Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

24bd3998ed...18.exe

windows7-x64

7

24bd3998ed...18.exe

windows10-2004-x64

7

$PLUGINSDI...os.dll

windows7-x64

3

$PLUGINSDI...os.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$TEMPImg/C...04.exe

windows7-x64

1

$TEMPImg/C...04.exe

windows10-2004-x64

1

$TEMPImg/regver.exe

windows7-x64

1

$TEMPImg/regver.exe

windows10-2004-x64

1

DataDiskDoctor.exe

windows7-x64

7

DataDiskDoctor.exe

windows10-2004-x64

7

Uninst.exe

windows7-x64

7

Uninst.exe

windows10-2004-x64

7

$PLUGINSDI...es.dll

windows7-x64

3

$PLUGINSDI...es.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    04/07/2024, 05:09 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $TEMPImg/regver.exe

  • Size

    290KB

  • MD5

    9181b183dd3096301e7211ed0312de8a

  • SHA1

    0c321747b581ad79da70dc9aab183cc12c3bbefd

  • SHA256

    202fcecc53f1ffd2d1d85cc4cc79a24ae37285ce564e15615b5d13ca69487968

  • SHA512

    5316e0511746c75603ba02eaf79b9aafbb29356f94279f466d3f17e9894082f14cf052ca3b8f52a149815e8c9b58f5d4b02ef1dcc3d677dc27032480f788adf7

  • SSDEEP

    6144:hIPYFHLrOWl1uIQtbf2QVDZEY4KUC3VM7UaEHpTLNUqNxC2kOoKXl:h+YFHUtbOUeKt3VMQaEHpTDx/kOX1

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\$TEMPImg\regver.exe
    "C:\Users\Admin\AppData\Local\Temp\$TEMPImg\regver.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    PID:2412

