.0ae30c20fe6979885247.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/vt-ui-sw-installer.c228b2b19bd8517cfe55.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/vt-ui-sw-installer.c228b2b19bd8517cfe55.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/static/qrcode.min.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/static/qrcode.min.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/static/opensearch.xml
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/static/opensearch.xml HTTP/2.0
                                                host: www.virustotal.com
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/images/favicon.svg
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/images/favicon.svg HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: image
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.0.1710121577.0.0.0
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/service-worker.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/service-worker.js HTTP/2.0
                                                host: www.virustotal.com
                                                cache-control: max-age=0
                                                accept: */*
                                                service-worker: script
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: same-origin
                                                sec-fetch-dest: serviceworker
                                                referer: https://www.virustotal.com/
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.0.1710121577.0.0.0
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/images/manifest/icon-192x192.png
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/images/manifest/icon-192x192.png HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: image
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.0.1710121577.0.0.0
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/sha256.worker.d774f311f4702f912904.worker.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/sha256.worker.d774f311f4702f912904.worker.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: same-origin
                                                sec-fetch-dest: worker
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _gat=1
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.0.1710121582.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729 HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTM1NDY0MDk5MjQtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxNTk5Ljg4OQ==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _gat=1
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.0.1710121582.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/1fc6c01d1812fbfbaa47.woff2
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/1fc6c01d1812fbfbaa47.woff2 HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                origin: https://www.virustotal.com
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: font
                                                referer: https://www.virustotal.com/gui/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _gat=1
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.0.1710121582.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/upload_url
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/upload_url HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-v3-token: 03AFcWeA6Kj2ZGrQmyb78kiU5uqXILf9n39p8ul_AFEQUu_AfvC_W00znIPWDFz7i78Y7WMIqH6nhFJZU0L29r0J2jfYPKf4W479y2i806bbyparHeipcfFHwwj9Re-EbKC3VT98a9cMgV7tZ9C5Q_cz1ItcZBzk6ShGXDml98agbCoGYc_NvQjHHwhhYPFyiy_joeriT-EsrOAZ3W4LsFT-Crv4WBQaetnEDVPY9QWl45YUJov0nW-3ZU8qMxP6ltHLmshsfxwz3rRYbl7zaGd1aRvK9kxW75QuNMpst_KNFyucvKzI5ljzr4AvUKifyU8fBLibobQCS_-G31qeqhohRhJG9BexxcxPBGvd6R7XHwEx4ZLby5FKbrMKxFjtMAmUXqwOznayCMe1QFJ5i15vUguZUknLeF5ZVOEshnDR3UWrvsZNd6GxqDBHborIiK59kZtzG7YcOuFi_y56yy0tmqdF79XX9fu8LV-8XyLjTU0Tusv6x8LRs7aHL-vDhCnGWp67APUw6sdQMS_SlY3ReZ8wH9IG_ghg_iuHUahdz6WKANGGuBspfhIXDvUg1-emWjOp9I8oyphKFuSweT7w29_oc5ckehFLiZpCZOTUnELFcA2ymBdb9jpXTGQFF_OAUKPkW3qRPmOKqnbnFhuzyxMFJ-RjzLnrUP-sxnG8H23mAmEHWPjokKwvexycnVB56MDxH6NtXxn69SPEkKAGSGGyVEmtqV_Bfd9DpQRYMU0-KrrKcF-QbtbxKyjFpyrY3YNLW4wsIU5Cd-tpXftvVctAVVhBxipAai7HOhkYts44DeMJUuIRZbYri9aCU-uLFcjqIrPbl5Jxjsw0KeOu_GangdgfYl6BPMKmTtShY6pBqyalC1TSmH4Uf4-FePItdr8IjchSeIap4DzlmQXmSNw8yq_pup91sL-rmmMTNLPMSJZVstkjigF2_C7QsJTuKLVDt6jyetxVvqEvw4shKmHQ9LfUZ_IaGvf0TLo6mmZ4xMtxjFXV7zL3A22zjqnN5N1ZXr2LC2-iu1-Sz8OzKGx4kf2zi7_jR9mFshNsiyHg9mFBFd3GqbAMjw9SbNJZV2ukYWDWW7h8Q1unm-IlA1Id7CqhUEmucqLUHkk7y8ltqUrrZtQ9gBfWO6uDqB40Tz_O5VvDobFDKCWlJCbaO8S4p1EY8pHnKynIPTg2gQ8SSHjuOvK-yVYcESHHVr-TyJbHpUeAa89ck2vKqgDtG-cfTEdtWDNJg7IIBesgfnyUjK6q7KBLem_bEPh4zDSqBrxVzKGQ45jRASMbtIuPmNLZIDugLnxeWLpG9q6GYfXug-0Y-LMNKiZJSQW85iiUj9VqI1NHs0ivUM0ABtlu0RltX6Nvs3BJJZAw3azdWV54t9K4dkd4Hqcyq_kgRCeaibrfIRfqOdV9Zip5yhbUOGdiJNn-KLF6GW0yREWthMMAcBOeXHcODUXp5knppXqQ_PtIuhwYZVKh9U9LlGcowpRPctjeeVer9Rko3tfI7sm6n1_KNWJAOcGjDFp_ABmm90Y84weFtSSDQN3Ujr0tUL7Y0c4c_azQTe95faqDqEPZbaNUdA2ZXbF0eMu_JuUGRjmPXPtRWWrkoQM9vlEDgOCiLCHIIxuH0K0_2EuHMU9E4fBAgsTpPIHVGBaKWTTGhdgABxR1ET5IBTr14PkooZJrp72D3KaA
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-recaptcha-v3-action: file_upload
                                                x-vt-anti-abuse-header: MTE4OTM4MjQxNjYtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxNjA4LjA3MQ==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _gat=1
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121608.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/85622.c6a05ade90f6341e79f3.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/85622.c6a05ade90f6341e79f3.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _gat=1
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121608.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729 HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTgyNTk2MDYxOTktWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODMyLjkyNg==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/2766.83fc8c19511961389f7a.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/2766.83fc8c19511961389f7a.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/27604.cc72e42e5e25c872f1f7.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/27604.cc72e42e5e25c872f1f7.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/16475.8e9839e6864f869c141c.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/16475.8e9839e6864f869c141c.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/37285.eb3038821b533e0dd0b3.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/37285.eb3038821b533e0dd0b3.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/4155.b4aa88f67987cf2466ec.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/4155.b4aa88f67987cf2466ec.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/57247.4a59bd9815f56a031e14.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/57247.4a59bd9815f56a031e14.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/90141.27e67597f0c2dc5611d2.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/90141.27e67597f0c2dc5611d2.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/86082.72b529156e57d69d6c62.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/86082.72b529156e57d69d6c62.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/76885.6a7d3d0648f797de1817.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/76885.6a7d3d0648f797de1817.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/63334.41b5698a787836a690d3.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/63334.41b5698a787836a690d3.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/50361.69308b6c059520f6666c.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/50361.69308b6c059520f6666c.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/82353.9c68fe6085038c129e9f.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/82353.9c68fe6085038c129e9f.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/75850.756b2f197e6b05f8bbf9.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/75850.756b2f197e6b05f8bbf9.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/25701.19ceb3918354f07238b4.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/25701.19ceb3918354f07238b4.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/98738.0e79e23335dc9c1b3695.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/98738.0e79e23335dc9c1b3695.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/94571.baf80524f2956df7f589.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/94571.baf80524f2956df7f589.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/53486.ad811c674149540522ec.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/53486.ad811c674149540522ec.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/76491.f1bd20cee693bcdc7cf9.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/76491.f1bd20cee693bcdc7cf9.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/65524.663c6577e746f64588bb.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/65524.663c6577e746f64588bb.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/55164.2133e1367daffc03156c.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/55164.2133e1367daffc03156c.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/40384.a3d07392da25a48012b6.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/40384.a3d07392da25a48012b6.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/58912.f8f18ff854560a1acdca.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/58912.f8f18ff854560a1acdca.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/65237.8c8b9ba84e29296c8f93.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/65237.8c8b9ba84e29296c8f93.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/26603.5af43d8a9c4c014c1034.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/26603.5af43d8a9c4c014c1034.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/67858.ca3e7520cdf6d2a38ac9.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/67858.ca3e7520cdf6d2a38ac9.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/55336.f076c874199e97e08a41.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/55336.f076c874199e97e08a41.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/49207.0b3c33f8a58070e11e43.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/49207.0b3c33f8a58070e11e43.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/13870.7c0eda368c361cd5e6ec.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/13870.7c0eda368c361cd5e6ec.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/33862.8f45892bd82c27306b74.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/33862.8f45892bd82c27306b74.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/40107.3b8e52e84f4a0b7462c0.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/40107.3b8e52e84f4a0b7462c0.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/50672.e77b255c497533a83fa0.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/50672.e77b255c497533a83fa0.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/34386.56f5b0e6431bfc80fbdd.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/34386.56f5b0e6431bfc80fbdd.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/87027.8a32f091541c4fe50aef.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/87027.8a32f091541c4fe50aef.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/39406.41e50d0371e7fe309123.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/39406.41e50d0371e7fe309123.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/28026.8b71db7570949a791554.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/28026.8b71db7570949a791554.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/13242.e12b936c24811dca20ae.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/13242.e12b936c24811dca20ae.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/74552.2e8192dc6c15c665f808.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/74552.2e8192dc6c15c665f808.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/submission/challenge
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/submission/challenge HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                cache-control: no-cache
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTgyNTk5NjI1ODgtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODMzLjQxNg==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                POST
                                                https://www.virustotal.com/ui/intelligence/rules_matching_iocs
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                POST /ui/intelligence/rules_matching_iocs HTTP/2.0
                                                host: www.virustotal.com
                                                content-length: 89
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTQ0MDEzNjAwMzItWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODM0LjQzNw==
                                                sec-ch-ua-platform: "Windows"
                                                origin: https://www.virustotal.com
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729 HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTY0ODY0Njk3ODYtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODM0LjQzOQ==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                POST
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/submissions/add
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                POST /ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/submissions/add HTTP/2.0
                                                host: www.virustotal.com
                                                content-length: 147
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTkzMzI4MjkyOTAtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODM0LjU2Nw==
                                                sec-ch-ua-platform: "Windows"
                                                origin: https://www.virustotal.com
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/dropped_files
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/dropped_files HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTUxMDEyODA4MTAtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODM0LjYwMw==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/contacted_urls
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/contacted_urls HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTEzNDgyNTAyODAtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODM0LjYwNA==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/contacted_domains
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/contacted_domains HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTAzNzUzNDMxNTktWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODM0LjYwNA==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/contacted_ips
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/contacted_ips HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTU1OTgwMDkzOTgtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODM0LjYwNQ==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/execution_parents
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/execution_parents HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTM2Mzk0MzY3OTMtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODM0LjYwNQ==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/pe_resource_parents
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/pe_resource_parents HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTA2MzcyMjQ2MjUtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODM0LjYwNg==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/bundled_files
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/bundled_files HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTc4Mzg1NzE2OTUtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODM0LjYwNg==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/pe_resource_children
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/pe_resource_children HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTU2Njc3Njc4NjktWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODM0LjYwNw==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/behaviour_mitre_trees
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/behaviour_mitre_trees HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTE0MzYxMjA4NTYtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODM0LjYzNQ==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/mitre_format?link=true
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/mitre_format?link=true HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTUxOTczNDY0MzgtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODM0LjYzNg==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/behaviours?limit=40
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/behaviours?limit=40 HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTg2NTA3MDYzOTUtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODM0LjY0MQ==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/icon.types-zip.5dbd88de5aaca441ade4.js
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/icon.types-zip.5dbd88de5aaca441ade4.js HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/behaviour_mitre_trees
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/behaviour_mitre_trees HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTkxMDcyODYwMjQtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODM1LjQzOQ==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/votes?relationships=item%2Cvoter
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/votes?relationships=item%2Cvoter HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTk0MTI0Mzg5NDgtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODM1LjQ4NA==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/comments?relationships=item%2Cauthor
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/comments?relationships=item%2Cauthor HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTA3MjczMjQ1MzgtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODM1LjQ4NA==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/graphs?relationships=owner%2Cviewers%2Ceditors
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/graphs?relationships=owner%2Cviewers%2Ceditors HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                x-app-version: v1x251x1
                                                x-tool: vt-ui-main
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                content-type: application/json
                                                accept: application/json
                                                x-recaptcha-response: 03AFcWeA5Wprkudxw41Z3n7P0TtpIlz8jJ1TxGwjiLchfwGFSCIJ53FozLrW9Isq7RaqdZhH3SSUKmELxl_alS6eQ0pCLNwj4rd7zGcPa3HrEjnVJZHUKvKQwA0YbcbyVYyzKj0bU1dtw_2_4vRWRBt_wQ6wKcnD85uG3oH4oJizDSsfJid_MZc056b73fA8QHfrd94uPSiCkWxP6_5y_-2083KWRndZ-u1VMu0sPFRu0oDJ4JOZ_uP0gzvxevT_Z87YpLYFKd6SbaRLSZQqF0fD26C8J7iWb47uDkz81Zqvom3rZjzkAkqvTshCMn-sFhDtt705zEl3uZBcfh2-wSa0PS0FOgBHaWCrbf6FA5f0un1-BjwsJ6D8sjJN84u_UEfGMTbcSYhgVbknbyoXw-oVZL0AP4PyKL7pLivE83FOU2DHAZ7l4ucViOqOElH50CvFf44b8hj0Kh5BT2G2czL9BH8syKu35UC34UH6UNai4XCB0Wey59bdtpuiTSxd9RiJsH0QVDT5yO_2hbYn9hLiwZagJcooQAkQAEjUMKDOzSs067PmKo8zPO8eBnx2zP0cWb9IIsJCKIiyuhSiudO6SGGFRQOYAm-IYKi9mm4w-Y4e37gqjv1vS1qzDLLrYIU2d_AXOLaUS7efrjgHc15v_NnaE53xF-A8UPX3cUe1TcEKkLmociV-m0NwZPVSgUvhP51Bl_PYxQ
