hxxps://goo[.]su/nbyqnYl

Resubmissions

16/04/2024, 17:00 UTC

240416-vh45vaha6y 1

16/04/2024, 16:59 UTC

240416-vhhxlsfd58 10

16/04/2024, 16:43 UTC

240416-t79k7agf9y 10

Analysis

max time kernel
1799s
max time network
1685s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
16/04/2024, 17:00 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://goo.su/nbyqnYl

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133577614260525841"	chrome.exe

Modifies registry class 1 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-355664440-2199602304-1223909400-1000\{9A17DA01-B7BB-4093-9269-BC4EA70229FA}	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2116	chrome.exe
2116	chrome.exe
868	chrome.exe
868	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs

pid	Process
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: 33	2792	AUDIODG.EXE
Token: SeIncBasePriorityPrivilege	2792	AUDIODG.EXE
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe
Token: SeShutdownPrivilege	2116	chrome.exe
Token: SeCreatePagefilePrivilege	2116	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe
2116	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2116 wrote to memory of 4172	2116	chrome.exe	83
PID 2116 wrote to memory of 4172	2116	chrome.exe	83
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 4428	2116	chrome.exe	88
PID 2116 wrote to memory of 3984	2116	chrome.exe	89
PID 2116 wrote to memory of 3984	2116	chrome.exe	89
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90
PID 2116 wrote to memory of 4616	2116	chrome.exe	90

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://goo.su/nbyqnYl
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff2d02ab58,0x7fff2d02ab68,0x7fff2d02ab78
  2⤵
  PID:4172
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1680 --field-trial-handle=1896,i,8173112548505430645,16382353271846982447,131072 /prefetch:2
  2⤵
  PID:4428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=1896,i,8173112548505430645,16382353271846982447,131072 /prefetch:8
  2⤵
  PID:3984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2224 --field-trial-handle=1896,i,8173112548505430645,16382353271846982447,131072 /prefetch:8
  2⤵
  PID:4616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3052 --field-trial-handle=1896,i,8173112548505430645,16382353271846982447,131072 /prefetch:1
  2⤵
  PID:4672
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3064 --field-trial-handle=1896,i,8173112548505430645,16382353271846982447,131072 /prefetch:1
  2⤵
  PID:4248
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3592 --field-trial-handle=1896,i,8173112548505430645,16382353271846982447,131072 /prefetch:1
  2⤵
  PID:3516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3256 --field-trial-handle=1896,i,8173112548505430645,16382353271846982447,131072 /prefetch:1
  2⤵
  PID:2348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4132 --field-trial-handle=1896,i,8173112548505430645,16382353271846982447,131072 /prefetch:8
  2⤵
  PID:3488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4676 --field-trial-handle=1896,i,8173112548505430645,16382353271846982447,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:992
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5236 --field-trial-handle=1896,i,8173112548505430645,16382353271846982447,131072 /prefetch:8
  2⤵
  PID:5704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4988 --field-trial-handle=1896,i,8173112548505430645,16382353271846982447,131072 /prefetch:8
  2⤵
  PID:5820
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1544 --field-trial-handle=1896,i,8173112548505430645,16382353271846982447,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:868

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
1⤵
PID:3316

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x390 0x398
1⤵
- Suspicious use of AdjustPrivilegeToken
PID:2792

Network

DNS

2.159.190.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.159.190.20.in-addr.arpa

IN PTR

Response
DNS

goo.su

chrome.exe

Remote address:

8.8.8.8:53

Request

goo.su

IN A

Response

goo.su

IN A

104.21.38.221

goo.su

IN A

172.67.139.105
GET

https://goo.su/nbyqnYl

chrome.exe

Remote address:

104.21.38.221:443

Request

GET /nbyqnYl HTTP/2.0
host: goo.su
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

date: Tue, 16 Apr 2024 17:16:59 GMT
content-type: text/html; charset=UTF-8
location: https://www.youtube.com/watch?v=5tpXlDWFYGs
x-powered-by: PHP/8.2.13
set-cookie: XSRF-TOKEN=eyJpdiI6Im8xSzdmTmg0MklNc0k3SXNOY1RRRmc9PSIsInZhbHVlIjoiSTF4RHJuTHk2TFBnOE0zTktsZ3NNYkw4UzdxYUd0cUMxOUhFK2Y2ZTQ2Mk1IRWEwTkRGamZtbWQ5aEpGVHF1Zy9GUWJrV0ozNHppUE1JQWdUN21VNXpzbXMxNDJwbEtWMEVYOExXK1RnSUs1czVTTkErM0IydUVXTnZBQkxYRlciLCJtYWMiOiJjZGQ3NTFlYmQ1OTIzYTA4NzgxYTVlZjkxOWMwMGExMjYxNzc1YzdkNzY2MmNkOTcxOTE1ZDc0M2FhYTQzNWJiIiwidGFnIjoiIn0%3D; expires=Wed, 17 Apr 2024 11:56:59 GMT; Max-Age=67200; path=/; secure; samesite=lax
set-cookie: goosu_session=eyJpdiI6ImluQTNYaXNzVmF4SVd2SEgzMWtjNHc9PSIsInZhbHVlIjoiY3BZbjg4aDEycW5yYWJ5bWY0TXVuTXh0V25Uc1pGT3FENzRuNDF5aFFGbytKWElBNk5NK21wVUJ0ejJ0VHNxaW5lU0g5Q0ZhR1BmZy9VSFM4MHFkZlZ3dUlocGphMmt4ZXpHZDVxSVZPeWt4RkF4cEFmRUVVSGNqY00xbVo0Vk4iLCJtYWMiOiI5YzJlZWZmMjE2M2E1MzAyYTY5NzAyZmMyYzdjNzk2NTQwYjFmNjc3ZGMwYWI0Y2JmOTY1YzMxMDg2ZWZlZGY0IiwidGFnIjoiIn0%3D; expires=Wed, 17 Apr 2024 11:56:59 GMT; Max-Age=67200; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8EnJDzTo8aH%2F5b3RCY9oupCe15ExbRk9lWfEStzTvAyq%2F6pvp9fnDNuL85K7TsTAQCJl35JSrYGklLvgKLbDChpuf%2FaU9hklsDrxb6i9HgKY8VO6cxbX%2FTE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8755d383d944dcbf-LHR
alt-svc: h3=":443"; ma=86400
DNS

www.youtube.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

142.250.200.14

youtube-ui.l.google.com

IN A

142.250.200.46

youtube-ui.l.google.com

IN A

216.58.201.110

youtube-ui.l.google.com

IN A

216.58.204.78

youtube-ui.l.google.com

IN A

216.58.213.14

youtube-ui.l.google.com

IN A

172.217.169.14

youtube-ui.l.google.com

IN A

216.58.212.206

youtube-ui.l.google.com

IN A

216.58.212.238

youtube-ui.l.google.com

IN A

172.217.169.78

youtube-ui.l.google.com

IN A

142.250.179.238

youtube-ui.l.google.com

IN A

142.250.180.14

youtube-ui.l.google.com

IN A

142.250.187.206

youtube-ui.l.google.com

IN A

142.250.187.238

youtube-ui.l.google.com

IN A

142.250.178.14

youtube-ui.l.google.com

IN A

172.217.16.238
GET

https://www.youtube.com/watch?v=5tpXlDWFYGs

chrome.exe

Remote address:

142.250.200.14:443

Request

GET /watch?v=5tpXlDWFYGs HTTP/2.0
host: www.youtube.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-model: ""
sec-ch-ua-bitness: "64"
sec-ch-ua-wow64: ?0
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
x-client-data: CL3kygE=
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.youtube.com/s/player/7ebf4817/player_ias.vflset/en_US/base.js

chrome.exe

Remote address:

142.250.200.14:443

Request

GET /s/player/7ebf4817/player_ias.vflset/en_US/base.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CL3kygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/watch?v=5tpXlDWFYGs
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=gOTtSgl72zg
cookie: __Secure-YEC=CgtIQTRCVW1vcmRjcyiL5fqwBjIKCgJHQhIEGgAgMg%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgMg%3D%3D
GET

https://www.youtube.com/s/desktop/e57c4f65/jsbin/desktop_polymer_enable_poly_si.vflset/desktop_polymer_enable_poly_si.js

chrome.exe

Remote address:

142.250.200.14:443

Request

GET /s/desktop/e57c4f65/jsbin/desktop_polymer_enable_poly_si.vflset/desktop_polymer_enable_poly_si.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CL3kygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/watch?v=5tpXlDWFYGs
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=gOTtSgl72zg
cookie: __Secure-YEC=CgtIQTRCVW1vcmRjcyiL5fqwBjIKCgJHQhIEGgAgMg%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgMg%3D%3D
GET

https://www.youtube.com/s/desktop/e57c4f65/jsbin/web-animations-next-lite.min.vflset/web-animations-next-lite.min.js

chrome.exe

Remote address:

142.250.200.14:443

Request

GET /s/desktop/e57c4f65/jsbin/web-animations-next-lite.min.vflset/web-animations-next-lite.min.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CL3kygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/watch?v=5tpXlDWFYGs
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=gOTtSgl72zg
cookie: __Secure-YEC=CgtIQTRCVW1vcmRjcyiL5fqwBjIKCgJHQhIEGgAgMg%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgMg%3D%3D
GET

https://www.youtube.com/s/desktop/e57c4f65/jsbin/custom-elements-es5-adapter.vflset/custom-elements-es5-adapter.js

chrome.exe

Remote address:

142.250.200.14:443

Request

GET /s/desktop/e57c4f65/jsbin/custom-elements-es5-adapter.vflset/custom-elements-es5-adapter.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CL3kygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/watch?v=5tpXlDWFYGs
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=gOTtSgl72zg
cookie: __Secure-YEC=CgtIQTRCVW1vcmRjcyiL5fqwBjIKCgJHQhIEGgAgMg%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgMg%3D%3D
GET

https://www.youtube.com/s/desktop/e57c4f65/jsbin/webcomponents-sd.vflset/webcomponents-sd.js

chrome.exe

Remote address:

142.250.200.14:443

Request

GET /s/desktop/e57c4f65/jsbin/webcomponents-sd.vflset/webcomponents-sd.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CL3kygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/watch?v=5tpXlDWFYGs
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=gOTtSgl72zg
cookie: __Secure-YEC=CgtIQTRCVW1vcmRjcyiL5fqwBjIKCgJHQhIEGgAgMg%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgMg%3D%3D
GET

https://www.youtube.com/s/desktop/e57c4f65/jsbin/intersection-observer.min.vflset/intersection-observer.min.js

chrome.exe

Remote address:

142.250.200.14:443

Request

GET /s/desktop/e57c4f65/jsbin/intersection-observer.min.vflset/intersection-observer.min.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CL3kygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/watch?v=5tpXlDWFYGs
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=gOTtSgl72zg
cookie: __Secure-YEC=CgtIQTRCVW1vcmRjcyiL5fqwBjIKCgJHQhIEGgAgMg%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgMg%3D%3D
GET

https://www.youtube.com/s/desktop/e57c4f65/jsbin/scheduler.vflset/scheduler.js

chrome.exe

Remote address:

142.250.200.14:443

Request

GET /s/desktop/e57c4f65/jsbin/scheduler.vflset/scheduler.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CL3kygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/watch?v=5tpXlDWFYGs
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=gOTtSgl72zg
cookie: __Secure-YEC=CgtIQTRCVW1vcmRjcyiL5fqwBjIKCgJHQhIEGgAgMg%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgMg%3D%3D
GET

https://www.youtube.com/s/desktop/e57c4f65/jsbin/www-i18n-constants-en_US.vflset/www-i18n-constants.js

chrome.exe

Remote address:

142.250.200.14:443

Request

GET /s/desktop/e57c4f65/jsbin/www-i18n-constants-en_US.vflset/www-i18n-constants.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CL3kygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/watch?v=5tpXlDWFYGs
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=gOTtSgl72zg
cookie: __Secure-YEC=CgtIQTRCVW1vcmRjcyiL5fqwBjIKCgJHQhIEGgAgMg%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgMg%3D%3D
GET

https://www.youtube.com/s/player/7ebf4817/www-player.css

chrome.exe

Remote address:

142.250.200.14:443

Request

GET /s/player/7ebf4817/www-player.css HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
x-client-data: CL3kygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.youtube.com/watch?v=5tpXlDWFYGs
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=gOTtSgl72zg
cookie: __Secure-YEC=CgtIQTRCVW1vcmRjcyiL5fqwBjIKCgJHQhIEGgAgMg%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgMg%3D%3D
GET

https://www.youtube.com/s/desktop/e57c4f65/cssbin/www-main-desktop-watch-page-skeleton.css

chrome.exe

Remote address:

142.250.200.14:443

Request

GET /s/desktop/e57c4f65/cssbin/www-main-desktop-watch-page-skeleton.css HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
x-client-data: CL3kygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.youtube.com/watch?v=5tpXlDWFYGs
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=gOTtSgl72zg
cookie: __Secure-YEC=CgtIQTRCVW1vcmRjcyiL5fqwBjIKCgJHQhIEGgAgMg%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgMg%3D%3D
GET

https://www.youtube.com/s/desktop/e57c4f65/cssbin/www-main-desktop-player-skeleton.css

chrome.exe

Remote address:

142.250.200.14:443

Request

GET /s/desktop/e57c4f65/cssbin/www-main-desktop-player-skeleton.css HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
x-client-data: CL3kygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.youtube.com/watch?v=5tpXlDWFYGs
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=gOTtSgl72zg
cookie: __Secure-YEC=CgtIQTRCVW1vcmRjcyiL5fqwBjIKCgJHQhIEGgAgMg%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgMg%3D%3D
GET

https://www.youtube.com/s/desktop/e57c4f65/cssbin/www-onepick.css

chrome.exe

Remote address:

142.250.200.14:443

Request

GET /s/desktop/e57c4f65/cssbin/www-onepick.css HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
x-client-data: CL3kygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.youtube.com/watch?v=5tpXlDWFYGs
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=gOTtSgl72zg
cookie: __Secure-YEC=CgtIQTRCVW1vcmRjcyiL5fqwBjIKCgJHQhIEGgAgMg%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgMg%3D%3D
GET

https://www.youtube.com/s/_/ytmainappweb/_/ss/k=ytmainappweb.kevlar_base.hMYRf2ZHuz8.L.B1.O/am=ACBACw/d=0/br=1/rs=AGKMywG4QdUMxaFikDOQwXovVp7USOGYnw

chrome.exe

Remote address:

142.250.200.14:443

Request

GET /s/_/ytmainappweb/_/ss/k=ytmainappweb.kevlar_base.hMYRf2ZHuz8.L.B1.O/am=ACBACw/d=0/br=1/rs=AGKMywG4QdUMxaFikDOQwXovVp7USOGYnw HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
x-client-data: CL3kygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.youtube.com/watch?v=5tpXlDWFYGs
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=gOTtSgl72zg
cookie: __Secure-YEC=CgtIQTRCVW1vcmRjcyiL5fqwBjIKCgJHQhIEGgAgMg%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgMg%3D%3D
GET

https://www.youtube.com/s/desktop/e57c4f65/jsbin/spf.vflset/spf.js

chrome.exe

Remote address:

142.250.200.14:443

Request

GET /s/desktop/e57c4f65/jsbin/spf.vflset/spf.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CL3kygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/watch?v=5tpXlDWFYGs
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=gOTtSgl72zg
cookie: __Secure-YEC=CgtIQTRCVW1vcmRjcyiL5fqwBjIKCgJHQhIEGgAgMg%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgMg%3D%3D
GET

https://www.youtube.com/s/desktop/e57c4f65/jsbin/network.vflset/network.js

chrome.exe

Remote address:

142.250.200.14:443

Request

GET /s/desktop/e57c4f65/jsbin/network.vflset/network.js HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CL3kygE=
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/watch?v=5tpXlDWFYGs
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: YSC=gOTtSgl72zg
cookie: __Secure-YEC=CgtIQTRCVW1vcmRjcyiL5fqwBjIKCgJHQhIEGgAgMg%3D%3D
cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgMg%3D%3D
DNS

i.ytimg.com

chrome.exe

Remote address:

8.8.8.8:53

Request

i.ytimg.com

IN A

Response

i.ytimg.com

IN A

216.58.212.246

i.ytimg.com

IN A

172.217.169.86

i.ytimg.com

IN A

172.217.169.54

i.ytimg.com

IN A

142.250.179.246

i.ytimg.com

IN A

142.250.180.22

i.ytimg.com

IN A

142.250.187.214

i.ytimg.com

IN A

142.250.187.246

i.ytimg.com

IN A

142.250.178.22

i.ytimg.com

IN A

172.217.16.246

i.ytimg.com

IN A

142.250.200.22

i.ytimg.com

IN A

142.250.200.54

i.ytimg.com

IN A

216.58.201.118

i.ytimg.com

IN A

216.58.204.86

i.ytimg.com

IN A

216.58.213.22

i.ytimg.com

IN A

216.58.212.214
DNS

rr1---sn-5hne6nz6.googlevideo.com

chrome.exe

Remote address:

8.8.8.8:53

Request

rr1---sn-5hne6nz6.googlevideo.com

IN A

Response

rr1---sn-5hne6nz6.googlevideo.com

IN CNAME

rr1.sn-5hne6nz6.googlevideo.com

rr1.sn-5hne6nz6.googlevideo.com

IN A

74.125.100.198
GET

https://i.ytimg.com/generate_204

chrome.exe

Remote address:

216.58.212.246:443

Request

GET /generate_204 HTTP/2.0
host: i.ytimg.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CL3kygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://i.ytimg.com/vi/5tpXlDWFYGs/hqdefault.jpg

chrome.exe

Remote address:

216.58.212.246:443

Request

GET /vi/5tpXlDWFYGs/hqdefault.jpg HTTP/2.0
host: i.ytimg.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
x-client-data: CL3kygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://i.ytimg.com/vi/5tpXlDWFYGs/maxresdefault.jpg

chrome.exe

Remote address:

216.58.212.246:443

Request

GET /vi/5tpXlDWFYGs/maxresdefault.jpg HTTP/2.0
host: i.ytimg.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
x-client-data: CL3kygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://rr1---sn-5hne6nz6.googlevideo.com/generate_204

chrome.exe

Remote address:

74.125.100.198:443

Request

GET /generate_204 HTTP/1.1
Host: rr1---sn-5hne6nz6.googlevideo.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
Accept: */*
X-Client-Data: CL3kygE=
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.youtube.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 204 No Content

Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Server: gvs 1.0
Date: Tue, 16 Apr 2024 17:16:59 GMT
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0
Content-Length: 0
GET

https://rr1---sn-5hne6nz6.googlevideo.com/generate_204?conn2

chrome.exe

Remote address:

74.125.100.198:443

Request

GET /generate_204?conn2 HTTP/1.1
Host: rr1---sn-5hne6nz6.googlevideo.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
Accept: */*
X-Client-Data: CL3kygE=
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
Referer: https://www.youtube.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 204 No Content

Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Server: gvs 1.0
Date: Tue, 16 Apr 2024 17:16:59 GMT
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0
Content-Length: 0
DNS

221.38.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

221.38.21.104.in-addr.arpa

IN PTR

Response
DNS

234.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.179.250.142.in-addr.arpa

IN PTR

Response

234.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f101e100net
DNS

234.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.179.250.142.in-addr.arpa

IN PTR
DNS

14.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.200.250.142.in-addr.arpa

IN PTR

Response

14.200.250.142.in-addr.arpa

IN PTR

lhr48s29-in-f141e100net
DNS

14.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.200.250.142.in-addr.arpa

IN PTR
DNS

246.212.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

246.212.58.216.in-addr.arpa

IN PTR

Response

246.212.58.216.in-addr.arpa

IN PTR

ams16s22-in-f2461e100net

246.212.58.216.in-addr.arpa

IN PTR

ams16s22-in-f22�J

246.212.58.216.in-addr.arpa

IN PTR

lhr25s28-in-f22�J
DNS

10.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.178.250.142.in-addr.arpa

IN PTR

Response

10.178.250.142.in-addr.arpa

IN PTR

lhr48s27-in-f101e100net
DNS

198.100.125.74.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.100.125.74.in-addr.arpa

IN PTR

Response

198.100.125.74.in-addr.arpa

IN PTR

ams15s45-in-f61e100net
DNS

rr4---sn-5hne6n6e.googlevideo.com

chrome.exe

Remote address:

8.8.8.8:53

Request

rr4---sn-5hne6n6e.googlevideo.com

IN A

Response

rr4---sn-5hne6n6e.googlevideo.com

IN CNAME

rr4.sn-5hne6n6e.googlevideo.com

rr4.sn-5hne6n6e.googlevideo.com

IN A

172.217.132.233
DNS

accounts.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

74.125.143.84
DNS

3.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.169.217.172.in-addr.arpa

IN PTR

Response

3.169.217.172.in-addr.arpa

IN PTR

lhr25s26-in-f31e100net
DNS

249.197.17.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

249.197.17.2.in-addr.arpa

IN PTR

Response

249.197.17.2.in-addr.arpa

IN PTR

a2-17-197-249deploystaticakamaitechnologiescom
DNS

233.132.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

233.132.217.172.in-addr.arpa

IN PTR

Response

233.132.217.172.in-addr.arpa

IN PTR

ams15s51-in-f91e100net
DNS

84.143.125.74.in-addr.arpa

Remote address:

8.8.8.8:53

Request

84.143.125.74.in-addr.arpa

IN PTR

Response

84.143.125.74.in-addr.arpa

IN PTR

ed-in-f841e100net
DNS

content-autofill.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

content-autofill.googleapis.com

IN A

Response

content-autofill.googleapis.com

IN A

172.217.169.42

content-autofill.googleapis.com

IN A

142.250.179.234

content-autofill.googleapis.com

IN A

142.250.180.10

content-autofill.googleapis.com

IN A

142.250.187.202

content-autofill.googleapis.com

IN A

142.250.187.234

content-autofill.googleapis.com

IN A

142.250.178.10

content-autofill.googleapis.com

IN A

172.217.16.234

content-autofill.googleapis.com

IN A

142.250.200.10

content-autofill.googleapis.com

IN A

142.250.200.42

content-autofill.googleapis.com

IN A

216.58.201.106

content-autofill.googleapis.com

IN A

216.58.204.74

content-autofill.googleapis.com

IN A

172.217.169.10

content-autofill.googleapis.com

IN A

216.58.212.202

content-autofill.googleapis.com

IN A

216.58.212.234
GET

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTEwLjAuNTQ4MS4xMDQSEAmKxNxjKKzyPhIFDfGjW-M=?alt=proto

chrome.exe

Remote address:

172.217.169.42:443

Request

GET /v1/pages/ChVDaHJvbWUvMTEwLjAuNTQ4MS4xMDQSEAmKxNxjKKzyPhIFDfGjW-M=?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CL3kygE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTEwLjAuNTQ4MS4xMDQSEAk8yq_jFOmFmxIFDfGjW-M=?alt=proto

chrome.exe

Remote address:

172.217.169.42:443

Request

GET /v1/pages/ChVDaHJvbWUvMTEwLjAuNTQ4MS4xMDQSEAk8yq_jFOmFmxIFDfGjW-M=?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CL3kygE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
OPTIONS

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

chrome.exe

Remote address:

172.217.169.42:443

Request

OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/2.0
host: jnn-pa.googleapis.com
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type,x-goog-api-key,x-user-agent
origin: https://www.youtube.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

rr2---sn-q4fl6n6y.googlevideo.com

chrome.exe

Remote address:

8.8.8.8:53

Request

rr2---sn-q4fl6n6y.googlevideo.com

IN A

Response

rr2---sn-q4fl6n6y.googlevideo.com

IN CNAME

rr2.sn-q4fl6n6y.googlevideo.com

rr2.sn-q4fl6n6y.googlevideo.com

IN A

173.194.140.167
DNS

133.113.22.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

133.113.22.20.in-addr.arpa

IN PTR

Response
DNS

3.180.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.180.250.142.in-addr.arpa

IN PTR

Response

3.180.250.142.in-addr.arpa

IN PTR

lhr25s32-in-f31e100net
DNS

42.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

42.169.217.172.in-addr.arpa

IN PTR

Response

42.169.217.172.in-addr.arpa

IN PTR

lhr48s08-in-f101e100net
DNS

167.140.194.173.in-addr.arpa

Remote address:

8.8.8.8:53

Request

167.140.194.173.in-addr.arpa

IN PTR

Response

167.140.194.173.in-addr.arpa

IN PTR

dfw25s59-in-f71e100net
DNS

jnn-pa.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

jnn-pa.googleapis.com

IN A

Response

jnn-pa.googleapis.com

IN A

216.58.201.106

jnn-pa.googleapis.com

IN A

216.58.204.74

jnn-pa.googleapis.com

IN A

216.58.212.202

jnn-pa.googleapis.com

IN A

172.217.169.74

jnn-pa.googleapis.com

IN A

172.217.169.42

jnn-pa.googleapis.com

IN A

142.250.179.234

jnn-pa.googleapis.com

IN A

142.250.180.10

jnn-pa.googleapis.com

IN A

142.250.187.202

jnn-pa.googleapis.com

IN A

142.250.187.234

jnn-pa.googleapis.com

IN A

142.250.178.10

jnn-pa.googleapis.com

IN A

172.217.16.234

jnn-pa.googleapis.com

IN A

142.250.200.10

jnn-pa.googleapis.com

IN A

142.250.200.42
DNS

yt3.ggpht.com

chrome.exe

Remote address:

8.8.8.8:53

Request

yt3.ggpht.com

IN A

Response

yt3.ggpht.com

IN CNAME

photos-ugc.l.googleusercontent.com

photos-ugc.l.googleusercontent.com

IN A

142.250.187.225
GET

https://yt3.ggpht.com/fukW1AVdqlOARxZPOeC2L3KQMNs08VzX1_SnLgE1mTPbLgeUh1O0ff3USMsYa4Iiu4DDPJ8EOg=s48-c-k-c0x00ffffff-no-rj

chrome.exe

Remote address:

142.250.187.225:443

Request

GET /fukW1AVdqlOARxZPOeC2L3KQMNs08VzX1_SnLgE1mTPbLgeUh1O0ff3USMsYa4Iiu4DDPJ8EOg=s48-c-k-c0x00ffffff-no-rj HTTP/2.0
host: yt3.ggpht.com
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
x-client-data: CL3kygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

g.bing.com

Remote address:

8.8.8.8:53

Request

g.bing.com

IN A

Response

g.bing.com

IN CNAME

g-bing-com.dual-a-0034.a-msedge.net

g-bing-com.dual-a-0034.a-msedge.net

IN CNAME

dual-a-0034.a-msedge.net

dual-a-0034.a-msedge.net

IN A

204.79.197.237

dual-a-0034.a-msedge.net

IN A

13.107.21.237
DNS

25.63.96.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

25.63.96.20.in-addr.arpa

IN PTR

Response
DNS

225.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

225.187.250.142.in-addr.arpa

IN PTR

Response

225.187.250.142.in-addr.arpa

IN PTR

lhr25s34-in-f11e100net
GET

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=39619fe105274dff9afa7bb95ac8cea8&localId=w:E538575A-8E65-34AB-A726-A4D160CA8F07&deviceId=6966564024204374&anid=

Remote address:

204.79.197.237:443

Request

GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=39619fe105274dff9afa7bb95ac8cea8&localId=w:E538575A-8E65-34AB-A726-A4D160CA8F07&deviceId=6966564024204374&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=310116F4B8BD6FB307190297B9066EE6; domain=.bing.com; expires=Sun, 11-May-2025 17:17:03 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 60D2BC8CD5914E038064E45D1C504180 Ref B: LON04EDGE0815 Ref C: 2024-04-16T17:17:03Z
date: Tue, 16 Apr 2024 17:17:03 GMT
GET

https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=39619fe105274dff9afa7bb95ac8cea8&localId=w:E538575A-8E65-34AB-A726-A4D160CA8F07&deviceId=6966564024204374&anid=

Remote address:

204.79.197.237:443

Request

GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=39619fe105274dff9afa7bb95ac8cea8&localId=w:E538575A-8E65-34AB-A726-A4D160CA8F07&deviceId=6966564024204374&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=310116F4B8BD6FB307190297B9066EE6

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MSPTC=PV4zE24AvXw3eY6Taciwt1wGVXyxkbtSTSQ66rDTHBo; domain=.bing.com; expires=Sun, 11-May-2025 17:17:03 GMT; path=/; Partitioned; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 17E273874A8C4CE28488B45AB8D39729 Ref B: LON04EDGE0815 Ref C: 2024-04-16T17:17:03Z
date: Tue, 16 Apr 2024 17:17:03 GMT
GET

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=39619fe105274dff9afa7bb95ac8cea8&localId=w:E538575A-8E65-34AB-A726-A4D160CA8F07&deviceId=6966564024204374&anid=

Remote address:

204.79.197.237:443

Request

GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=39619fe105274dff9afa7bb95ac8cea8&localId=w:E538575A-8E65-34AB-A726-A4D160CA8F07&deviceId=6966564024204374&anid= HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=310116F4B8BD6FB307190297B9066EE6; MSPTC=PV4zE24AvXw3eY6Taciwt1wGVXyxkbtSTSQ66rDTHBo

Response

HTTP/2.0 204

cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4CBFED62C354457EA874A9A5BB702A38 Ref B: LON04EDGE0815 Ref C: 2024-04-16T17:17:03Z
date: Tue, 16 Apr 2024 17:17:03 GMT
DNS

www.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.178.4
DNS

237.197.79.204.in-addr.arpa

Remote address:

8.8.8.8:53

Request

237.197.79.204.in-addr.arpa

IN PTR

Response
DNS

21.114.53.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

21.114.53.23.in-addr.arpa

IN PTR

Response

21.114.53.23.in-addr.arpa

IN PTR

a23-53-114-21deploystaticakamaitechnologiescom
DNS

4.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

4.178.250.142.in-addr.arpa

IN PTR

Response

4.178.250.142.in-addr.arpa

IN PTR

lhr48s27-in-f41e100net
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

youtube.com

chrome.exe

Remote address:

8.8.8.8:53

Request

youtube.com

IN A

Response

youtube.com

IN A

216.58.204.78
GET

https://youtube.com/

chrome.exe

Remote address:

216.58.204.78:443

Request

GET / HTTP/2.0
host: youtube.com
pragma: no-cache
cache-control: no-cache
sec-ch-ua: "Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "110.0.5481.104"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-full-version-list: "Chromium";v="110.0.5481.104", "Not A(Brand";v="24.0.0.0", "Google Chrome";v="110.0.5481.104"
sec-ch-ua-bitness: "64"
sec-ch-ua-model:
sec-ch-ua-wow64: ?0
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.youtube.com
x-client-data: CL3kygE=
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

78.204.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

78.204.58.216.in-addr.arpa

IN PTR

Response

78.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f141e100net

78.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f78�H

78.204.58.216.in-addr.arpa

IN PTR

lhr48s49-in-f14�H
DNS

43.58.199.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

43.58.199.20.in-addr.arpa

IN PTR

Response
DNS

50.23.12.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

50.23.12.20.in-addr.arpa

IN PTR

Response
DNS

15.164.165.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.164.165.52.in-addr.arpa

IN PTR

Response
DNS

play.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

play.google.com

IN A

Response

play.google.com

IN A

142.250.187.206
OPTIONS

https://play.google.com/log?format=json&hasfast=true&authuser=0

chrome.exe

Remote address:

142.250.187.206:443

Request

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/2.0
host: play.google.com
accept: */*
access-control-request-method: POST
access-control-request-headers: x-goog-authuser
origin: https://www.youtube.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

206.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

206.187.250.142.in-addr.arpa

IN PTR

Response

206.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f141e100net
DNS

240.221.184.93.in-addr.arpa

Remote address:

8.8.8.8:53

Request

240.221.184.93.in-addr.arpa

IN PTR

Response
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

23.236.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

23.236.111.52.in-addr.arpa

IN PTR

Response
DNS

beacons.gcp.gvt2.com

chrome.exe

Remote address:

8.8.8.8:53

Request

beacons.gcp.gvt2.com

IN A

Response

beacons.gcp.gvt2.com

IN CNAME

beacons-handoff.gcp.gvt2.com

beacons-handoff.gcp.gvt2.com

IN A

172.217.168.195
POST

https://beacons.gcp.gvt2.com/domainreliability/upload

chrome.exe

Remote address:

172.217.168.195:443

Request

POST /domainreliability/upload HTTP/2.0
host: beacons.gcp.gvt2.com
content-length: 537
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://beacons.gcp.gvt2.com/domainreliability/upload

chrome.exe

Remote address:

172.217.168.195:443

Request

POST /domainreliability/upload HTTP/2.0
host: beacons.gcp.gvt2.com
content-length: 274
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://beacons.gcp.gvt2.com/domainreliability/upload

chrome.exe

Remote address:

172.217.168.195:443

Request

POST /domainreliability/upload HTTP/2.0
host: beacons.gcp.gvt2.com
content-length: 266
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://beacons.gcp.gvt2.com/domainreliability/upload

chrome.exe

Remote address:

172.217.168.195:443

Request

POST /domainreliability/upload HTTP/2.0
host: beacons.gcp.gvt2.com
content-length: 289
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://beacons.gcp.gvt2.com/domainreliability/upload-nel

chrome.exe

Remote address:

172.217.168.195:443

Request

POST /domainreliability/upload-nel HTTP/2.0
host: beacons.gcp.gvt2.com
content-length: 404
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

195.168.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

195.168.217.172.in-addr.arpa

IN PTR

Response

195.168.217.172.in-addr.arpa

IN PTR

ams16s32-in-f31e100net
DNS

beacons.gvt2.com

chrome.exe

Remote address:

8.8.8.8:53

Request

beacons.gvt2.com

IN A

Response

beacons.gvt2.com

IN A

192.178.48.227
OPTIONS

https://beacons.gvt2.com/domainreliability/upload-nel

chrome.exe

Remote address:

192.178.48.227:443

Request

OPTIONS /domainreliability/upload-nel HTTP/2.0
host: beacons.gvt2.com
origin: https://beacons.gcp.gvt2.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://beacons.gvt2.com/domainreliability/upload-nel

chrome.exe

Remote address:

192.178.48.227:443

Request

POST /domainreliability/upload-nel HTTP/2.0
host: beacons.gvt2.com
content-length: 408
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

227.48.178.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

227.48.178.192.in-addr.arpa

IN PTR

Response

227.48.178.192.in-addr.arpa

IN PTR

phx18s07-in-f31e100net
DNS

15.173.189.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.173.189.20.in-addr.arpa