Network

  • flag-us
    DNS
    www.app-zilla.com
    regver.exe
    Remote address:
    8.8.8.8:53
    Request
    www.app-zilla.com
    IN A
    Response
    www.app-zilla.com
    IN CNAME
    traff-2.hugedomains.com
    traff-2.hugedomains.com
    IN CNAME
    hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com
    hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com
    IN A
    3.130.204.160
    hdr-nlb5-4e815dd67a14bf7f.elb.us-east-2.amazonaws.com
    IN A
    3.130.253.23
  • flag-us
    GET
    http://www.app-zilla.com/register_install_ppd.php
    regver.exe
    Remote address:
    3.130.204.160:80
    Request
    GET /register_install_ppd.php HTTP/1.1
    Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: www.app-zilla.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 302 Found
    content-length: 0
    date: Thu, 04 Jul 2024 05:09:51 GMT
    location: https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
  • flag-us
    DNS
    www.hugedomains.com
    regver.exe
    Remote address:
    8.8.8.8:53
    Request
    www.hugedomains.com
    IN A
    Response
    www.hugedomains.com
    IN A
    104.26.6.37
    www.hugedomains.com
    IN A
    104.26.7.37
    www.hugedomains.com
    IN A
    172.67.70.191
  • flag-us
    GET
    https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
    regver.exe
    Remote address:
    104.26.6.37:443
    Request
    GET /domain_profile.cfm?d=app-zilla.com HTTP/1.1
    Accept: application/x-ms-application, image/jpeg, application/xaml+xml, image/gif, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: www.hugedomains.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 04 Jul 2024 05:09:52 GMT
    Content-Type: text/html; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive
    cache-control: private
    vary: Accept-Encoding
    set-cookie: site_version_phase=108; expires=Sun, 29-Jun-2025 05:09:52 GMT; path=/
    set-cookie: site_version=HDv3; expires=Sun, 29-Jun-2025 05:09:52 GMT; path=/
    x-powered-by: ASP.NET
    lb: TclPrdLbHd3
    CF-Cache-Status: DYNAMIC
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2B76%2FVvsvz9lxf1hSzBPkibuEkrAl8TPdVDj%2FXRgLBI%2FPz2dRCEh9EsH5r%2BQKZ%2F%2BB5HK5hqTg4ozt94ijwIIyzvvXQ2uolwxEc6CIO06PA28eJOTljPNgaPOfqBeQqfOyyVge%2BY%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 89dc9b099ac588a4-LHR
    Content-Encoding: gzip
  • flag-us
    DNS
    cdn-cookieyes.com
    regver.exe
    Remote address:
    8.8.8.8:53
    Request
    cdn-cookieyes.com
    IN A
    Response
    cdn-cookieyes.com
    IN A
    104.22.58.91
    cdn-cookieyes.com
    IN A
    172.67.20.8
    cdn-cookieyes.com
    IN A
    104.22.59.91
  • flag-us
    DNS
    cdn.jsdelivr.net
    regver.exe
    Remote address:
    8.8.8.8:53
    Request
    cdn.jsdelivr.net
    IN A
    Response
    cdn.jsdelivr.net
    IN CNAME
    jsdelivr.map.fastly.net
    jsdelivr.map.fastly.net
    IN A
    151.101.193.229
    jsdelivr.map.fastly.net
    IN A
    151.101.1.229
    jsdelivr.map.fastly.net
    IN A
    151.101.65.229
    jsdelivr.map.fastly.net
    IN A
    151.101.129.229
  • flag-us
    DNS
    use.typekit.net
    regver.exe
    Remote address:
    8.8.8.8:53
    Request
    use.typekit.net
    IN A
    Response
    use.typekit.net
    IN CNAME
    use-stls.adobe.com.edgesuite.net
    use-stls.adobe.com.edgesuite.net
    IN CNAME
    a1988.dscg1.akamai.net
    a1988.dscg1.akamai.net
    IN A
    184.31.15.74
    a1988.dscg1.akamai.net
    IN A
    184.31.15.40
  • flag-us
    DNS
    static.hugedomains.com
    regver.exe
    Remote address:
    8.8.8.8:53
    Request
    static.hugedomains.com
    IN A
    Response
    static.hugedomains.com
    IN A
    104.26.6.37
    static.hugedomains.com
    IN A
    172.67.70.191
    static.hugedomains.com
    IN A
    104.26.7.37
  • flag-us
    GET
    https://static.hugedomains.com/css/hdv3-css/style.css?aa=2021-06-09a
    regver.exe
    Remote address:
    104.26.6.37:443
    Request
    GET /css/hdv3-css/style.css?aa=2021-06-09a HTTP/1.1
    Accept: */*