                                                accept-ianguage: en-US,en;q=0.9,es;q=0.8
                                                x-vt-anti-abuse-header: MTA0ODc2NjQ4NTQtWkc5dWRDQmlaU0JsZG1scy0xNzEwMTIxODM1LjQ4NQ==
                                                sec-ch-ua-platform: "Windows"
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                                cookie: _ga=GA1.2.689503298.1710121577
                                                cookie: _gid=GA1.2.1239080521.1710121578
                                                cookie: _ga_BLNDV9X2JR=GS1.1.1710121577.1.1.1710121818.0.0.0
                                                cookie: _gat=1
                                              • flag-us
                                                DNS
                                                www.recaptcha.net
                                                chrome.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                www.recaptcha.net
                                                IN A
                                                Response
                                                www.recaptcha.net
                                                IN A
                                                142.250.179.163
                                              • flag-us
                                                DNS
                                                www.recaptcha.net
                                                chrome.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                www.recaptcha.net
                                                IN A
                                              • flag-us
                                                DNS
                                                46.34.125.74.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                46.34.125.74.in-addr.arpa
                                                IN PTR
                                                Response
                                                46.34.125.74.in-addr.arpa
                                                IN PTR
                                                ghs-vip-any-c46ghs-ssl googlehostedcom
                                              • flag-nl
                                                GET
                                                https://www.recaptcha.net/recaptcha/api.js?render=explicit
                                                chrome.exe
                                                Remote address:
                                                142.250.179.163:443
                                                Request
                                                GET /recaptcha/api.js?render=explicit HTTP/2.0
                                                host: www.recaptcha.net
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: cross-site
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                DNS
                                                recaptcha.net
                                                chrome.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                recaptcha.net
                                                IN A
                                                Response
                                                recaptcha.net
                                                IN A
                                                142.251.39.99
                                              • flag-us
                                                DNS
                                                recaptcha.net
                                                chrome.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                recaptcha.net
                                                IN A
                                              • flag-us
                                                DNS
                                                40.36.251.142.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                40.36.251.142.in-addr.arpa
                                                IN PTR
                                                Response
                                                40.36.251.142.in-addr.arpa
                                                IN PTR
                                                ams17s12-in-f81e100net
                                              • flag-us
                                                DNS
                                                3.214.58.216.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                3.214.58.216.in-addr.arpa
                                                IN PTR
                                                Response
                                                3.214.58.216.in-addr.arpa
                                                IN PTR
                                                lhr26s05-in-f31e100net
                                                3.214.58.216.in-addr.arpa
                                                IN PTR
                                                �7
                                                3.214.58.216.in-addr.arpa
                                                IN PTR
                                                ams17s09-in-f3�F
                                              • flag-us
                                                DNS
                                                163.179.250.142.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                163.179.250.142.in-addr.arpa
                                                IN PTR
                                                Response
                                                163.179.250.142.in-addr.arpa
                                                IN PTR
                                                ams15s41-in-f31e100net
                                              • flag-us
                                                DNS
                                                163.179.250.142.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                163.179.250.142.in-addr.arpa
                                                IN PTR
                                              • flag-nl
                                                GET
                                                https://recaptcha.net/recaptcha/api.js?render=explicit
                                                chrome.exe
                                                Remote address:
                                                142.251.39.99:443
                                                Request
                                                GET /recaptcha/api.js?render=explicit HTTP/2.0
                                                host: recaptcha.net
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: cross-site
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: script
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                DNS
                                                region1.google-analytics.com
                                                chrome.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                region1.google-analytics.com
                                                IN A
                                                Response
                                                region1.google-analytics.com
                                                IN A
                                                216.239.34.36
                                                region1.google-analytics.com
                                                IN A
                                                216.239.32.36
                                              • flag-us
                                                POST
                                                https://region1.google-analytics.com/g/collect?v=2&tid=G-BLNDV9X2JR&gtm=45je4360v9119290270z89133079464za220&_p=1710121574173&gcd=13l3l3l3l1&npa=0&dma=0&cid=689503298.1710121577&ul=en-us&sr=1280x720&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1710121577&sct=1&seg=0&dl=https%3A%2F%2Fwww.virustotal.com%2Fgui%2Fhome%2Fupload&dt=VirusTotal%20-%20Home&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4860
                                                chrome.exe
                                                Remote address:
                                                216.239.34.36:443
                                                Request
                                                POST /g/collect?v=2&tid=G-BLNDV9X2JR&gtm=45je4360v9119290270z89133079464za220&_p=1710121574173&gcd=13l3l3l3l1&npa=0&dma=0&cid=689503298.1710121577&ul=en-us&sr=1280x720&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1710121577&sct=1&seg=0&dl=https%3A%2F%2Fwww.virustotal.com%2Fgui%2Fhome%2Fupload&dt=VirusTotal%20-%20Home&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4860 HTTP/2.0
                                                host: region1.google-analytics.com
                                                content-length: 0
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                origin: https://www.virustotal.com
                                                sec-fetch-site: cross-site
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                DNS
                                                99.39.251.142.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                99.39.251.142.in-addr.arpa
                                                IN PTR
                                                Response
                                                99.39.251.142.in-addr.arpa
                                                IN PTR
                                                ams15s48-in-f31e100net
                                              • flag-us
                                                DNS
                                                42.36.251.142.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                42.36.251.142.in-addr.arpa
                                                IN PTR
                                                Response
                                                42.36.251.142.in-addr.arpa
                                                IN PTR
                                                ams17s12-in-f101e100net
                                              • flag-us
                                                DNS
                                                14.36.251.142.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                14.36.251.142.in-addr.arpa
                                                IN PTR
                                                Response
                                                14.36.251.142.in-addr.arpa
                                                IN PTR
                                                ams15s44-in-f141e100net
                                              • flag-us
                                                DNS
                                                content-autofill.googleapis.com
                                                chrome.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                content-autofill.googleapis.com
                                                IN A
                                                Response
                                                content-autofill.googleapis.com
                                                IN A
                                                172.217.23.202
                                                content-autofill.googleapis.com
                                                IN A
                                                142.250.179.138
                                                content-autofill.googleapis.com
                                                IN A
                                                142.251.36.42
                                                content-autofill.googleapis.com
                                                IN A
                                                142.250.179.170
                                                content-autofill.googleapis.com
                                                IN A
                                                142.250.179.202
                                                content-autofill.googleapis.com
                                                IN A
                                                142.251.36.10
                                                content-autofill.googleapis.com
                                                IN A
                                                142.251.39.106
                                              • flag-nl
                                                GET
                                                https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAlxnlqomOC7AxIFDVNaR8U=?alt=proto
                                                chrome.exe
                                                Remote address:
                                                172.217.23.202:443
                                                Request
                                                GET /v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAlxnlqomOC7AxIFDVNaR8U=?alt=proto HTTP/2.0
                                                host: content-autofill.googleapis.com
                                                x-goog-encode-response-if-executable: base64
                                                x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                                                x-client-data: CJzsygE=
                                                sec-fetch-site: none
                                                sec-fetch-mode: no-cors
                                                sec-fetch-dest: empty
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                DNS
                                                36.34.239.216.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                36.34.239.216.in-addr.arpa
                                                IN PTR
                                                Response
                                              • flag-us
                                                DNS
                                                202.23.217.172.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                202.23.217.172.in-addr.arpa
                                                IN PTR
                                                Response
                                                202.23.217.172.in-addr.arpa
                                                IN PTR
                                                prg03s05-in-f2021e100net
                                                202.23.217.172.in-addr.arpa
                                                IN PTR
                                                prg03s05-in-f10�J
                                                202.23.217.172.in-addr.arpa
                                                IN PTR
                                                ams16s37-in-f10�J
                                              • flag-us
                                                GET
                                                https://www.virustotal.com/gui/manifest.json
                                                chrome.exe
                                                Remote address:
                                                74.125.34.46:443
                                                Request
                                                GET /gui/manifest.json HTTP/2.0
                                                host: www.virustotal.com
                                                sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
                                                sec-ch-ua-mobile: ?0
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                sec-ch-ua-platform: "Windows"
                                                accept: */*
                                                sec-fetch-site: same-origin
                                                sec-fetch-mode: cors
                                                sec-fetch-dest: manifest
                                                referer: https://www.virustotal.com/
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                DNS
                                                35.36.251.142.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                35.36.251.142.in-addr.arpa
                                                IN PTR
                                                Response
                                                35.36.251.142.in-addr.arpa
                                                IN PTR
                                                ams17s12-in-f31e100net
                                              • flag-us
                                                DNS
                                                35.36.251.142.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                35.36.251.142.in-addr.arpa
                                                IN PTR
                                              • flag-us
                                                DNS
                                                35.36.251.142.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                35.36.251.142.in-addr.arpa
                                                IN PTR
                                              • flag-us
                                                DNS
                                                tse1.mm.bing.net
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                tse1.mm.bing.net
                                                IN A
                                                Response
                                                tse1.mm.bing.net
                                                IN CNAME
                                                mm-mm.bing.net.trafficmanager.net
                                                mm-mm.bing.net.trafficmanager.net
                                                IN CNAME
                                                dual-a-0001.a-msedge.net
                                                dual-a-0001.a-msedge.net
                                                IN A
                                                204.79.197.200
                                                dual-a-0001.a-msedge.net
                                                IN A