IN PTR

Response
DNS

www.youtube.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

142.250.200.14

youtube-ui.l.google.com

IN A

142.250.200.46

youtube-ui.l.google.com

IN A

216.58.201.110

youtube-ui.l.google.com

IN A

216.58.204.78

youtube-ui.l.google.com

IN A

216.58.213.14

youtube-ui.l.google.com

IN A

172.217.169.14

youtube-ui.l.google.com

IN A

216.58.212.206

youtube-ui.l.google.com

IN A

216.58.212.238

youtube-ui.l.google.com

IN A

172.217.169.78

youtube-ui.l.google.com

IN A

142.250.179.238

youtube-ui.l.google.com

IN A

142.250.180.14

youtube-ui.l.google.com

IN A

142.250.187.206

youtube-ui.l.google.com

IN A

142.250.187.238

youtube-ui.l.google.com

IN A

142.250.178.14

youtube-ui.l.google.com

IN A

172.217.16.238
DNS

www.youtube.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

142.250.200.14

youtube-ui.l.google.com

IN A

142.250.200.46

youtube-ui.l.google.com

IN A

216.58.201.110

youtube-ui.l.google.com

IN A

216.58.204.78

youtube-ui.l.google.com

IN A

216.58.213.14

youtube-ui.l.google.com

IN A

172.217.169.14

youtube-ui.l.google.com

IN A

216.58.212.206

youtube-ui.l.google.com

IN A

216.58.212.238

youtube-ui.l.google.com

IN A

172.217.169.78

youtube-ui.l.google.com

IN A

142.250.179.238

youtube-ui.l.google.com

IN A

142.250.180.14

youtube-ui.l.google.com

IN A

142.250.187.206

youtube-ui.l.google.com

IN A

142.250.187.238

youtube-ui.l.google.com

IN A

142.250.178.14

youtube-ui.l.google.com

IN A

172.217.16.238
DNS

www.youtube.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

142.250.200.14

youtube-ui.l.google.com

IN A

142.250.200.46

youtube-ui.l.google.com

IN A

216.58.201.110

youtube-ui.l.google.com

IN A

216.58.204.78

youtube-ui.l.google.com

IN A

216.58.213.14

youtube-ui.l.google.com

IN A

172.217.169.14

youtube-ui.l.google.com

IN A

216.58.212.206

youtube-ui.l.google.com

IN A

216.58.212.238

youtube-ui.l.google.com

IN A

172.217.169.78

youtube-ui.l.google.com

IN A

142.250.179.238

youtube-ui.l.google.com

IN A

142.250.180.14

youtube-ui.l.google.com

IN A

142.250.187.206

youtube-ui.l.google.com

IN A

142.250.187.238

youtube-ui.l.google.com

IN A

142.250.178.14

youtube-ui.l.google.com

IN A

172.217.16.238
DNS

play.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

play.google.com

IN A

Response

play.google.com

IN A

142.250.187.206
DNS

beacons.gcp.gvt2.com

chrome.exe

Remote address:

8.8.8.8:53

Request

beacons.gcp.gvt2.com

IN A

Response

beacons.gcp.gvt2.com

IN CNAME

beacons-handoff.gcp.gvt2.com

beacons-handoff.gcp.gvt2.com

IN A

192.178.49.163
DNS

163.49.178.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

163.49.178.192.in-addr.arpa

IN PTR

Response

163.49.178.192.in-addr.arpa

IN PTR

phx19s05-in-f31e100net
DNS

beacons.gcp.gvt2.com

chrome.exe

Remote address:

8.8.8.8:53

Request

beacons.gcp.gvt2.com

IN A

Response

beacons.gcp.gvt2.com

IN CNAME

beacons-handoff.gcp.gvt2.com

beacons-handoff.gcp.gvt2.com

IN A

192.178.49.163
DNS

www.youtube.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

142.250.200.14

youtube-ui.l.google.com

IN A

142.250.200.46

youtube-ui.l.google.com

IN A

216.58.201.110

youtube-ui.l.google.com

IN A

216.58.204.78

youtube-ui.l.google.com

IN A

216.58.213.14

youtube-ui.l.google.com

IN A

172.217.169.14

youtube-ui.l.google.com

IN A

216.58.212.206

youtube-ui.l.google.com

IN A

216.58.212.238

youtube-ui.l.google.com

IN A

172.217.169.78

youtube-ui.l.google.com

IN A

142.250.179.238

youtube-ui.l.google.com

IN A

142.250.180.14

youtube-ui.l.google.com

IN A

142.250.187.206

youtube-ui.l.google.com

IN A

142.250.187.238

youtube-ui.l.google.com

IN A

142.250.178.14

youtube-ui.l.google.com

IN A

172.217.16.238
DNS

www.youtube.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A
DNS

www.youtube.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.youtube.com

IN A

104.21.38.221:443

https://goo.su/nbyqnYl

tls, http2

chrome.exe

2.2kB
8.1kB
22
22

HTTP Request

GET https://goo.su/nbyqnYl

HTTP Response

301
104.21.38.221:443

goo.su

tls

chrome.exe

1.0kB
5.7kB
9
8
142.250.200.14:443

https://www.youtube.com/s/desktop/e57c4f65/jsbin/network.vflset/network.js

tls, http2

chrome.exe

72.1kB
3.0MB
1413
2158

HTTP Request

GET https://www.youtube.com/watch?v=5tpXlDWFYGs

HTTP Request

GET https://www.youtube.com/s/player/7ebf4817/player_ias.vflset/en_US/base.js

HTTP Request

GET https://www.youtube.com/s/desktop/e57c4f65/jsbin/desktop_polymer_enable_poly_si.vflset/desktop_polymer_enable_poly_si.js

HTTP Request

GET https://www.youtube.com/s/desktop/e57c4f65/jsbin/web-animations-next-lite.min.vflset/web-animations-next-lite.min.js

HTTP Request

GET https://www.youtube.com/s/desktop/e57c4f65/jsbin/custom-elements-es5-adapter.vflset/custom-elements-es5-adapter.js

HTTP Request

GET https://www.youtube.com/s/desktop/e57c4f65/jsbin/webcomponents-sd.vflset/webcomponents-sd.js

HTTP Request

GET https://www.youtube.com/s/desktop/e57c4f65/jsbin/intersection-observer.min.vflset/intersection-observer.min.js

HTTP Request

GET https://www.youtube.com/s/desktop/e57c4f65/jsbin/scheduler.vflset/scheduler.js

HTTP Request

GET https://www.youtube.com/s/desktop/e57c4f65/jsbin/www-i18n-constants-en_US.vflset/www-i18n-constants.js

HTTP Request

GET https://www.youtube.com/s/player/7ebf4817/www-player.css

HTTP Request

GET https://www.youtube.com/s/desktop/e57c4f65/cssbin/www-main-desktop-watch-page-skeleton.css

HTTP Request

GET https://www.youtube.com/s/desktop/e57c4f65/cssbin/www-main-desktop-player-skeleton.css

HTTP Request

GET https://www.youtube.com/s/desktop/e57c4f65/cssbin/www-onepick.css

HTTP Request

GET https://www.youtube.com/s/_/ytmainappweb/_/ss/k=ytmainappweb.kevlar_base.hMYRf2ZHuz8.L.B1.O/am=ACBACw/d=0/br=1/rs=AGKMywG4QdUMxaFikDOQwXovVp7USOGYnw

HTTP Request

GET https://www.youtube.com/s/desktop/e57c4f65/jsbin/spf.vflset/spf.js

HTTP Request

GET https://www.youtube.com/s/desktop/e57c4f65/jsbin/network.vflset/network.js
216.58.212.246:443

https://i.ytimg.com/vi/5tpXlDWFYGs/maxresdefault.jpg

tls, http2

chrome.exe

5.7kB
154.3kB
88
125

HTTP Request

GET https://i.ytimg.com/generate_204

HTTP Request

GET https://i.ytimg.com/vi/5tpXlDWFYGs/hqdefault.jpg

HTTP Request

GET https://i.ytimg.com/vi/5tpXlDWFYGs/maxresdefault.jpg
216.58.212.246:443

i.ytimg.com

tls, http2

chrome.exe

999 B
6.2kB
9
8
74.125.100.198:443

https://rr1---sn-5hne6nz6.googlevideo.com/generate_204

tls, http

chrome.exe

2.0kB
6.4kB
12
12

HTTP Request

GET https://rr1---sn-5hne6nz6.googlevideo.com/generate_204

HTTP Response

204
74.125.100.198:443

https://rr1---sn-5hne6nz6.googlevideo.com/generate_204?conn2

tls, http

chrome.exe

2.0kB
6.4kB
12
12

HTTP Request

GET https://rr1---sn-5hne6nz6.googlevideo.com/generate_204?conn2

HTTP Response

204
172.217.169.42:443

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

tls, http2

chrome.exe

2.7kB
8.2kB
26
31

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTEwLjAuNTQ4MS4xMDQSEAmKxNxjKKzyPhIFDfGjW-M=?alt=proto

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTEwLjAuNTQ4MS4xMDQSEAk8yq_jFOmFmxIFDfGjW-M=?alt=proto