    Referer: https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: static.hugedomains.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 04 Jul 2024 05:09:52 GMT
    Content-Type: text/css
    Transfer-Encoding: chunked
    Connection: keep-alive
    Access-Control-Allow-Origin: *
    Cf-Bgj: minify
    Cf-Polished: origSize=231923
    ETag: W/"044c5e7b22fda1:0"
    Last-Modified: Sat, 16 Dec 2023 00:00:40 GMT
    Vary: Accept-Encoding
    X-Powered-By: ASP.NET
    Cache-Control: max-age=14400
    CF-Cache-Status: HIT
    Age: 5557
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=28HEunwdEF0q7z8mMrXlsKneQ0qqm9ZMrkUk3v7y4yD8QZ0xYvV8UkDQBYp1K7gJyO4gx%2BqH990oG8VAycoMOkbcu8NhH6HbSM6feiVzOA2d7fyIFC3omoC8k%2FW9XPicREe6bddGkPM%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 89dc9b0c9b6923c0-LHR
    Content-Encoding: gzip
  • flag-us
    GET
    https://static.hugedomains.com/css/hdv3-css/hd-style.css?aa=2022-10-33
    regver.exe
    Remote address:
    104.26.6.37:443
    Request
    GET /css/hdv3-css/hd-style.css?aa=2022-10-33 HTTP/1.1
    Accept: */*
    Referer: https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: static.hugedomains.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 04 Jul 2024 05:09:52 GMT
    Content-Type: text/css
    Transfer-Encoding: chunked
    Connection: keep-alive
    Access-Control-Allow-Origin: *
    Cf-Bgj: minify
    Cf-Polished: origSize=62061
    ETag: W/"0b3d6cfd5c1da1:0"
    Last-Modified: Tue, 18 Jun 2024 23:18:22 GMT
    Vary: Accept-Encoding
    X-Powered-By: ASP.NET
    Cache-Control: max-age=14400
    CF-Cache-Status: HIT
    Age: 4464
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mcc0Q6laE677PYdW9AjgW0gllcQwGmFfLt8qt2h6QSsbQuPZUkBgA5QJI2cAO7FT%2BkBv5T9PoreQ752lLtct1xP5nb4CpezG3bItJb0Ms889disIt6YjvRGpp6FhIUBWRRNVWUkkXNM%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 89dc9b0cfb9a23c0-LHR
    Content-Encoding: gzip
  • flag-us
    GET
    https://static.hugedomains.com/images/hdv3-img/hd-header-logo-v3.svg
    regver.exe
    Remote address:
    104.26.6.37:443
    Request
    GET /images/hdv3-img/hd-header-logo-v3.svg HTTP/1.1
    Accept: */*
    Referer: https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: static.hugedomains.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 04 Jul 2024 05:09:52 GMT
    Content-Type: image/svg+xml
    Transfer-Encoding: chunked
    Connection: keep-alive
    Last-Modified: Thu, 07 Dec 2023 18:21:14 GMT
    ETag: W/"d59b9b293a29da1:0"
    X-Powered-By: ASP.NET
    Access-Control-Allow-Origin: *
    Cache-Control: max-age=14400
    CF-Cache-Status: HIT
    Age: 6241
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2B%2B3xU7ePUMrtoxKUSbxcihPjaKQsMBvqA70IHMofHYgFCN8qMfDCa%2BIDT9gMuUdJMh6%2F%2FD69DQOV%2FQEf%2BJ5ftCzRUdrt1xh%2BUNnZW0tzS85AboQRthq6LTOZpw0Bb8Nq0dty7GBI7U%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 89dc9b0d5bd123c0-LHR
    Content-Encoding: gzip
  • flag-us
    GET
    https://static.hugedomains.com/images/hdv3-img/phone-icon.png
    regver.exe
    Remote address:
    104.26.6.37:443
    Request
    GET /images/hdv3-img/phone-icon.png HTTP/1.1
    Accept: */*
    Referer: https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: static.hugedomains.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 04 Jul 2024 05:09:52 GMT
    Content-Type: image/png
    Content-Length: 705
    Connection: keep-alive
    Access-Control-Allow-Origin: *
    Cf-Bgj: imgq:100,h2pri
    Cf-Polished: origSize=2415
    ETag: "524238d6b75ed61:0"
    Last-Modified: Mon, 20 Jul 2020 17:04:32 GMT
    X-Powered-By: ASP.NET
    Cache-Control: max-age=14400
    CF-Cache-Status: HIT
    Age: 3922
    Accept-Ranges: bytes
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=poh0dGZIvkIKD5QhvHD7MJe1P%2FiJwT1OQgK%2FWwo%2B51wIt3PWKEL77eP4ImJIyCIT4Sc1nlIPOSgBWdi8CgGw50ij4ZeWs7Ubd0R%2Fnzdcaegcld%2B1XTf7WgJqHEXY8hwTyOKr%2Bea6GZY%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 89dc9b0dac0d23c0-LHR
  • flag-us
    GET
    https://static.hugedomains.com/images/hdv3-img/cart.png