                                                13.107.21.200
                                              • flag-us
                                                GET
                                                https://tse1.mm.bing.net/th?id=OADD2.10239317301682_1B11K51A57M6DT1OI&pid=21.2&w=1080&h=1920&c=4
                                                Remote address:
                                                204.79.197.200:443
                                                Request
                                                GET /th?id=OADD2.10239317301682_1B11K51A57M6DT1OI&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
                                                host: tse1.mm.bing.net
                                                accept: */*
                                                accept-encoding: gzip, deflate, br
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                Response
                                                HTTP/2.0 200
                                                cache-control: public, max-age=2592000
                                                content-length: 779946
                                                content-type: image/jpeg
                                                x-cache: TCP_HIT
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                access-control-allow-methods: GET, POST, OPTIONS
                                                timing-allow-origin: *
                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                x-msedge-ref: Ref A: DFDC83ED5EBD4845AC5B2FEAC314C340 Ref B: LON04EDGE1116 Ref C: 2024-03-11T01:47:02Z
                                                date: Mon, 11 Mar 2024 01:47:02 GMT
                                              • flag-us
                                                GET
                                                https://tse1.mm.bing.net/th?id=OADD2.10239339388233_1ZV389LGZ415PJ5PE&pid=21.2&w=1080&h=1920&c=4
                                                Remote address:
                                                204.79.197.200:443
                                                Request
                                                GET /th?id=OADD2.10239339388233_1ZV389LGZ415PJ5PE&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
                                                host: tse1.mm.bing.net
                                                accept: */*
                                                accept-encoding: gzip, deflate, br
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                Response
                                                HTTP/2.0 200
                                                cache-control: public, max-age=2592000
                                                content-length: 497934
                                                content-type: image/jpeg
                                                x-cache: TCP_HIT
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                access-control-allow-methods: GET, POST, OPTIONS
                                                timing-allow-origin: *
                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                x-msedge-ref: Ref A: 1E391727591944CC8CCF3511F2825FD7 Ref B: LON04EDGE1116 Ref C: 2024-03-11T01:47:02Z
                                                date: Mon, 11 Mar 2024 01:47:02 GMT
                                              • flag-us
                                                GET
                                                https://tse1.mm.bing.net/th?id=OADD2.10239339388232_1HX9ZS0B9YGLAEN2M&pid=21.2&w=1920&h=1080&c=4
                                                Remote address:
                                                204.79.197.200:443
                                                Request
                                                GET /th?id=OADD2.10239339388232_1HX9ZS0B9YGLAEN2M&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
                                                host: tse1.mm.bing.net
                                                accept: */*
                                                accept-encoding: gzip, deflate, br
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                Response
                                                HTTP/2.0 200
                                                cache-control: public, max-age=2592000
                                                content-length: 700314
                                                content-type: image/jpeg
                                                x-cache: TCP_HIT
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                access-control-allow-methods: GET, POST, OPTIONS
                                                timing-allow-origin: *
                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                x-msedge-ref: Ref A: 913EABB350A249FBA4ABB7C12CB3815A Ref B: LON04EDGE1116 Ref C: 2024-03-11T01:47:02Z
                                                date: Mon, 11 Mar 2024 01:47:02 GMT
                                              • flag-us
                                                GET
                                                https://tse1.mm.bing.net/th?id=OADD2.10239317301273_1ROIHU6FASJOW5JNQ&pid=21.2&w=1920&h=1080&c=4
                                                Remote address:
                                                204.79.197.200:443
                                                Request
                                                GET /th?id=OADD2.10239317301273_1ROIHU6FASJOW5JNQ&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
                                                host: tse1.mm.bing.net
                                                accept: */*
                                                accept-encoding: gzip, deflate, br
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                Response
                                                HTTP/2.0 200
                                                cache-control: public, max-age=2592000
                                                content-length: 576858
                                                content-type: image/jpeg
                                                x-cache: TCP_HIT
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                access-control-allow-methods: GET, POST, OPTIONS
                                                timing-allow-origin: *
                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                x-msedge-ref: Ref A: 275D9A81AD24474C833788D133D1DB60 Ref B: LON04EDGE1116 Ref C: 2024-03-11T01:47:02Z
                                                date: Mon, 11 Mar 2024 01:47:02 GMT
                                              • flag-us
                                                GET
                                                https://tse1.mm.bing.net/th?id=OADD2.10239317300939_11X4DLPL3X0UI3XC3&pid=21.2&w=1920&h=1080&c=4
                                                Remote address:
                                                204.79.197.200:443
                                                Request
                                                GET /th?id=OADD2.10239317300939_11X4DLPL3X0UI3XC3&pid=21.2&w=1920&h=1080&c=4 HTTP/2.0
                                                host: tse1.mm.bing.net
                                                accept: */*
                                                accept-encoding: gzip, deflate, br
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                Response
                                                HTTP/2.0 200
                                                cache-control: public, max-age=2592000
                                                content-length: 325965
                                                content-type: image/jpeg
                                                x-cache: TCP_HIT
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                access-control-allow-methods: GET, POST, OPTIONS
                                                timing-allow-origin: *
                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                x-msedge-ref: Ref A: 6FA78D7CC1BD4747B1779A96AA3992F1 Ref B: LON04EDGE1116 Ref C: 2024-03-11T01:47:02Z
                                                date: Mon, 11 Mar 2024 01:47:02 GMT
                                              • flag-us
                                                GET
                                                https://tse1.mm.bing.net/th?id=OADD2.10239317301372_1XB2DMJ4R351BNZG0&pid=21.2&w=1080&h=1920&c=4
                                                Remote address:
                                                204.79.197.200:443
                                                Request
                                                GET /th?id=OADD2.10239317301372_1XB2DMJ4R351BNZG0&pid=21.2&w=1080&h=1920&c=4 HTTP/2.0
                                                host: tse1.mm.bing.net
                                                accept: */*
                                                accept-encoding: gzip, deflate, br
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                                                Response
                                                HTTP/2.0 200
                                                cache-control: public, max-age=2592000
                                                content-length: 385467
                                                content-type: image/jpeg
                                                x-cache: TCP_HIT
                                                access-control-allow-origin: *
                                                access-control-allow-headers: *
                                                access-control-allow-methods: GET, POST, OPTIONS
                                                timing-allow-origin: *
                                                report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
                                                nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                x-msedge-ref: Ref A: 10A7F17681824189ADD01A43F77D3955 Ref B: LON04EDGE1116 Ref C: 2024-03-11T01:47:03Z
                                                date: Mon, 11 Mar 2024 01:47:03 GMT
                                              • flag-us
                                                DNS
                                                252.15.104.51.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                252.15.104.51.in-addr.arpa
                                                IN PTR
                                                Response
                                              • flag-us
                                                DNS
                                                beacons.gcp.gvt2.com
                                                chrome.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                beacons.gcp.gvt2.com
                                                IN A
                                                Response
                                                beacons.gcp.gvt2.com
                                                IN CNAME
                                                beacons-handoff.gcp.gvt2.com
                                                beacons-handoff.gcp.gvt2.com
                                                IN A
                                                192.178.49.3
                                              • flag-us
                                                POST
                                                https://beacons.gcp.gvt2.com/domainreliability/upload
                                                chrome.exe
                                                Remote address:
                                                192.178.49.3:443
                                                Request
                                                POST /domainreliability/upload HTTP/2.0
                                                host: beacons.gcp.gvt2.com
                                                content-length: 782
                                                content-type: application/json; charset=utf-8
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                POST
                                                https://beacons.gcp.gvt2.com/domainreliability/upload
                                                chrome.exe
                                                Remote address:
                                                192.178.49.3:443
                                                Request
                                                POST /domainreliability/upload HTTP/2.0
                                                host: beacons.gcp.gvt2.com
                                                content-length: 290
                                                content-type: application/json; charset=utf-8
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                DNS
                                                3.49.178.192.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                3.49.178.192.in-addr.arpa
                                                IN PTR
                                                Response
                                                3.49.178.192.in-addr.arpa
                                                IN PTR
                                                phx18s08-in-f31e100net
                                              • flag-us
                                                DNS
                                                clients2.google.com
                                                chrome.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                clients2.google.com
                                                IN A
                                                Response
                                                clients2.google.com
                                                IN CNAME
                                                clients.l.google.com
                                                clients.l.google.com
                                                IN A
                                                142.251.39.110
                                              • flag-us
                                                DNS
                                                110.39.251.142.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                110.39.251.142.in-addr.arpa
                                                IN PTR
                                                Response
                                                110.39.251.142.in-addr.arpa
                                                IN PTR
                                                ams15s48-in-f141e100net
                                              • flag-us
                                                DNS
                                                beacons3.gvt2.com
                                                chrome.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                beacons3.gvt2.com
                                                IN A
                                                Response
                                                beacons3.gvt2.com
                                                IN A
                                                172.217.168.227
                                              • flag-us
                                                DNS
                                                beacons3.gvt2.com
                                                chrome.exe
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                beacons3.gvt2.com
                                                IN A
                                                Response
                                                beacons3.gvt2.com
                                                IN A
                                                172.217.168.227
                                              • flag-nl
                                                OPTIONS
                                                https://beacons3.gvt2.com/domainreliability/upload-nel
                                                chrome.exe
                                                Remote address:
                                                172.217.168.227:443
                                                Request
                                                OPTIONS /domainreliability/upload-nel HTTP/2.0
                                                host: beacons3.gvt2.com
                                                origin: https://beacons.gcp.gvt2.com
                                                access-control-request-method: POST
                                                access-control-request-headers: content-type
                                                user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
                                                accept-encoding: gzip, deflate, br
                                                accept-language: en-US,en;q=0.9
                                              • flag-us
                                                DNS
                                                227.168.217.172.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                227.168.217.172.in-addr.arpa
                                                IN PTR
                                                Response
                                                227.168.217.172.in-addr.arpa
                                                IN PTR
                                                ams15s40-in-f31e100net
                                              • flag-us
                                                DNS
                                                81.171.91.138.in-addr.arpa
                                                Remote address:
                                                8.8.8.8:53
                                                Request
                                                81.171.91.138.in-addr.arpa
                                                IN PTR
                                                Response
                                              • 68.178.152.97:80
                                                http://katariatradersindia.com/favicon.ico
                                                http
                                                chrome.exe
                                                3.3kB
                                                106.9kB
                                                52
                                                81