HTTP Request

OPTIONS https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.187.225:443

https://yt3.ggpht.com/fukW1AVdqlOARxZPOeC2L3KQMNs08VzX1_SnLgE1mTPbLgeUh1O0ff3USMsYa4Iiu4DDPJ8EOg=s48-c-k-c0x00ffffff-no-rj

tls, http2

chrome.exe

2.3kB
13.4kB
19
25

HTTP Request

GET https://yt3.ggpht.com/fukW1AVdqlOARxZPOeC2L3KQMNs08VzX1_SnLgE1mTPbLgeUh1O0ff3USMsYa4Iiu4DDPJ8EOg=s48-c-k-c0x00ffffff-no-rj
204.79.197.237:443

https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=39619fe105274dff9afa7bb95ac8cea8&localId=w:E538575A-8E65-34AB-A726-A4D160CA8F07&deviceId=6966564024204374&anid=

tls, http2

1.7kB
9.2kB
16
19

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=39619fe105274dff9afa7bb95ac8cea8&localId=w:E538575A-8E65-34AB-A726-A4D160CA8F07&deviceId=6966564024204374&anid=

HTTP Response

204

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=39619fe105274dff9afa7bb95ac8cea8&localId=w:E538575A-8E65-34AB-A726-A4D160CA8F07&deviceId=6966564024204374&anid=

HTTP Response

204

HTTP Request

GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=39619fe105274dff9afa7bb95ac8cea8&localId=w:E538575A-8E65-34AB-A726-A4D160CA8F07&deviceId=6966564024204374&anid=

HTTP Response

204
216.58.204.78:443

https://youtube.com/

tls, http2

chrome.exe

2.3kB
10.3kB
21
23

HTTP Request

GET https://youtube.com/
20.231.121.79:80

46 B
1
142.250.187.206:443

https://play.google.com/log?format=json&hasfast=true&authuser=0

tls, http2

chrome.exe

2.0kB
8.7kB
19
19

HTTP Request

OPTIONS https://play.google.com/log?format=json&hasfast=true&authuser=0
172.217.168.195:443

beacons.gcp.gvt2.com

tls, http2

chrome.exe

1.2kB
6.3kB
11
9
172.217.168.195:443

beacons.gcp.gvt2.com

tls, http2

chrome.exe

1.2kB
6.3kB
11
9
172.217.168.195:443

beacons.gcp.gvt2.com

tls, http2

chrome.exe

1.1kB
5.8kB
10
8
172.217.168.195:443

https://beacons.gcp.gvt2.com/domainreliability/upload-nel

tls, http2

chrome.exe

8.6kB
8.5kB
41
36

HTTP Request

POST https://beacons.gcp.gvt2.com/domainreliability/upload

HTTP Request

POST https://beacons.gcp.gvt2.com/domainreliability/upload

HTTP Request

POST https://beacons.gcp.gvt2.com/domainreliability/upload

HTTP Request

POST https://beacons.gcp.gvt2.com/domainreliability/upload

HTTP Request

POST https://beacons.gcp.gvt2.com/domainreliability/upload-nel
74.125.143.84:443

accounts.google.com

tls, http2

chrome.exe

1.1kB
5.9kB
11
10
192.178.48.227:443

https://beacons.gvt2.com/domainreliability/upload-nel

tls, http2

chrome.exe

2.8kB
7.9kB
25
27

HTTP Request

OPTIONS https://beacons.gvt2.com/domainreliability/upload-nel

HTTP Request

POST https://beacons.gvt2.com/domainreliability/upload-nel

8.8.8.8:53

2.159.190.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

2.159.190.20.in-addr.arpa
8.8.8.8:53

goo.su

dns

chrome.exe

52 B
84 B
1
1

DNS Request

goo.su

DNS Response

104.21.38.221

172.67.139.105
8.8.8.8:53

www.youtube.com

dns

chrome.exe

61 B
335 B
1
1

DNS Request

www.youtube.com

DNS Response

142.250.200.14

142.250.200.46

216.58.201.110

216.58.204.78

216.58.213.14

172.217.169.14

216.58.212.206

216.58.212.238

172.217.169.78

142.250.179.238

142.250.180.14

142.250.187.206

142.250.187.238

142.250.178.14

172.217.16.238
8.8.8.8:53

i.ytimg.com

dns

chrome.exe

57 B
297 B
1
1

DNS Request

i.ytimg.com

DNS Response

216.58.212.246

172.217.169.86

172.217.169.54

142.250.179.246

142.250.180.22

142.250.187.214

142.250.187.246

142.250.178.22

172.217.16.246

142.250.200.22

142.250.200.54

216.58.201.118

216.58.204.86

216.58.213.22

216.58.212.214
142.250.200.14:443

www.youtube.com

https

chrome.exe

21.6kB
175.4kB
106
191
8.8.8.8:53

rr1---sn-5hne6nz6.googlevideo.com

dns

chrome.exe

79 B
125 B
1
1

DNS Request

rr1---sn-5hne6nz6.googlevideo.com

DNS Response

74.125.100.198
8.8.8.8:53

221.38.21.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

221.38.21.104.in-addr.arpa
8.8.8.8:53

234.179.250.142.in-addr.arpa

dns

148 B
113 B
2
1

DNS Request

234.179.250.142.in-addr.arpa

DNS Request

234.179.250.142.in-addr.arpa
8.8.8.8:53

14.200.250.142.in-addr.arpa

dns

146 B
112 B
2
1

DNS Request

14.200.250.142.in-addr.arpa

DNS Request

14.200.250.142.in-addr.arpa
8.8.8.8:53

246.212.58.216.in-addr.arpa

dns

73 B
173 B
1
1

DNS Request

246.212.58.216.in-addr.arpa
8.8.8.8:53

10.178.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

10.178.250.142.in-addr.arpa
8.8.8.8:53

198.100.125.74.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

198.100.125.74.in-addr.arpa
8.8.8.8:53

rr4---sn-5hne6n6e.googlevideo.com

dns

chrome.exe

79 B
125 B
1
1

DNS Request

rr4---sn-5hne6n6e.googlevideo.com

DNS Response

172.217.132.233
172.217.132.233:443

rr4---sn-5hne6n6e.googlevideo.com

https

chrome.exe

15.2kB
805.2kB
123
641
8.8.8.8:53

accounts.google.com

dns

chrome.exe

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

74.125.143.84
74.125.143.84:443

accounts.google.com

https

chrome.exe

3.8kB
12.3kB
17
22
216.58.212.246:443

i.ytimg.com

https

chrome.exe

7.2kB
44.5kB
34
53
8.8.8.8:53

3.169.217.172.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

3.169.217.172.in-addr.arpa
8.8.8.8:53

249.197.17.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

249.197.17.2.in-addr.arpa
8.8.8.8:53

233.132.217.172.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

233.132.217.172.in-addr.arpa
8.8.8.8:53

84.143.125.74.in-addr.arpa

dns

72 B
105 B
1
1

DNS Request

84.143.125.74.in-addr.arpa
8.8.8.8:53

content-autofill.googleapis.com

dns

chrome.exe

77 B
301 B
1
1

DNS Request

content-autofill.googleapis.com

DNS Response

172.217.169.42

142.250.179.234

142.250.180.10

142.250.187.202

142.250.187.234

142.250.178.10

172.217.16.234

142.250.200.10

142.250.200.42

216.58.201.106

216.58.204.74

172.217.169.10

216.58.212.202

216.58.212.234
8.8.8.8:53

rr2---sn-q4fl6n6y.googlevideo.com

dns

chrome.exe

79 B
125 B
1
1

DNS Request

rr2---sn-q4fl6n6y.googlevideo.com

DNS Response

173.194.140.167
173.194.140.167:443

rr2---sn-q4fl6n6y.googlevideo.com

https

chrome.exe

5.1kB
8.0kB
25
27
8.8.8.8:53

133.113.22.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

133.113.22.20.in-addr.arpa
8.8.8.8:53

3.180.250.142.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

3.180.250.142.in-addr.arpa
8.8.8.8:53

42.169.217.172.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

42.169.217.172.in-addr.arpa
8.8.8.8:53

167.140.194.173.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

167.140.194.173.in-addr.arpa
172.217.169.42:443

content-autofill.googleapis.com

https

chrome.exe

6.9kB
52.9kB
37
58
8.8.8.8:53

jnn-pa.googleapis.com

dns

chrome.exe

67 B
275 B
1
1

DNS Request

jnn-pa.googleapis.com

DNS Response

216.58.201.106

216.58.204.74

216.58.212.202

172.217.169.74

172.217.169.42

142.250.179.234

142.250.180.10

142.250.187.202

142.250.187.234

142.250.178.10

172.217.16.234

142.250.200.10

142.250.200.42
8.8.8.8:53

yt3.ggpht.com

dns

chrome.exe

59 B
120 B
1
1

DNS Request

yt3.ggpht.com

DNS Response

142.250.187.225
8.8.8.8:53

g.bing.com

dns

56 B
151 B
1
1

DNS Request

g.bing.com

DNS Response

204.79.197.237

13.107.21.237
8.8.8.8:53

25.63.96.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

25.63.96.20.in-addr.arpa
8.8.8.8:53

225.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

225.187.250.142.in-addr.arpa
8.8.8.8:53

www.google.com

dns

chrome.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.178.4
142.250.178.4:443