    regver.exe
    Remote address:
    104.26.6.37:443
    Request
    GET /images/hdv3-img/cart.png HTTP/1.1
    Accept: */*
    Referer: https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: static.hugedomains.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 04 Jul 2024 05:09:52 GMT
    Content-Type: image/png
    Content-Length: 669
    Connection: keep-alive
    Access-Control-Allow-Origin: *
    Cf-Bgj: imgq:100,h2pri
    Cf-Polished: origSize=2303
    ETag: "a9c92cd6b75ed61:0"
    Last-Modified: Mon, 20 Jul 2020 17:04:31 GMT
    X-Powered-By: ASP.NET
    Cache-Control: max-age=14400
    CF-Cache-Status: HIT
    Age: 6153
    Accept-Ranges: bytes
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CCz0Id%2BQPVOHaJZsYNADOzhdzM0Em%2BpU4iyMngjtes%2B0vNhQAKd%2FFhspILbqyJQoQC6Fpua2GxKlPa6V4tp4rCXbG0Vreth2LGunLE%2B%2F%2FCbOmdsZbvBs5Zx8uxZ43dSeihwcsDmg8GM%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 89dc9b0dfc4b23c0-LHR
  • flag-us
    GET
    https://static.hugedomains.com/images/hdv3-img/roket-side-ico.png
    regver.exe
    Remote address:
    104.26.6.37:443
    Request
    GET /images/hdv3-img/roket-side-ico.png HTTP/1.1
    Accept: */*
    Referer: https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: static.hugedomains.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 04 Jul 2024 05:09:53 GMT
    Content-Type: image/png
    Content-Length: 1362
    Connection: keep-alive
    Access-Control-Allow-Origin: *
    Cf-Bgj: imgq:100,h2pri
    Cf-Polished: origSize=3247
    ETag: "8c51cde73cfd71:0"
    Last-Modified: Mon, 01 Nov 2021 22:57:38 GMT
    X-Powered-By: ASP.NET
    Cache-Control: max-age=14400
    CF-Cache-Status: HIT
    Age: 2415
    Accept-Ranges: bytes
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2FEE4OqJdmwe8p0jDTQSsoe9rmdLh%2FM%2Fr613VIo2%2Ba%2BQdm%2BrZOY34TU8xF9nno6aK04Ug%2Bcf4%2FarMaSjX88yINM%2F%2BvNHtvroy5xhGQTG4I15IjrbqBxCCrWIjPiikdGZ74MNeL%2Bw6Q8%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 89dc9b0e4c7323c0-LHR
  • flag-us
    GET
    https://static.hugedomains.com/images/hdv3-img/zero-side-ico.png
    regver.exe
    Remote address:
    104.26.6.37:443
    Request
    GET /images/hdv3-img/zero-side-ico.png HTTP/1.1
    Accept: */*
    Referer: https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: static.hugedomains.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 04 Jul 2024 05:09:53 GMT
    Content-Type: image/png
    Content-Length: 1472
    Connection: keep-alive
    Access-Control-Allow-Origin: *
    Cf-Bgj: imgq:100,h2pri
    Cf-Polished: origSize=3369
    ETag: "8ebd50db73cfd71:0"
    Last-Modified: Mon, 01 Nov 2021 22:57:33 GMT
    X-Powered-By: ASP.NET
    Cache-Control: max-age=14400
    CF-Cache-Status: HIT
    Age: 4990
    Accept-Ranges: bytes
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MNtrHdTWFlhQUfFV5Pzwfz5WlVXowMNgHTZJABQHv%2B4njAz3MwKxf260KeDbp7qEjwdnb5xNSXdzfWIrAgvjecfkGljcjuimGGv7Zo9u5sf8Fe8d%2FuzTVe76x2QJcERmb%2BVLuBtrFzQ%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 89dc9b0eaca123c0-LHR
  • flag-us
    GET
    https://static.hugedomains.com/css/hdv3-css/reboot.min.css
    regver.exe
    Remote address:
    104.26.6.37:443
    Request
    GET /css/hdv3-css/reboot.min.css HTTP/1.1
    Accept: */*
    Referer: https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: static.hugedomains.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 04 Jul 2024 05:09:52 GMT
    Content-Type: text/css
    Content-Length: 1580
    Connection: keep-alive
    Content-Encoding: gzip
    Last-Modified: Tue, 15 Nov 2022 18:51:51 GMT
    ETag: "80fd745223f9d81:0"
    Vary: Accept-Encoding
    X-Powered-By: ASP.NET
    Access-Control-Allow-Origin: *
    Cache-Control: max-age=14400
    CF-Cache-Status: HIT
    Age: 19
    Accept-Ranges: bytes
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nVR%2B5Ar42RP%2FKCPBvIu8b%2FaYrCsoauDS%2Fw3HibnmzbHLwDjrS5bajS0jtfwxYG3dIlahELGkUIhpG6Rvp3hmiZf8M6jW0B8rN8I4rMZfElkxWZFLNRrn3Bwx3kACwuMDzBMzI73ww9M%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Server: cloudflare