                                                HTTP Request

                                                GET http://katariatradersindia.com/css/Zyr.htm

                                                HTTP Response

                                                200

                                                HTTP Request

                                                GET http://katariatradersindia.com/favicon.ico

                                                HTTP Response

                                                403
                                              • 68.178.152.97:80
                                                katariatradersindia.com
                                                chrome.exe
                                                288 B
                                                196 B
                                                6
                                                4
                                              • 68.178.152.97:80
                                                katariatradersindia.com
                                                chrome.exe
                                                334 B
                                                236 B
                                                7
                                                5
                                              • 68.178.145.137:80
                                                http://sgtglass.in/happp/Tax%20Payment%20Challan.zip
                                                http
                                                chrome.exe
                                                9.1kB
                                                388.1kB
                                                174
                                                282

                                                HTTP Request

                                                GET http://sgtglass.in/happp/Tax%20Payment%20Challan.zip

                                                HTTP Response

                                                200
                                              • 68.178.145.137:80
                                                sgtglass.in
                                                chrome.exe
                                                288 B
                                                196 B
                                                6
                                                4
                                              • 68.178.145.137:80
                                                sgtglass.in
                                                chrome.exe
                                                288 B
                                                196 B
                                                6
                                                4
                                              • 204.79.197.200:443
                                                https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=
                                                tls, http2
                                                2.4kB
                                                11.1kB
                                                25
                                                21

                                                HTTP Request

                                                GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=

                                                HTTP Response

                                                204

                                                HTTP Request

                                                GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=

                                                HTTP Response

                                                204

                                                HTTP Request

                                                GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=8c8bda9c3843499ea8c00f67932bec6d&localId=w:AE07C56D-9F7E-DB3B-D18D-2459C76F841B&deviceId=6825825924912662&anid=

                                                HTTP Response

                                                204
                                              • 142.250.187.202:443
                                                92 B
                                                40 B
                                                2
                                                1
                                              • 142.251.36.4:443
                                                www.google.com
                                                tls
                                                chrome.exe
                                                1.1kB
                                                4.8kB
                                                9
                                                9
                                              • 216.239.32.21:443
                                                https://virustotal.com/
                                                tls, http2
                                                chrome.exe
                                                2.3kB
                                                4.9kB
                                                20
                                                21

                                                HTTP Request

                                                GET https://virustotal.com/
                                              • 216.239.32.21:443
                                                virustotal.com
                                                tls, http2
                                                chrome.exe
                                                953 B
                                                4.0kB
                                                8
                                                8
                                              • 74.125.34.46:443
                                                https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/graphs?relationships=owner%2Cviewers%2Ceditors
                                                tls, http2
                                                chrome.exe
                                                101.3kB
                                                2.3MB
                                                1459
                                                1871

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/main.e1baa10e713b97fe439b.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/stackdriver-errors.b289406877fe6574d5ac.js

                                                HTTP Request

                                                POST https://www.virustotal.com/ui/signin

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/user_notifications

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/76446.08d9241a7dbb362fcae1.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/36386.836bfee147903547ea57.js

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/cookie_disclaimer

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/2121f4aabac6fbe523ec.woff2

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/1402accbefdec6a25762.woff2

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/ee990a93df71bfdfb3b5.woff2

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/vt-ui-shell-extra-deps.0ae30c20fe6979885247.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/vt-ui-sw-installer.c228b2b19bd8517cfe55.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/static/qrcode.min.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/static/opensearch.xml

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/images/favicon.svg

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/service-worker.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/images/manifest/icon-192x192.png

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/sha256.worker.d774f311f4702f912904.worker.js

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/1fc6c01d1812fbfbaa47.woff2

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/upload_url

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/85622.c6a05ade90f6341e79f3.js

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/2766.83fc8c19511961389f7a.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/27604.cc72e42e5e25c872f1f7.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/16475.8e9839e6864f869c141c.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/37285.eb3038821b533e0dd0b3.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/4155.b4aa88f67987cf2466ec.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/57247.4a59bd9815f56a031e14.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/90141.27e67597f0c2dc5611d2.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/86082.72b529156e57d69d6c62.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/76885.6a7d3d0648f797de1817.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/63334.41b5698a787836a690d3.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/50361.69308b6c059520f6666c.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/82353.9c68fe6085038c129e9f.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/75850.756b2f197e6b05f8bbf9.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/25701.19ceb3918354f07238b4.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/98738.0e79e23335dc9c1b3695.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/94571.baf80524f2956df7f589.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/53486.ad811c674149540522ec.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/76491.f1bd20cee693bcdc7cf9.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/65524.663c6577e746f64588bb.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/55164.2133e1367daffc03156c.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/40384.a3d07392da25a48012b6.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/58912.f8f18ff854560a1acdca.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/65237.8c8b9ba84e29296c8f93.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/26603.5af43d8a9c4c014c1034.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/67858.ca3e7520cdf6d2a38ac9.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/55336.f076c874199e97e08a41.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/49207.0b3c33f8a58070e11e43.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/13870.7c0eda368c361cd5e6ec.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/33862.8f45892bd82c27306b74.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/40107.3b8e52e84f4a0b7462c0.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/50672.e77b255c497533a83fa0.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/34386.56f5b0e6431bfc80fbdd.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/87027.8a32f091541c4fe50aef.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/39406.41e50d0371e7fe309123.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/28026.8b71db7570949a791554.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/13242.e12b936c24811dca20ae.js