www.google.com

https

chrome.exe

2.9kB
28.8kB
16
26
8.8.8.8:53

237.197.79.204.in-addr.arpa

dns

73 B
143 B
1
1

DNS Request

237.197.79.204.in-addr.arpa
8.8.8.8:53

21.114.53.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

21.114.53.23.in-addr.arpa
8.8.8.8:53

4.178.250.142.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

4.178.250.142.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

youtube.com

dns

chrome.exe

57 B
73 B
1
1

DNS Request

youtube.com

DNS Response

216.58.204.78
8.8.8.8:53

78.204.58.216.in-addr.arpa

dns

72 B
171 B
1
1

DNS Request

78.204.58.216.in-addr.arpa
8.8.8.8:53

43.58.199.20.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

43.58.199.20.in-addr.arpa
224.0.0.251:5353

chrome.exe

204 B
3
8.8.8.8:53

50.23.12.20.in-addr.arpa

dns

70 B
156 B
1
1

DNS Request

50.23.12.20.in-addr.arpa
8.8.8.8:53

15.164.165.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

15.164.165.52.in-addr.arpa
8.8.8.8:53

play.google.com

dns

chrome.exe

61 B
77 B
1
1

DNS Request

play.google.com

DNS Response

142.250.187.206
142.250.187.206:443

play.google.com

https

chrome.exe

6.9kB
8.3kB
14
18
8.8.8.8:53

206.187.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

206.187.250.142.in-addr.arpa
8.8.8.8:53

240.221.184.93.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

240.221.184.93.in-addr.arpa
8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.210.232.199.in-addr.arpa
8.8.8.8:53

23.236.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

23.236.111.52.in-addr.arpa
8.8.8.8:53

beacons.gcp.gvt2.com

dns

chrome.exe

66 B
112 B
1
1

DNS Request

beacons.gcp.gvt2.com

DNS Response

172.217.168.195
74.125.143.84:443

accounts.google.com

https

chrome.exe

4.0kB
8.2kB
9
11
8.8.8.8:53

195.168.217.172.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

195.168.217.172.in-addr.arpa
172.217.168.195:443

beacons.gcp.gvt2.com

https

chrome.exe

2.9kB
6.4kB
6
8
142.250.200.14:443

www.youtube.com

https

chrome.exe

11.1kB
4.4kB
16
13
172.217.168.195:443

beacons.gcp.gvt2.com

https

chrome.exe

9.7kB
4.8kB
22
15
74.125.143.84:443

accounts.google.com

https

chrome.exe

3.9kB
4.9kB
13
11
8.8.8.8:53

beacons.gvt2.com

dns

chrome.exe

62 B
78 B
1
1

DNS Request

beacons.gvt2.com

DNS Response

192.178.48.227
172.217.168.195:443

beacons.gcp.gvt2.com

https

chrome.exe

4.6kB
4.0kB
17
17
192.178.48.227:443

beacons.gvt2.com

https

chrome.exe

3.3kB
7.7kB
9
10
8.8.8.8:53

227.48.178.192.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

227.48.178.192.in-addr.arpa
8.8.8.8:53

15.173.189.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

15.173.189.20.in-addr.arpa
8.8.8.8:53

www.youtube.com

dns

chrome.exe

61 B
335 B
1
1

DNS Request

www.youtube.com

DNS Response

142.250.200.14

142.250.200.46

216.58.201.110

216.58.204.78

216.58.213.14

172.217.169.14

216.58.212.206

216.58.212.238

172.217.169.78

142.250.179.238

142.250.180.14

142.250.187.206

142.250.187.238

142.250.178.14

172.217.16.238
142.250.200.14:443

www.youtube.com

https

chrome.exe

5.8kB
3.2kB
12
11
172.217.168.195:443

beacons.gcp.gvt2.com

https

chrome.exe

2.6kB
3.6kB
8
9
8.8.8.8:53

www.youtube.com

dns

chrome.exe

61 B
335 B
1
1

DNS Request

www.youtube.com

DNS Response

142.250.200.14

142.250.200.46

216.58.201.110

216.58.204.78

216.58.213.14

172.217.169.14

216.58.212.206

216.58.212.238

172.217.169.78

142.250.179.238

142.250.180.14

142.250.187.206

142.250.187.238

142.250.178.14

172.217.16.238
142.250.200.14:443

www.youtube.com

https

chrome.exe

7.2kB
3.1kB
12
10
8.8.8.8:53

www.youtube.com

dns

chrome.exe

61 B
335 B
1
1

DNS Request

www.youtube.com

DNS Response

142.250.200.14

142.250.200.46

216.58.201.110

216.58.204.78

216.58.213.14

172.217.169.14

216.58.212.206

216.58.212.238

172.217.169.78

142.250.179.238

142.250.180.14

142.250.187.206

142.250.187.238

142.250.178.14

172.217.16.238
142.250.200.14:443

www.youtube.com

https

chrome.exe

4.6kB
5.0kB
10
12
8.8.8.8:53

play.google.com

dns

chrome.exe

61 B
77 B
1
1

DNS Request

play.google.com

DNS Response

142.250.187.206
142.250.187.206:443

play.google.com

https

chrome.exe

3.1kB
2.7kB
8
8
8.8.8.8:53

beacons.gcp.gvt2.com

dns

chrome.exe

66 B
112 B
1
1

DNS Request

beacons.gcp.gvt2.com

DNS Response

192.178.49.163
192.178.49.163:443

beacons.gcp.gvt2.com

https

chrome.exe

3.8kB
7.4kB
12
12
8.8.8.8:53

163.49.178.192.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

163.49.178.192.in-addr.arpa
8.8.8.8:53

beacons.gcp.gvt2.com

dns

chrome.exe

66 B
112 B
1
1

DNS Request

beacons.gcp.gvt2.com

DNS Response

192.178.49.163
192.178.49.163:443

beacons.gcp.gvt2.com

https

chrome.exe

2.8kB
3.6kB
10
10
8.8.8.8:53

www.youtube.com

dns

chrome.exe

183 B
335 B
3
1

DNS Request

www.youtube.com

DNS Request

www.youtube.com

DNS Request

www.youtube.com

DNS Response

142.250.200.14

142.250.200.46

216.58.201.110

216.58.204.78

216.58.213.14

172.217.169.14

216.58.212.206

216.58.212.238

172.217.169.78

142.250.179.238

142.250.180.14

142.250.187.206

142.250.187.238

142.250.178.14

172.217.16.238
142.250.200.14:443

www.youtube.com

https

chrome.exe

4.9kB
3.1kB
11
8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
504B

MD5
168a216647fe98b64a1cef7dc4a1b5eb

SHA1
3513a3ce61d2041c500a5901adc849df30159006

SHA256
5b8ae3bb362c3decc2ea009dec87debcd2605ed52ed6329536f258e70c4b7a61

SHA512
ed77fc0ddabcd06e059bff6ee54d0978f2e51c55990acb061cb2f9442cb8d47ee50b8696b3d026e550dbc5e452d5997dc02f47e71891886cde85564a6a360b05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
8dc4ae774020f6836f3f17ed57629545

SHA1
94ad4a63728e50f55eb857112920eee1d1613f3e

SHA256
0dcc0a232aa2ca4d48786eca36a5e8e40ec41f3fddbd4753155600c99b25fb5f

SHA512
b63bd625e6cabfe076c458516107054216f4085e4a38fe5148910e977e39a349c488f9a05be997d5c1663b8960128e2202af35f904ac71faa47d29be80c0df75

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
dcdf1a14955201a4274505efea36c302

SHA1
471c96878ef56180b4a43db8ddf2b0c2d774cbe6

SHA256
a03237884ea5b59b3b8c22355d1326915d0d0816c21695bb6acc06daa22d4e01

SHA512
df6185fe44b20c36e9ea07d4cc88081b5ae35b4506c108fa8dd359aa31945f08abae4aa392852cac315f879ece3da559fc607719364cfe38d8e344989c628ae2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
d76a3fb07fc9821d5f3533285dff1b61

SHA1
bdb0e9c17e32a2cc2012492393199527f3374c13

SHA256
52844dd70d637fdeeeb1b537d1f7ac417579dbec1d3bf3a2b9187cfc3bc4c522

SHA512
cf852c3b506a9635a23459ae44163762fa9e527893890bab093648674b371774c93b70ccb52f3e22ae30009fae5d25159321b22a93d7475d6c485d44989db9da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
c39152e8b8e33070e9bbd5516c72725c

SHA1
ce044100c708be2efb7b338e6d354ecbdf9ebda6

SHA256
a56f46092d2d1395f62332c4e7f97876f7fab118f103e2e93af8e9930e80620b

SHA512
70e0a6a7f58445fa58662f886fc5966e4b167baec0605f4bfb2f317bbb9b2eb60a8335b5155f25004a8c1ded36fa05394eca98a5e413b3b7664d96ae17387c8c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
9e4f85fbd4f086c6f792059c40c161ab