    CF-RAY: 89dc9b0cab8294f3-LHR
  • flag-us
    GET
    https://static.hugedomains.com/css/hdv3-css/responsive.css?aa=2021-06-09a
    regver.exe
    Remote address:
    104.26.6.37:443
    Request
    GET /css/hdv3-css/responsive.css?aa=2021-06-09a HTTP/1.1
    Accept: */*
    Referer: https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: static.hugedomains.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 04 Jul 2024 05:09:52 GMT
    Content-Type: text/css
    Transfer-Encoding: chunked
    Connection: keep-alive
    Access-Control-Allow-Origin: *
    Cf-Bgj: minify
    Cf-Polished: origSize=94954
    ETag: W/"6bdaa3be524ada1:0"
    Last-Modified: Thu, 18 Jan 2024 21:10:20 GMT
    X-Powered-By: ASP.NET
    Cache-Control: max-age=14400
    CF-Cache-Status: HIT
    Age: 1416
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AVky8Ovqu50tm2cXQWzO6JuvuX9lERSCB8U7hu%2BZCefthREWjtZootqfV44f%2FlQMB6WP%2FmHEoZ4msUzs7FDhxs34zs9dNS8g8NYAJ3oVRpyfvokV9ayNoXGdNUC1H9jsaPXme8Re9Q0%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 89dc9b0cfbb694f3-LHR
    Content-Encoding: gzip
  • flag-us
    GET
    https://static.hugedomains.com/css/hdv3-css/hd-style-print.css
    regver.exe
    Remote address:
    104.26.6.37:443
    Request
    GET /css/hdv3-css/hd-style-print.css HTTP/1.1
    Accept: */*
    Referer: https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: static.hugedomains.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 04 Jul 2024 05:09:52 GMT
    Content-Type: text/css
    Transfer-Encoding: chunked
    Connection: keep-alive
    Access-Control-Allow-Origin: *
    Cf-Bgj: minify
    Cf-Polished: origSize=1794
    ETag: W/"8138e567fd4ada1:0"
    Last-Modified: Fri, 19 Jan 2024 17:31:59 GMT
    X-Powered-By: ASP.NET
    Cache-Control: max-age=14400
    CF-Cache-Status: HIT
    Age: 7094
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mwATEtfA9N%2Bzx6b4BfaAO%2BBgl6kf0LBn1bMW2x655nRA7ckVRFsisERLnwMcpojkcR2pwVRtqlgzaNZjRm6xPNy0ns7LPKQDPnfR7VpTuk6bHpvlxZvwb7hLkMmIwh9YT7YcEwUr0uI%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 89dc9b0d4be994f3-LHR
    Content-Encoding: gzip
  • flag-us
    GET
    https://static.hugedomains.com/images/hdv3-img/phone-icon-white.png
    regver.exe
    Remote address:
    104.26.6.37:443
    Request
    GET /images/hdv3-img/phone-icon-white.png HTTP/1.1
    Accept: */*
    Referer: https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: static.hugedomains.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 04 Jul 2024 05:09:52 GMT
    Content-Type: image/png
    Content-Length: 476
    Connection: keep-alive
    Access-Control-Allow-Origin: *
    Cf-Bgj: imgq:100,h2pri
    Cf-Polished: origSize=662
    ETag: "069df3238ead81:0"
    Last-Modified: Thu, 27 Oct 2022 19:13:30 GMT
    X-Powered-By: ASP.NET
    Cache-Control: max-age=14400
    CF-Cache-Status: HIT
    Age: 2472
    Accept-Ranges: bytes
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TxT%2BRYYH8KVSsBhSNYtznGz2mQCuefkJ%2Fkyn20u5AnjH%2BNjKd0Di%2FJB8hqMJOiB2rRizrJQFNi0W8NJVHZKem2bahgOkKeS0%2FE1l2Keb%2BzPtNCNO4WwepHqPp2yNWXHxg0ENL5JwD1c%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 89dc9b0d9c0e94f3-LHR
  • flag-us
    GET
    https://static.hugedomains.com/images/hdv3-img/favorite-header.png
    regver.exe
    Remote address:
    104.26.6.37:443
    Request
    GET /images/hdv3-img/favorite-header.png HTTP/1.1
    Accept: */*
    Referer: https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: static.hugedomains.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 04 Jul 2024 05:09:52 GMT
    Content-Type: image/png
    Content-Length: 728
    Connection: keep-alive
    Access-Control-Allow-Origin: *
    Cf-Bgj: imgq:100,h2pri
    Cf-Polished: origSize=2420
    ETag: "8fd8f6dc9185d71:0"
    Last-Modified: Fri, 30 Jul 2021 22:25:55 GMT
    X-Powered-By: ASP.NET
    Cache-Control: max-age=14400
    CF-Cache-Status: HIT
    Age: 2809
    Accept-Ranges: bytes