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/74552.2e8192dc6c15c665f808.js

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/submission/challenge

                                                HTTP Request

                                                POST https://www.virustotal.com/ui/intelligence/rules_matching_iocs

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729

                                                HTTP Request

                                                POST https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/submissions/add

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/dropped_files

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/contacted_urls

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/contacted_domains

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/contacted_ips

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/execution_parents

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/pe_resource_parents

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/bundled_files

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/pe_resource_children

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/behaviour_mitre_trees

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/mitre_format?link=true

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/behaviours?limit=40

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/icon.types-zip.5dbd88de5aaca441ade4.js

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/behaviour_mitre_trees

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/votes?relationships=item%2Cvoter

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/comments?relationships=item%2Cauthor

                                                HTTP Request

                                                GET https://www.virustotal.com/ui/files/81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729/graphs?relationships=owner%2Cviewers%2Ceditors
                                              • 142.250.179.163:443
                                                https://www.recaptcha.net/recaptcha/api.js?render=explicit
                                                tls, http2
                                                chrome.exe
                                                2.6kB
                                                15.6kB
                                                24
                                                26

                                                HTTP Request

                                                GET https://www.recaptcha.net/recaptcha/api.js?render=explicit
                                              • 142.251.39.99:443
                                                https://recaptcha.net/recaptcha/api.js?render=explicit
                                                tls, http2
                                                chrome.exe
                                                2.2kB
                                                15.5kB
                                                24
                                                27

                                                HTTP Request

                                                GET https://recaptcha.net/recaptcha/api.js?render=explicit
                                              • 216.239.34.36:443
                                                https://region1.google-analytics.com/g/collect?v=2&tid=G-BLNDV9X2JR&gtm=45je4360v9119290270z89133079464za220&_p=1710121574173&gcd=13l3l3l3l1&npa=0&dma=0&cid=689503298.1710121577&ul=en-us&sr=1280x720&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1710121577&sct=1&seg=0&dl=https%3A%2F%2Fwww.virustotal.com%2Fgui%2Fhome%2Fupload&dt=VirusTotal%20-%20Home&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4860
                                                tls, http2
                                                chrome.exe
                                                2.4kB
                                                7.3kB
                                                19
                                                19

                                                HTTP Request

                                                POST https://region1.google-analytics.com/g/collect?v=2&tid=G-BLNDV9X2JR&gtm=45je4360v9119290270z89133079464za220&_p=1710121574173&gcd=13l3l3l3l1&npa=0&dma=0&cid=689503298.1710121577&ul=en-us&sr=1280x720&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1710121577&sct=1&seg=0&dl=https%3A%2F%2Fwww.virustotal.com%2Fgui%2Fhome%2Fupload&dt=VirusTotal%20-%20Home&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4860
                                              • 172.217.23.202:443
                                                https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAlxnlqomOC7AxIFDVNaR8U=?alt=proto
                                                tls, http2
                                                chrome.exe
                                                2.0kB
                                                7.1kB
                                                19
                                                17

                                                HTTP Request

                                                GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSEAlxnlqomOC7AxIFDVNaR8U=?alt=proto
                                              • 74.125.34.46:443
                                                https://www.virustotal.com/gui/manifest.json
                                                tls, http2
                                                chrome.exe
                                                2.6kB
                                                6.3kB
                                                21
                                                20

                                                HTTP Request

                                                GET https://www.virustotal.com/gui/manifest.json
                                              • 204.79.197.200:443
                                                tse1.mm.bing.net
                                                tls, http2
                                                1.3kB
                                                9.5kB
                                                17
                                                15
                                              • 204.79.197.200:443
                                                tse1.mm.bing.net
                                                tls, http2
                                                1.3kB
                                                9.5kB
                                                17
                                                15
                                              • 204.79.197.200:443
                                                tse1.mm.bing.net
                                                tls, http2
                                                1.3kB
                                                9.5kB
                                                17
                                                15
                                              • 204.79.197.200:443
                                                https://tse1.mm.bing.net/th?id=OADD2.10239317301372_1XB2DMJ4R351BNZG0&pid=21.2&w=1080&h=1920&c=4
                                                tls, http2
                                                127.0kB
                                                3.4MB
                                                2495
                                                2489

                                                HTTP Request

                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239317301682_1B11K51A57M6DT1OI&pid=21.2&w=1080&h=1920&c=4

                                                HTTP Request

                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239339388233_1ZV389LGZ415PJ5PE&pid=21.2&w=1080&h=1920&c=4

                                                HTTP Request

                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239339388232_1HX9ZS0B9YGLAEN2M&pid=21.2&w=1920&h=1080&c=4

                                                HTTP Request

                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239317301273_1ROIHU6FASJOW5JNQ&pid=21.2&w=1920&h=1080&c=4

                                                HTTP Request

                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239317300939_11X4DLPL3X0UI3XC3&pid=21.2&w=1920&h=1080&c=4

                                                HTTP Response

                                                200

                                                HTTP Response

                                                200

                                                HTTP Response

                                                200

                                                HTTP Response

                                                200

                                                HTTP Response

                                                200

                                                HTTP Request

                                                GET https://tse1.mm.bing.net/th?id=OADD2.10239317301372_1XB2DMJ4R351BNZG0&pid=21.2&w=1080&h=1920&c=4

                                                HTTP Response

                                                200
                                              • 204.79.197.200:443
                                                tse1.mm.bing.net
                                                tls, http2
                                                1.2kB
                                                8.1kB
                                                16
                                                14
                                              • 192.178.49.3:443
                                                https://beacons.gcp.gvt2.com/domainreliability/upload
                                                tls, http2
                                                chrome.exe
                                                3.6kB
                                                7.9kB
                                                30
                                                28

                                                HTTP Request

                                                POST https://beacons.gcp.gvt2.com/domainreliability/upload

                                                HTTP Request

                                                POST https://beacons.gcp.gvt2.com/domainreliability/upload
                                              • 172.217.168.227:443
                                                https://beacons3.gvt2.com/domainreliability/upload-nel
                                                tls, http2
                                                chrome.exe
                                                2.1kB
                                                6.7kB
                                                22
                                                19

                                                HTTP Request

                                                OPTIONS https://beacons3.gvt2.com/domainreliability/upload-nel
                                              • 8.8.8.8:53
                                                136.32.126.40.in-addr.arpa
                                                dns
                                                72 B
                                                158 B
                                                1
                                                1

                                                DNS Request

                                                136.32.126.40.in-addr.arpa

                                              • 8.8.8.8:53
                                                95.221.229.192.in-addr.arpa
                                                dns
                                                73 B
                                                144 B
                                                1
                                                1

                                                DNS Request

                                                95.221.229.192.in-addr.arpa

                                              • 8.8.8.8:53
                                                katariatradersindia.com
                                                dns
                                                chrome.exe
                                                69 B
                                                85 B
                                                1
                                                1

                                                DNS Request

                                                katariatradersindia.com

                                                DNS Response

                                                68.178.152.97

                                              • 8.8.8.8:53
                                                241.154.82.20.in-addr.arpa
                                                dns
                                                72 B
                                                158 B
                                                1
                                                1

                                                DNS Request

                                                241.154.82.20.in-addr.arpa

                                              • 8.8.8.8:53
                                                97.152.178.68.in-addr.arpa
                                                dns
                                                72 B
                                                121 B
                                                1
                                                1

                                                DNS Request

                                                97.152.178.68.in-addr.arpa

                                              • 8.8.8.8:53
                                                sgtglass.in
                                                dns
                                                chrome.exe
                                                57 B
                                                73 B
                                                1
                                                1

                                                DNS Request

                                                sgtglass.in

                                                DNS Response

                                                68.178.145.137

                                              • 8.8.8.8:53
                                                240.221.184.93.in-addr.arpa
                                                dns
                                                73 B
                                                144 B
                                                1
                                                1

                                                DNS Request

                                                240.221.184.93.in-addr.arpa

                                              • 8.8.8.8:53
                                                23.159.190.20.in-addr.arpa
                                                dns
                                                72 B
                                                158 B
                                                1
                                                1

                                                DNS Request

                                                23.159.190.20.in-addr.arpa

                                              • 8.8.8.8:53
                                                137.145.178.68.in-addr.arpa
                                                dns
                                                73 B
                                                123 B
                                                1
                                                1

                                                DNS Request

                                                137.145.178.68.in-addr.arpa

                                              • 224.0.0.251:5353
                                                chrome.exe
                                                204 B
                                                3
                                              • 8.8.8.8:53
                                                g.bing.com
                                                dns
                                                56 B
                                                158 B
                                                1
                                                1

                                                DNS Request

                                                g.bing.com

                                                DNS Response

                                                204.79.197.200
                                                13.107.21.200

                                              • 8.8.8.8:53
                                                26.35.223.20.in-addr.arpa
                                                dns
                                                71 B
                                                157 B
                                                1
                                                1

                                                DNS Request

                                                26.35.223.20.in-addr.arpa

                                              • 8.8.8.8:53
                                                200.197.79.204.in-addr.arpa
                                                dns
                                                73 B
                                                106 B
                                                1
                                                1

                                                DNS Request

                                                200.197.79.204.in-addr.arpa

                                              • 8.8.8.8:53
                                                41.110.16.96.in-addr.arpa
                                                dns
                                                71 B
                                                135 B
                                                1
                                                1

                                                DNS Request

                                                41.110.16.96.in-addr.arpa

                                              • 8.8.8.8:53
                                                183.142.211.20.in-addr.arpa
                                                dns
                                                73 B
                                                159 B
                                                1
                                                1