SHA1
c2c2b5377878fac46f392d4ca94083e817d81877

SHA256
611ef05960917a5b42e6d011607c3f8cdbf5bc9dcf0d007f7ef5c42053f04b19

SHA512
0a007601ced8e65e049f6b1aa03d284092888ff6518f2aa5c744c708e3570a5633791a0c76af7c3f05c6e2b8534fbedcfe7d722bc1a20f96e174b96451d93812

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
0dc86e8d84885dbbc5e37b1fcefe24cf

SHA1
01b8f66c1c1def9bcb817e35f6093df526632fb9

SHA256
6efe2ffe302694f42fa68e7354f573ef778519da7d888b23d1185c6498a27829

SHA512
98e6a5acf36b336eadd7ff2dca9ddbff630a4bcfe33a499c1738089ade594de5e13d01a8ce34d5db1641e233ca88174928fd3ee32a62352ee5ff358676d7f023

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
48f39ec276db7b4305b25624790bdaf7

SHA1
5cbc1e6dff9896d59d6036841bd857227d84824d

SHA256
645c6e45f8920e9491c584011f25143fc2fd9e3fe7a2b76a82eb668d5bff961e

SHA512
f385ace115df26775f876e62f260c8b8235166446c9a65624b054b594bca3ddf3e95d80d72eb3328201796198d65a81c5be6875d72f38d8c8db8e13681803cff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
4KB

MD5
55d622a9af253a3cd061d9afb9ec16a9

SHA1
671a796d012d883d0454915207569e3f8a8fbc31

SHA256
7efae9b06bd9d3f7dba8046c7c5faf1633cdb8b35809214966262bf09646fd57

SHA512
6506c54213c86895c8004c75bb8aeeded41f52327bea2c1db96b8fa8b6ae5df25841517df5752182e5bc29c3db6d28895d448fbfea4e4374422e4bb9c6a0dfad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
859B

MD5
f9d8ebb83906aff44ab071a911f44dac

SHA1
34f2d723d6f9c3fe24389f2304c0609db83ca325

SHA256
70b678b4c09447d42efdc418498d6ce848f934d871b44529d81efd3912f47f7e

SHA512
9cccf1d5822de9b5259a2fdc8fa7a893457d5913aa24e398baf72383a2e0c7e12136ccf44bf1c5331c9ffcbe756fab63ff21f9e67674f20c4d4f04475bab23b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\beb94227-78f0-4106-ae81-7d9e1f5fddf0.tmp

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
9e7c68c430603fd1412b91df71a28ec3

SHA1
82b2af57e492483f143b41eab8e6590744cabc86

SHA256
ad366b1ceae52de284a4a02424fc6b108843707e53643db39d7aa33d9282c585

SHA512
3c84ea626fb43377f0908dfae5f5757aba5f8190d22a3120151dbfcc81d4d72828da583cd3018457988fa4d5768824eb0f5decea87bf48d55340ebb117615ae2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\679aabc5-85f1-443f-b778-7923953d43ca\index-dir\the-real-index

Filesize
2KB

MD5
db726b16c0cc5269dc95a511410ce832

SHA1
1bcb1a8b48c10d8cf3ee3f9a4e94a5573dfdb4a4

SHA256
12883ae4b074a3359b5a4911dd10e9d13b379baff10400797e91e1226c1ff3af

SHA512
38dad001070cac47224f36f45b4a291e26b5f1a3843f0b970c5b65ab2d686588c1492ee23b7d332c27cf2ec06f1d1ed54169dc35a72de787cd57f93eb23655c0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\679aabc5-85f1-443f-b778-7923953d43ca\index-dir\the-real-index~RFe579af8.TMP

Filesize
48B

MD5
b1852217b189dc799dd3161b03b5b967

SHA1
346414b4473aa7cb0aa81a9140d2aadd84d1b3bc

SHA256
ad2831ca2be6762e6fd9a02d85136ff2ffeec91beec5a65e2ebb123c0318aef4

SHA512
7b3b4772ad432fa76a76c2d6316d99122b5fbe2bba52faaeceba910937b03656fc7b5d31749e6e041424609dcbf6fa3bcc9a4cae735338b17ca43c4e3893b9ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
176B

MD5
5b3ce39e072876d043f1420a4bc0dffc

SHA1
2ebf1a490cdef6a4fadd0d0fb328972cb7a279cf

SHA256
354596cdb5a03cdd926157315ded22932074c701dc23133e2c2d05a504ff1de6

SHA512
3ebe084ffd6ae4d3237c0c14443409ab24a827d311d62c0941973a4dccad4e0c2b7121b3793ade9bebb3a62439b4cdf5a00b0187ab8df99257a01dba9bf082fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
112B

MD5
73f389af7ba53f6c7ad5213dafb7d5ff

SHA1
b581664703f66398fa07b28f2ac8405ffc91c91e

SHA256
9d4f8f5fcefae5b9ecfba096c3a7e67c8891b08708c817d9bd787eb0ef987768

SHA512
cdf4d54925c255c66237ec4bd60eca068c47f451a45ad970ae83396dd86a3f98e0bf50e0c83d36372841ab6845acedab3d3b46906229f5b1ce3af2c5089ad90f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
114B

MD5
dabb8ff7d8d5f446b7b9f083af8b8289

SHA1
867f7df509e2b12a942d0c95923bca81f0d99b74

SHA256
399b0575e48867fb6a169964d6f8f44f3c74b85c5613356f08b129347a3d9b03

SHA512
ea8fcc43679bf63ca64fc30ceea87c5495cbe8511c2e96494e51ee57f3c7263cb5a455e76864676de742c7a17fad62b64f66be7b02ef832befb5ca7bd05fa15d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5741ac.TMP

Filesize
119B

MD5
f028409fbca60e55df3fc94ee0cd0cb7

SHA1
cc6006fd98229a967084e46e13c8fba27abbd40b

SHA256
ef2327f0d84beefdecd8d4c1a483aa81ead3a6f7a068d6f2cc68c1d0c8405045

SHA512
b38a865ed99b3d9d66648f87a8b0ef5a3d7454a15039052cf7732216e501357a4360b37feea255a2153696ff4ae53707c9947da02489d32224a65fb159b1b60c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
72B

MD5
28cccda39d3be6e43db8da057a5996f8

SHA1
0d434ead2a51a739dbffdd535ed0fc9c1bbeaf25

SHA256
5e4ecd3a072b8b50806ed8c29b682967f406fdb391441f8dcf488d99f783eed1

SHA512
656a86e031ef285c3f73e17623d961b4f29be2c080771203812539c71932e2d9f53a30a03e9456aa1f708c3f14f88d3220a513701eddbaaad453b2417445b70f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe579078.TMP

Filesize
48B

MD5
dd0b35d9ad5b56d1569c7bdefaf05904

SHA1
460e076cd6dcd83c3129220653b338b3077357cb

SHA256
2e28ccd63770fd03fb82d8e7515f3d290757e22fa19c946ebe864f77091a9b66

SHA512
c38998a829c178c634a4ca2f356058c43eb3cee0a73c21821d84edb43ddfd48ce52af9879aa18e3b6850da290a8302d1adbddcd8e8254471d3a2572cb85b1a83

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Icons\32.png

Filesize
673B

MD5
88dfa96f9642297ff88909ca4e0f7330

SHA1
ed8655bf13e6cc49395da4c760168c4148454b7c

SHA256
5e5eb084cf1a650b2e122f53d36f85b67ce6e39069e399a46a25dbd34f7be286

SHA512
cc2deedfeacf9f26e48cbb26e222a219905888b95634c7d91d6393b84248305ce8940816bdb3bff0f5384b9dad90f4e3905b229e06ce4b1023a1439293b240dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2116_1770897337\Shortcuts Menu Icons\Monochrome\0\512.png

Filesize
2KB

MD5
12a429f9782bcff446dc1089b68d44ee

SHA1
e41e5a1a4f2950a7f2da8be77ca26a66da7093b9

SHA256
e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37

SHA512
1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2116_1770897337\Shortcuts Menu Icons\Monochrome\1\512.png

Filesize
10KB

MD5
7f57c509f12aaae2c269646db7fde6e8

SHA1
969d8c0e3d9140f843f36ccf2974b112ad7afc07

SHA256
1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f

SHA512
3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2116_469833647\Icons Monochrome\16.png

Filesize
216B

MD5
a4fd4f5953721f7f3a5b4bfd58922efe

SHA1
f3abed41d764efbd26bacf84c42bd8098a14c5cb

SHA256
c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3

SHA512
7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
127KB

MD5
5c10e73b66fff1648a048b4b42d8358f

SHA1
0b4027cdceb3fa5875a53d871a3e23a8b7049a92

SHA256
17bc73cd3029488f6bc618ef66c5273f95bd57190b070881d09c94c21a27a521

SHA512
7bd604ff50bc18123ca5818809f16898bbb98ab6221b0604e6a777f0f2d6a2b94b89c77ccf25f26c5d257e4b8f6d6742a6b687e3fd7d60fc37ee4ddd7dff6326

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Response

DNS Request