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UNMtY1JyJgJ6fIhQArEBzv0QSnojNgP8NdbAhIpTMEjpBwudmAicLvwJ6mcoOwkx1WUsakh4uhCNJ34e7pgy5d0B8tpqa1jdGxmaEufwBXz%2BZKZ76hwnWXLv6RmLe45t5%2FihyeJboU8%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 89dc9b0dec4a94f3-LHR
  • flag-us
    GET
    https://static.hugedomains.com/images/hdv3-img/30daysmallico.png
    regver.exe
    Remote address:
    104.26.6.37:443
    Request
    GET /images/hdv3-img/30daysmallico.png HTTP/1.1
    Accept: */*
    Referer: https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: static.hugedomains.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 04 Jul 2024 05:09:53 GMT
    Content-Type: image/png
    Content-Length: 1440
    Connection: keep-alive
    Access-Control-Allow-Origin: *
    Cf-Bgj: imgq:100,h2pri
    Cf-Polished: origSize=3297
    ETag: "6e907958cad5d71:0"
    Last-Modified: Wed, 10 Nov 2021 00:31:47 GMT
    X-Powered-By: ASP.NET
    Cache-Control: max-age=14400
    CF-Cache-Status: HIT
    Age: 4390
    Accept-Ranges: bytes
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LOnNNn9LKop1rBdEvEhkDLq3NMnCBQc3aZ%2Fvho0XlxtcTCYUlEbbjXrDSsYWSgQ6e7fZmrbc0oxJwp2PqXhXa1De%2FQz%2BtF2Az3Fv0FMV1ERxaHPkC6MKJtmOyQF60bWFgFzGNjc0Wwk%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 89dc9b0e4c7f94f3-LHR
  • flag-us
    GET
    https://static.hugedomains.com/images/hdv3-img/safesmallico.png
    regver.exe
    Remote address:
    104.26.6.37:443
    Request
    GET /images/hdv3-img/safesmallico.png HTTP/1.1
    Accept: */*
    Referer: https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: static.hugedomains.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 04 Jul 2024 05:09:53 GMT
    Content-Type: image/png
    Content-Length: 875
    Connection: keep-alive
    Access-Control-Allow-Origin: *
    Cf-Bgj: imgq:100,h2pri
    Cf-Polished: origSize=2582
    ETag: "71c9a4e073cfd71:0"
    Last-Modified: Mon, 01 Nov 2021 22:57:42 GMT
    X-Powered-By: ASP.NET
    Cache-Control: max-age=14400
    CF-Cache-Status: HIT
    Age: 2590
    Accept-Ranges: bytes
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2Fh9JzacDfVHHydoOD9bgf76usnwNEc3HchNRnX8hg93hZKQ2Sr1JRtfFklx3vZRjNaFUP0GdaZO31xG7XwehdX1F0jpyskiC5E1QwQ97QDGwdOXTW7E5Vhsu%2Bc0ETeX%2BEk5n9PzyHM%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 89dc9b0e9cb194f3-LHR
  • flag-us
    GET
    https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js
    regver.exe
    Remote address:
    104.22.58.91:443
    Request
    GET /client_data/e71bc53f1cb88666d160c1e2/script.js HTTP/1.1
    Accept: */*
    Referer: https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: cdn-cookieyes.com
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Date: Thu, 04 Jul 2024 05:09:52 GMT
    Content-Type: application/javascript
    Content-Length: 34323
    Connection: keep-alive
    last-modified: Sun, 23 Jun 2024 00:35:14 GMT
    etag: "183af-61b83d685c15f-gzip"
    vary: Accept-Encoding
    Content-Encoding: gzip
    access-control-allow-origin: *
    access-control-allow-methods: GET, OPTIONS
    Cache-Control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
    CF-Cache-Status: HIT
    Age: 362047
    Accept-Ranges: bytes
    Server: cloudflare
    CF-RAY: 89dc9b0cdf130c3b-AMS
  • flag-us
    DNS
    c.pki.goog
    regver.exe
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    172.217.169.67
  • flag-us
    DNS
    c.pki.goog
    regver.exe
    Remote address:
    8.8.8.8:53
    Request
    c.pki.goog
    IN A
    Response
    c.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    172.217.169.67
  • flag-gb
    GET
    http://c.pki.goog/r/r1.crl
    regver.exe
    Remote address:
    172.217.169.67:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Thu, 04 Jul 2024 04:36:54 GMT
    Expires: Thu, 04 Jul 2024 05:26:54 GMT
    Cache-Control: public, max-age=3000
    Age: 1978
    Last-Modified: Wed, 01 Nov 2023 07:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-gb
    GET
    http://c.pki.goog/r/r1.crl
    regver.exe
    Remote address:
    172.217.169.67:80
    Request