                                                DNS Request

                                                183.142.211.20.in-addr.arpa

                                              • 8.8.8.8:53
                                                26.165.165.52.in-addr.arpa
                                                dns
                                                72 B
                                                146 B
                                                1
                                                1

                                                DNS Request

                                                26.165.165.52.in-addr.arpa

                                              • 8.8.8.8:53
                                                15.164.165.52.in-addr.arpa
                                                dns
                                                144 B
                                                146 B
                                                2
                                                1

                                                DNS Request

                                                15.164.165.52.in-addr.arpa

                                                DNS Request

                                                15.164.165.52.in-addr.arpa

                                              • 8.8.8.8:53
                                                217.135.221.88.in-addr.arpa
                                                dns
                                                73 B
                                                139 B
                                                1
                                                1

                                                DNS Request

                                                217.135.221.88.in-addr.arpa

                                              • 8.8.8.8:53
                                                28.118.140.52.in-addr.arpa
                                                dns
                                                72 B
                                                158 B
                                                1
                                                1

                                                DNS Request

                                                28.118.140.52.in-addr.arpa

                                              • 8.8.8.8:53
                                                203.197.79.204.in-addr.arpa
                                                dns
                                                73 B
                                                106 B
                                                1
                                                1

                                                DNS Request

                                                203.197.79.204.in-addr.arpa

                                              • 8.8.8.8:53
                                                www.google.com
                                                dns
                                                chrome.exe
                                                60 B
                                                76 B
                                                1
                                                1

                                                DNS Request

                                                www.google.com

                                                DNS Response

                                                142.251.36.4

                                              • 142.251.36.4:443
                                                www.google.com
                                                https
                                                chrome.exe
                                                6.5kB
                                                31.0kB
                                                41
                                                46
                                              • 8.8.8.8:53
                                                4.36.251.142.in-addr.arpa
                                                dns
                                                71 B
                                                109 B
                                                1
                                                1

                                                DNS Request

                                                4.36.251.142.in-addr.arpa

                                              • 8.8.8.8:53
                                                virustotal.com
                                                dns
                                                chrome.exe
                                                60 B
                                                124 B
                                                1
                                                1

                                                DNS Request

                                                virustotal.com

                                                DNS Response

                                                216.239.32.21
                                                216.239.34.21
                                                216.239.36.21
                                                216.239.38.21

                                              • 8.8.8.8:53
                                                www.virustotal.com
                                                dns
                                                chrome.exe
                                                128 B
                                                133 B
                                                2
                                                1

                                                DNS Request

                                                www.virustotal.com

                                                DNS Request

                                                www.virustotal.com

                                                DNS Response

                                                74.125.34.46

                                              • 8.8.8.8:53
                                                21.32.239.216.in-addr.arpa
                                                dns
                                                72 B
                                                107 B
                                                1
                                                1

                                                DNS Request

                                                21.32.239.216.in-addr.arpa

                                              • 8.8.8.8:53
                                                www.recaptcha.net
                                                dns
                                                chrome.exe
                                                126 B
                                                79 B
                                                2
                                                1

                                                DNS Request

                                                www.recaptcha.net

                                                DNS Request

                                                www.recaptcha.net

                                                DNS Response

                                                142.250.179.163

                                              • 8.8.8.8:53
                                                46.34.125.74.in-addr.arpa
                                                dns
                                                71 B
                                                125 B
                                                1
                                                1

                                                DNS Request

                                                46.34.125.74.in-addr.arpa

                                              • 8.8.8.8:53
                                                recaptcha.net
                                                dns
                                                chrome.exe
                                                118 B
                                                75 B
                                                2
                                                1

                                                DNS Request

                                                recaptcha.net

                                                DNS Request

                                                recaptcha.net

                                                DNS Response

                                                142.251.39.99

                                              • 8.8.8.8:53
                                                40.36.251.142.in-addr.arpa
                                                dns
                                                72 B
                                                110 B
                                                1
                                                1

                                                DNS Request

                                                40.36.251.142.in-addr.arpa

                                              • 8.8.8.8:53
                                                3.214.58.216.in-addr.arpa
                                                dns
                                                71 B
                                                152 B
                                                1
                                                1

                                                DNS Request

                                                3.214.58.216.in-addr.arpa

                                              • 8.8.8.8:53
                                                163.179.250.142.in-addr.arpa
                                                dns
                                                148 B
                                                112 B
                                                2
                                                1

                                                DNS Request

                                                163.179.250.142.in-addr.arpa

                                                DNS Request

                                                163.179.250.142.in-addr.arpa

                                              • 8.8.8.8:53
                                                region1.google-analytics.com
                                                dns
                                                chrome.exe
                                                74 B
                                                106 B
                                                1
                                                1

                                                DNS Request

                                                region1.google-analytics.com

                                                DNS Response

                                                216.239.34.36
                                                216.239.32.36

                                              • 142.251.39.99:443
                                                recaptcha.net
                                                https
                                                chrome.exe
                                                5.3kB
                                                39.6kB
                                                31
                                                40
                                              • 8.8.8.8:53
                                                99.39.251.142.in-addr.arpa
                                                dns
                                                72 B
                                                110 B
                                                1
                                                1

                                                DNS Request

                                                99.39.251.142.in-addr.arpa

                                              • 8.8.8.8:53
                                                42.36.251.142.in-addr.arpa
                                                dns
                                                72 B
                                                111 B
                                                1
                                                1

                                                DNS Request

                                                42.36.251.142.in-addr.arpa

                                              • 8.8.8.8:53
                                                14.36.251.142.in-addr.arpa
                                                dns
                                                72 B
                                                111 B
                                                1
                                                1

                                                DNS Request

                                                14.36.251.142.in-addr.arpa

                                              • 8.8.8.8:53
                                                content-autofill.googleapis.com
                                                dns
                                                chrome.exe
                                                77 B
                                                189 B
                                                1
                                                1

                                                DNS Request

                                                content-autofill.googleapis.com

                                                DNS Response

                                                172.217.23.202
                                                142.250.179.138
                                                142.251.36.42
                                                142.250.179.170
                                                142.250.179.202
                                                142.251.36.10
                                                142.251.39.106

                                              • 8.8.8.8:53
                                                36.34.239.216.in-addr.arpa
                                                dns
                                                72 B
                                                132 B
                                                1
                                                1

                                                DNS Request

                                                36.34.239.216.in-addr.arpa

                                              • 8.8.8.8:53
                                                202.23.217.172.in-addr.arpa
                                                dns
                                                73 B
                                                173 B
                                                1
                                                1

                                                DNS Request

                                                202.23.217.172.in-addr.arpa

                                              • 8.8.8.8:53
                                                35.36.251.142.in-addr.arpa
                                                dns
                                                216 B
                                                110 B
                                                3
                                                1

                                                DNS Request

                                                35.36.251.142.in-addr.arpa

                                                DNS Request

                                                35.36.251.142.in-addr.arpa

                                                DNS Request

                                                35.36.251.142.in-addr.arpa

                                              • 216.239.34.36:443
                                                region1.google-analytics.com
                                                https
                                                chrome.exe
                                                6.9kB
                                                7.6kB
                                                17
                                                21
                                              • 142.251.39.99:443
                                                recaptcha.net
                                                https
                                                chrome.exe
                                                101.0kB
                                                605.8kB
                                                237
                                                596
                                              • 172.217.23.202:443
                                                content-autofill.googleapis.com
                                                https
                                                chrome.exe
                                                2.2kB
                                                7.1kB
                                                8
                                                12
                                              • 8.8.8.8:53
                                                tse1.mm.bing.net
                                                dns
                                                62 B
                                                173 B
                                                1
                                                1

                                                DNS Request

                                                tse1.mm.bing.net

                                                DNS Response

                                                204.79.197.200
                                                13.107.21.200

                                              • 8.8.8.8:53
                                                252.15.104.51.in-addr.arpa
                                                dns
                                                72 B
                                                146 B
                                                1
                                                1

                                                DNS Request

                                                252.15.104.51.in-addr.arpa

                                              • 8.8.8.8:53
                                                beacons.gcp.gvt2.com
                                                dns
                                                chrome.exe
                                                66 B
                                                112 B
                                                1
                                                1

                                                DNS Request

                                                beacons.gcp.gvt2.com

                                                DNS Response

                                                192.178.49.3

                                              • 8.8.8.8:53
                                                3.49.178.192.in-addr.arpa
                                                dns
                                                71 B
                                                109 B
                                                1
                                                1

                                                DNS Request

                                                3.49.178.192.in-addr.arpa

                                              • 192.178.49.3:443
                                                beacons.gcp.gvt2.com
                                                https
                                                chrome.exe
                                                5.3kB
                                                7.6kB
                                                16
                                                15
                                              • 8.8.8.8:53
                                                clients2.google.com
                                                dns
                                                chrome.exe
                                                65 B
                                                105 B
                                                1
                                                1

                                                DNS Request

                                                clients2.google.com

                                                DNS Response

                                                142.251.39.110

                                              • 142.251.39.110:443
                                                clients2.google.com
                                                https
                                                chrome.exe
                                                3.7kB
                                                9.2kB
                                                15
                                                13
                                              • 8.8.8.8:53
                                                110.39.251.142.in-addr.arpa
                                                dns
                                                73 B
                                                112 B
                                                1
                                                1

                                                DNS Request

                                                110.39.251.142.in-addr.arpa

                                              • 8.8.8.8:53
                                                beacons3.gvt2.com
                                                dns
                                                chrome.exe
                                                126 B
                                                158 B
                                                2
                                                2

                                                DNS Request

                                                beacons3.gvt2.com

                                                DNS Request

                                                beacons3.gvt2.com

                                                DNS Response

                                                172.217.168.227

                                                DNS Response

                                                172.217.168.227

                                              • 172.217.168.227:443
                                                beacons3.gvt2.com
                                                https
                                                chrome.exe
                                                3.7kB
                                                7.3kB
                                                8
                                                10
                                              • 192.178.49.3:443
                                                beacons.gcp.gvt2.com
                                                https
                                                chrome.exe
                                                2.3kB
                                                3.6kB
                                                8
                                                9
                                              • 8.8.8.8:53
                                                227.168.217.172.in-addr.arpa
                                                dns
                                                74 B
                                                112 B
                                                1
                                                1

                                                DNS Request

                                                227.168.217.172.in-addr.arpa

                                              • 8.8.8.8:53
                                                81.171.91.138.in-addr.arpa
                                                dns
                                                72 B
                                                146 B
                                                1
                                                1

                                                DNS Request

                                                81.171.91.138.in-addr.arpa

                                              • 142.251.39.110:443
                                                clients2.google.com
                                                https
                                                chrome.exe
                                                3.3kB
                                                4.5kB
                                                10
                                                10
                                              • 216.239.34.36:443
                                                region1.google-analytics.com
                                                https
                                                chrome.exe
                                                3.8kB
                                                3.0kB
                                                9
                                                9
                                              • 192.178.49.3:443
                                                beacons.gcp.gvt2.com
                                                https
                                                chrome.exe
                                                3.7kB
                                                3.6kB
                                                11
                                                10
                                              • 192.178.49.3:443
                                                beacons.gcp.gvt2.com
                                                https
                                                chrome.exe
                                                4.0kB
                                                3.6kB
                                                14
                                                9
                                              • 192.178.49.3:443
                                                beacons.gcp.gvt2.com
                                                https
                                                chrome.exe
                                                1.3kB
                                                1.3kB
                                                1
                                                1

                                              MITRE ATT&CK Enterprise v15

                                              Replay Monitor

                                              Loading Replay Monitor...

                                              Downloads

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

                                                Filesize

                                                24KB

                                                MD5

                                                b82ca47ee5d42100e589bdd94e57936e

                                                SHA1

                                                0dad0cd7d0472248b9b409b02122d13bab513b4c

                                                SHA256

                                                d3c59060e591b3839ec59cad150c0a38a2a2a6ba4cc4dc5530f68be54f14ef1d

                                                SHA512

                                                58840a773a3a6cb0913e6a542934daecaef9c0eeab626446a29a70cd6d063fdb012229ff2ccfa283e3c05bc2a91a7cac331293965264715bdb9020f162dc7383

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

                                                Filesize

                                                194KB

                                                MD5

                                                f5b4137b040ec6bd884feee514f7c176

                                                SHA1

                                                7897677377a9ced759be35a66fdee34b391ab0ff

                                                SHA256

                                                845aa24ba38524f33f097b0d9bae7d9112b01fa35c443be5ec1f7b0da23513e6

                                                SHA512

                                                813b764a5650e4e3d1574172dd5d6a26f72c0ba5c8af7b0d676c62bc1b245e4563952bf33663bffc02089127b76a67f9977b0a8f18eaef22d9b4aa3abaaa7c40

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                Filesize

                                                552B

                                                MD5

                                                56cf7b4eb17c6fa7cc7de9c2ff8ed270

                                                SHA1

                                                5ab1ccdd788c11e6f5b349904b8dd6d817a0103d

                                                SHA256

                                                1dae49c8adc06d7b79d3b9df1b6c94db60da44b38251580b40620b51ac5b4ace

                                                SHA512

                                                3eadcf7b94e7d928c16457a9b2e6c5f6b716d37aca958f6a2c3763e4b2538872e41a656bc245a370336fc73af13ba50e27e20e2776b8306fe8411a937ff168b5

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                Filesize

                                                1KB

                                                MD5

                                                d625c14b69ff94000f59dd4d0962644e

                                                SHA1

                                                f39adfc292364db1c25ce671a793f166b314ca8a

                                                SHA256

                                                9c5a999f8159fb93ed1417a590029ceab99196838d613932e00674c60e6bb22c

                                                SHA512

                                                5792a468cb63493457d314708563fae60ffce310d6ede2fddaeed7c1c66e6079605f07ed5b0dd4bae810bb455a6fdcee95e788b131aa201172369297bfb078ca

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                Filesize

                                                552B

                                                MD5

                                                82e71e776895ed1930e312b278b29fe7

                                                SHA1

                                                aea88774698951051ca9456c0841d5a897d56fac

                                                SHA256

                                                0266430e9163116df0e2f57b5da11d5b0e5a2ef3efaff025d0a39becb3b25a3b

                                                SHA512

                                                6df6f884b49d926d4b01f6dc1c07ef952a8da9e42293cd165ae81c2eb4d9330e39d220ebb7c3826646a71c353e857d5d910558f7cb32b47bff5784215d8e150a

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                Filesize

                                                480B

                                                MD5

                                                ead195d8fbb84f31991f953ccb02f80d

                                                SHA1

                                                b75f3df6a9c9991bb6e333587bd0d830bd2b81d8

                                                SHA256

                                                ad5ba461ebe40848b6b9348d6cd06bd44951cf7835c8775c19db2c3ae74b4608

                                                SHA512

                                                2d0819a486e96a3daef81c0e1fe3508596f0b44f53d470de9ac3e85f30f6b7cae318cc27d0691481e32821554b9f8bbd78d7776a6b88cff13460d509f794a9a4

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                Filesize

                                                2KB

                                                MD5

                                                896accf27a96856b94f2a9b881212382

                                                SHA1

                                                adb44c69fe78c9964154c9320112b477eac67f4d

                                                SHA256

                                                15d6292be5bb006f87365eb7262398a220f180041ed637766f4bd3b1afa0e038

                                                SHA512

                                                e609d6dc6acd1c623edbe68e5c70034dc8bc20557561b8314212a8abbde5bdd297aa892e5fec9ceea4b543c5ff8ef691c26d3f3f55e8d85a9f77053179bcb6e1

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                Filesize

                                                3KB

                                                MD5

                                                d33d6c16c2a2ba4973c0d4c1adeed80a

                                                SHA1

                                                e5f83b6883b0c3b9f99ecffe0261dc36bd63ac1a

                                                SHA256

                                                8b51c8a8a6ff3a6be3a37e02a45a59e2db137ec79aade99ac30f55954a28f19b

                                                SHA512

                                                0edb1f7732b00971078a8deaa430d2ba365667dc79bf68bc13c12b7fed4163a8bb22f185a68a86be535ae8840a5b78e940a2504ec55628568f8019810c07d16f

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                Filesize

                                                3KB

                                                MD5

                                                b6694c6da0cec8c232b988f44969fc8a

                                                SHA1

                                                474851319e29a74ad8cf1a7173603bbf278354d6

                                                SHA256

                                                5a46d278e4f052e1677de4bbbefe041103d53d0871c87d3dcb9faa192dd728b3

                                                SHA512

                                                6218eefd1e72a6b7e51ab7d4d8ee41a90fba75c1e7ec3c8d6f82b45da00f93f4086abf24788312b32062909d076fdf87f1114b813ef1edc0cfbd2ac22f10de5f

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                Filesize

                                                3KB

                                                MD5

                                                5088f7615b21874e3f430827ca04d65a

                                                SHA1

                                                9167376824682f350388935d4f244283409a25c5

                                                SHA256

                                                bdd114ce6737b063877b0d70f8f61c7591be4e88575015dd702d2f9306cfcbb6

                                                SHA512

                                                2cb97b780b19b529e2d71efb4d21bc76707b6935ce377b3e56e8946fd8ea7873930474f7d93c69e2c41a9d7edaebc9962c747af0714a7d35e032ce62d2f0dafa

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                Filesize

                                                3KB

                                                MD5

                                                42cdb9a93840a5497f503f9f2f9f0bb6

                                                SHA1

                                                e6e09755985b8afe3518da551d9d7df23ac8a4df

                                                SHA256

                                                831cb333e50965d6a0a4bd7d4c1f11d4bc81533a1129f2988256a2e0ba9edcef

                                                SHA512

                                                99819b26adebdcd7fc8863e908c34502bde7b9dc43200efed859ac18a385f346005b7066e7252be826b099eadbe352ce2101a72ee31ab34b960dc9df6210ebfb

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                Filesize

                                                369B

                                                MD5

                                                1cd046f351fc07ac10abef380524c887

                                                SHA1

                                                2c60e2d74824bb73414ce8789b788ee3dd44a28c

                                                SHA256

                                                4a947e94e9650c29901c35217d60e4c0fee69369431a1c73f15f6648719be025

                                                SHA512

                                                29e868ac2680c27f0723add543605e4ba660a13e9322949e3910ae9c0eeb0603e513eca28f41ecd05d5b2291b72faf65404f37f1569c08045cd6bee777d7b8a0

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                Filesize

                                                871B

                                                MD5

                                                b2a509fa968ee9978a8b504e3209cd90

                                                SHA1

                                                2d4a772ac96af698ed1d113460b6ef7240342b0d

                                                SHA256

                                                c00b1717e70e0b56b756b875a46e326fa25e3fd0a8a8f875b92d9a762886ef0a

                                                SHA512

                                                1fb488d40ee9f6d88158789a776cdc68a915dac2f7eb13ee8eaf44eee362f3c3aa81bf611204e4def25fe4bf9abd1aa44d8b701b87b98f8681ea41979e6c3340

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                Filesize

                                                5KB

                                                MD5

                                                a2f7f4b1d05379a3f3d81531105a1481

                                                SHA1

                                                92ccb4accc24a1c89e33e73dc6dcba76460ea15e

                                                SHA256

                                                6bc3153f213981194f86f74b66a791acaba5da3c1a730ed7f3beca5d12673fbc

                                                SHA512

                                                50656b344681ab7c4c011019eb4bfe6e9829e303a1d345fed71f876a1685cb28a137318cd2790c725eec63504294a8273d83e103257aca1923fd8ad05b3e90fe