    GET /r/r1.crl HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: c.pki.goog
    Response
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
    Cross-Origin-Resource-Policy: cross-origin
    Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
    Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
    Content-Length: 854
    X-Content-Type-Options: nosniff
    Server: sffe
    X-XSS-Protection: 0
    Date: Thu, 04 Jul 2024 04:36:54 GMT
    Expires: Thu, 04 Jul 2024 05:26:54 GMT
    Cache-Control: public, max-age=3000
    Age: 1978
    Last-Modified: Wed, 01 Nov 2023 07:48:00 GMT
    Content-Type: application/pkix-crl
    Vary: Accept-Encoding
  • flag-us
    DNS
    o.pki.goog
    regver.exe
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    172.217.169.67
  • flag-us
    DNS
    o.pki.goog
    regver.exe
    Remote address:
    8.8.8.8:53
    Request
    o.pki.goog
    IN A
    Response
    o.pki.goog
    IN CNAME
    pki-goog.l.google.com
    pki-goog.l.google.com
    IN A
    172.217.169.67
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD6XznazuPu%2BxDsBhjsCTDO
    regver.exe
    Remote address:
    172.217.169.67:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD6XznazuPu%2BxDsBhjsCTDO HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 04 Jul 2024 04:48:11 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 1302
  • flag-gb
    GET
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCmrOqyXa%2F%2FgRBajssQLKXU
    regver.exe
    Remote address:
    172.217.169.67:80
    Request
    GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCmrOqyXa%2F%2FgRBajssQLKXU HTTP/1.1
    Connection: Keep-Alive
    Accept: */*
    User-Agent: Microsoft-CryptoAPI/6.1
    Host: o.pki.goog
    Response
    HTTP/1.1 200 OK
    Server: ocsp_responder
    Content-Length: 472
    X-XSS-Protection: 0
    X-Frame-Options: SAMEORIGIN
    Date: Thu, 04 Jul 2024 04:26:18 GMT
    Cache-Control: public, max-age=14400
    Content-Type: application/ocsp-response
    Age: 2615
  • flag-us
    GET
    https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css
    regver.exe
    Remote address:
    151.101.193.229:443
    Request
    GET /gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    Referer: https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: cdn.jsdelivr.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Connection: keep-alive
    Content-Length: 3096
    Access-Control-Allow-Origin: *
    Access-Control-Expose-Headers: *
    Timing-Allow-Origin: *
    Cache-Control: public, max-age=31536000, s-maxage=31536000, immutable
    Cross-Origin-Resource-Policy: cross-origin
    X-Content-Type-Options: nosniff
    Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
    Content-Type: text/css; charset=utf-8
    X-JSD-Version: 3.5.7
    X-JSD-Version-Type: version
    ETag: W/"31fb-G+m3m+AqHPxdlsSl4P649HK6vZU"
    Content-Encoding: gzip
    Accept-Ranges: bytes
    Date: Thu, 04 Jul 2024 05:10:10 GMT
    Age: 786185
    X-Served-By: cache-fra-eddf8230072-FRA, cache-lcy-eglc8600093-LCY
    X-Cache: HIT, HIT
    Vary: Accept-Encoding
    alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
  • flag-se
    GET
    https://use.typekit.net/zyw6mds.css
    regver.exe
    Remote address:
    184.31.15.74:443
    Request
    GET /zyw6mds.css HTTP/1.1
    Accept: */*
    Accept-Language: en-US
    Accept-Encoding: gzip, deflate
    Referer: https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
    Host: use.typekit.net
    Connection: Keep-Alive
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Content-Type: text/css;charset=utf-8
    Vary: Accept-Encoding
    Strict-Transport-Security: max-age=31536000; includeSubDomains;
    Timing-Allow-Origin: *
    Access-Control-Allow-Origin: *
    Cross-Origin-Resource-Policy: cross-origin
    Content-Encoding: gzip
    Content-Length: 588
    Date: Thu, 04 Jul 2024 05:10:17 GMT
    Connection: keep-alive
  • 3.130.204.160:80
    http://www.app-zilla.com/register_install_ppd.php
    http
    regver.exe
    782 B
     284 B
     5
    3