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                Filesize

                                                5KB

                                                MD5

                                                df91024c482867b1c1a062f229aa0126

                                                SHA1

                                                f274d951f2f567c6f69f96e78dae2eb3592ab420

                                                SHA256

                                                a1f3b0b1cdad06de58df3806a7dc6c35e0557250406a142aab79b52409d6f050

                                                SHA512

                                                c5da0276b12eec17a808122bed00448479b51bfe1cd69683d178f53917892feeec5eda9316dc59e9ff15b53ef83273aa4b788b82d21ce3969b2643075fbeeb06

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                Filesize

                                                6KB

                                                MD5

                                                a007e01fc4170fd4f7a58463b03efc27

                                                SHA1

                                                6dc487ffca1d77d66c2321579dfd47c17e8eefa6

                                                SHA256

                                                f3ef101d3518d89c59e67acf5fd43ef991b3b05f23f01e5570182b17ff99b68d

                                                SHA512

                                                4b1b65cd5530404b44a535690ca3a17310366ecb6c9c8625c95ae0a06c6b536dc0d68a75bf041e04119b57a391094d91910065a173958313682a99f300c17e90

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                Filesize

                                                5KB

                                                MD5

                                                4bcb234aa9fea52cfdad8867928be4b2

                                                SHA1

                                                9628fe575f022afb5085cbd36517fa2c76d83934

                                                SHA256

                                                120b3f45d660033a1620eba57a7b0a8adcf42f1354f24964c3f8f9e2533718c1

                                                SHA512

                                                75c6777b246d404b32c1ad191e7f51c6a6e74876d9dec66607a88457997e6043aeeeb3a42ecef24d4e2350bab15352b7175aa251cc5f9d93ea4b3824871b1195

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                Filesize

                                                6KB

                                                MD5

                                                da310fbc4a2e7ff2a7661ac1fcb8f9bc

                                                SHA1

                                                b194a775c18ca508938364fbf915a2348efe12fc

                                                SHA256

                                                916c7d1d62216c3a343bba0e5dcefdbafbbeedf9d63cf77d99cf0848314b42ab

                                                SHA512

                                                5d13e00c2cecfd4208ad66c64771874729e046130585209b76cf0046d2205cb7c5ce564db9a0d2fb3c0ac27837d15d1e69b653465508eec980c326629555c19a

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                Filesize

                                                6KB

                                                MD5

                                                96cef5d9489e16863a8ccbf2d083dd47

                                                SHA1

                                                27f70139d12a2056917f9d3e4d3911c1d6ddf562

                                                SHA256

                                                03340c638010faa94fc051f2c66da8efa6fecd65f26fc5e92e38644dc401f7fd

                                                SHA512

                                                c0c9b8d6141509f33c82f9c79fcc93bf8a2392ba23327b165cd42bea53698c10a2ab1f597b016296fc6921348dea12c209dc57981dd99d59efb4487e6806f738

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                Filesize

                                                6KB

                                                MD5

                                                5c47e489374412b76814f6614a0c148e

                                                SHA1

                                                654195d9babc356682bcbd03aeb52d84390107b8

                                                SHA256

                                                f05aeba477ed7a92a394141304aad5cc5bd520e7c7a1bf39688e576cebe8a0fd

                                                SHA512

                                                e6c5a07c57c20180deab2f818bc8be9cf234cecf83afc9aa202f6f99c1f89483e976b9f40f4e0436f7447a15fe65c1d253aea5475d90e3995f57d11ff3bab239

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                Filesize

                                                6KB

                                                MD5

                                                8fdc7c2f7d4ed1a54ccb58da55797693

                                                SHA1

                                                5adea30e5633a36a9c202b5d77fdf4df84b99dc8

                                                SHA256

                                                47d7171a6c412d2f577adcad9e82eec1bfbaafa06848cab9b441c2f3c6de032c

                                                SHA512

                                                c20172e91b646697ec6941db72203197acb63cd2a04e8f4c706a0a6f58ef56b50a1f188023c1901093a06fce8b9393811527156c497b0fb93f4420ffd10c016f

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                Filesize

                                                72B

                                                MD5

                                                278a8a3976d364aa33f01aa6dbf1d259

                                                SHA1

                                                d019c86184cd16f3a802cb67d9546cc2e9cb3510

                                                SHA256

                                                8dd9658703e98b1419cb5e6a57215604dbb8213d2de6e7343096f2a346dfba39

                                                SHA512

                                                1bfcaad67206d93538fe6a022a967ddc1586756ec7b2207491058369a30e02335b96f7f0e6ef0e9455c7247a73c5534ad1858ead42eb9f606782fd6a709401e5

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe59b9ff.TMP

                                                Filesize

                                                48B

                                                MD5

                                                632fd7512bbf2364eb625fe924a81b71

                                                SHA1

                                                9449e77fd302b10885ddac8026aeac00ccd152b2

                                                SHA256

                                                7e6a76aa8059686531234d1e6f3d9915e36cba34ba716038bbfcf5ec18496aed

                                                SHA512

                                                1f4c57cd754e3d710700f7848abd2590832f9f7ec9f92f9f7122b16ccb46bf5aac07e0e8c21989ad1a9ee9b99e726b2ae11cc8983f27d8275822d219f135e2ab

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                Filesize

                                                128KB

                                                MD5

                                                ee26c0b2f37e80d4972b7bd40a5ad514

                                                SHA1

                                                a0ef770e05ad0aa2095102ee81f1f56555b1dc9d

                                                SHA256

                                                d46d803eedf730e4e8cbd1f95b1f217ffc8b4d3c27b5034eedcb0b97e4aef79d

                                                SHA512

                                                91082c722a73101f8d540aed2c40ab4711e821a7a982c6bb4d7a2d6281ead8c1fac90d351b04cee0d80e0847aee6956a88803ca2d3125163c229e2e696d98c77

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                Filesize

                                                128KB

                                                MD5

                                                8015337e5c30988673282d7082258c1e

                                                SHA1

                                                a9daffb0b911725c2662ea2c7ef681b48d47025d

                                                SHA256

                                                00c5b56f3da00e9ac169a858f6fca837284d98f6c320d1bac657feb35aa447b2

                                                SHA512

                                                039e28159551333465784d294e86958e044be313117253abf0cbf344f8828e0c9ed18c79cc74e34e4ae5f4d1d0fb1a20c542269153c8ce28d2bba3e322e61be8

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                Filesize

                                                105KB

                                                MD5

                                                1298d6c19d7b0c6f24a9529771dc4a70

                                                SHA1

                                                ded8cc78e02dfe051ade90de5e262e890a14e975

                                                SHA256

                                                01f522908519a0872e43705dc48c0f8131be70ffcd3085d7ca212c0f42a10281

                                                SHA512

                                                7c01ccb1079393cd1f7936e321db04300002a81b464ed4eb1da4aaf1dc644280a2c2a545fe54bc9c4a24c4069bfe7ac7f5827c1be9909a03878b21c0523b2c14

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                Filesize

                                                102KB

                                                MD5

                                                a6b4a7203c662d2a97ee16d75cc4306c

                                                SHA1

                                                47e44d6e6c31fff701d1790edf9ee036e4831e71

                                                SHA256

                                                52754b9d4be1e6772dd6165cf72d7830cbe5a6a5a7b29d8dcf619387e9714b74

                                                SHA512

                                                54d9ba0c0544e14ca07f3a8ef4ac930ad826b74a0f12fcf841032ea27e8150420e24a5a02ac82b03da1cfdc453343c3791ebc45fd089ddfa605590e7d02eb739

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe594491.TMP

                                                Filesize

                                                100KB

                                                MD5

                                                edaa7a013600c30ff32584bac6f091bd

                                                SHA1

                                                82bd1ecfc2546fee030ab7609503e761517a4e1f

                                                SHA256

                                                dece0ba361f9a47c418c86d774c7da2b86a3dbf5474142cc4529b206357b25c7

                                                SHA512

                                                5fabe403177833887ef35a44dd41e58eab7cbe646c1f960b57c96a92bf23f23ac7af721a4091c09a48523671e0cd67e6d7803378967e9d42d96f1bb7683bc49c

                                              • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

                                                Filesize

                                                2B

                                                MD5

                                                99914b932bd37a50b983c5e7c90ae93b

                                                SHA1

                                                bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

                                                SHA256

                                                44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

                                                SHA512

                                                27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

                                              • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\admxvgfk.exe

                                                Filesize

                                                637KB

                                                MD5

                                                bbf998f39ff78309effce75ce3ed0020

                                                SHA1

                                                0050caf84cfc083ea0af0cb8cee13955b7e13d2b

                                                SHA256

                                                4eb1e5e57cada95932e85d71062c1d3f95ca3b7a3764c26e95bc90171d21d543

                                                SHA512

                                                f90c300691fdc6a83f2a5ef986562df0fe06982f7dfa7886ff09096e15cc32a7a842bb20e4493b6afab68a5978a3cfef7b84bca6d17d33bfc0540414615aad99

                                              • C:\Users\Admin\Downloads\Tax Payment Challan.zip.crdownload

                                                Filesize

                                                366KB

                                                MD5

                                                066887603e476d532bc2dbd91cec6f86

                                                SHA1

                                                f589ac8ea2614bb895a483c5701871fdf4393099

                                                SHA256

                                                81a5b647adc7a9049b6ecdd8b0e8f51b03f7d34e247deb266da155ac2253c729

                                                SHA512

                                                9e49118f89cc3a25e71640330a64a84d5b126ce403362cf5a515f6df55ac9f66c232f23b92a6b79c4c77bf5bdfbbdf29727654a0c8b93489c1a870d99e3b504b

                                              We care about your privacy.

                                              This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.