    HTTP Request

    GET http://www.app-zilla.com/register_install_ppd.php

    HTTP Response

    302
  • 104.26.6.37:443
    https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com
    tls, http
    regver.exe
    1.7kB
     16.8kB
     16
    24

    HTTP Request

    GET https://www.hugedomains.com/domain_profile.cfm?d=app-zilla.com

    HTTP Response

    200
  • 151.101.193.229:443
    cdn.jsdelivr.net
    tls
    regver.exe
    839 B
     5.5kB
     11
    12
  • 104.26.6.37:443
    https://static.hugedomains.com/images/hdv3-img/zero-side-ico.png
    tls, http
    regver.exe
    5.7kB
     57.0kB
     41
    63

    HTTP Request

    GET https://static.hugedomains.com/css/hdv3-css/style.css?aa=2021-06-09a

    HTTP Response

    200

    HTTP Request

    GET https://static.hugedomains.com/css/hdv3-css/hd-style.css?aa=2022-10-33

    HTTP Response

    200

    HTTP Request

    GET https://static.hugedomains.com/images/hdv3-img/hd-header-logo-v3.svg

    HTTP Response

    200

    HTTP Request

    GET https://static.hugedomains.com/images/hdv3-img/phone-icon.png

    HTTP Response

    200

    HTTP Request

    GET https://static.hugedomains.com/images/hdv3-img/cart.png

    HTTP Response

    200

    HTTP Request

    GET https://static.hugedomains.com/images/hdv3-img/roket-side-ico.png

    HTTP Response

    200

    HTTP Request

    GET https://static.hugedomains.com/images/hdv3-img/zero-side-ico.png

    HTTP Response

    200
  • 104.26.6.37:443
    https://static.hugedomains.com/images/hdv3-img/safesmallico.png
    tls, http
    regver.exe
    5.2kB
     31.6kB
     30
    38

    HTTP Request

    GET https://static.hugedomains.com/css/hdv3-css/reboot.min.css

    HTTP Response

    200

    HTTP Request

    GET https://static.hugedomains.com/css/hdv3-css/responsive.css?aa=2021-06-09a

    HTTP Response

    200

    HTTP Request

    GET https://static.hugedomains.com/css/hdv3-css/hd-style-print.css

    HTTP Response

    200

    HTTP Request

    GET https://static.hugedomains.com/images/hdv3-img/phone-icon-white.png

    HTTP Response

    200

    HTTP Request

    GET https://static.hugedomains.com/images/hdv3-img/favorite-header.png

    HTTP Response

    200

    HTTP Request

    GET https://static.hugedomains.com/images/hdv3-img/30daysmallico.png

    HTTP Response

    200

    HTTP Request

    GET https://static.hugedomains.com/images/hdv3-img/safesmallico.png

    HTTP Response

    200
  • 184.31.15.74:443
    use.typekit.net
    tls
    regver.exe
    850 B
     5.6kB
     12
    13
  • 104.22.58.91:443
    https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js
    tls, http
    regver.exe
    2.1kB
     43.9kB
     29
    44

    HTTP Request

    GET https://cdn-cookieyes.com/client_data/e71bc53f1cb88666d160c1e2/script.js

    HTTP Response

    200
  • 172.217.169.67:80
    http://c.pki.goog/r/r1.crl
    http
    regver.exe
    348 B
     1.7kB
     5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 172.217.169.67:80
    http://c.pki.goog/r/r1.crl
    http
    regver.exe
    348 B
     1.7kB
     5
    4

    HTTP Request

    GET http://c.pki.goog/r/r1.crl

    HTTP Response

    200
  • 172.217.169.67:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD6XznazuPu%2BxDsBhjsCTDO
    http
    regver.exe
    516 B
     1.6kB
     6
    4

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQD6XznazuPu%2BxDsBhjsCTDO

    HTTP Response

    200
  • 172.217.169.67:80
    http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCmrOqyXa%2F%2FgRBajssQLKXU
    http
    regver.exe
    518 B
     1.6kB
     6
    4

    HTTP Request

    GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCmrOqyXa%2F%2FgRBajssQLKXU

    HTTP Response

    200
  • 151.101.193.229:443
    cdn.jsdelivr.net
    tls
    regver.exe
    606 B
     544 B
     7
    7
  • 184.31.15.74:443
    use.typekit.net
    tls
    regver.exe
    830 B
     5.5kB
     11
    12
  • 151.101.193.229:443
    https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css
    tls, http
    regver.exe
    1.3kB
     4.9kB
     10
    12

    HTTP Request

    GET https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css

    HTTP Response

    200
  • 184.31.15.74:443
    https://use.typekit.net/zyw6mds.css
    tls, http
    regver.exe
    1.4kB
     6.5kB
     13
    13

    HTTP Request

    GET https://use.typekit.net/zyw6mds.css

    HTTP Response

    200
  • 8.8.8.8:53
    www.app-zilla.com
    dns
    regver.exe
    63 B
     193 B
     1
    1

    DNS Request

    www.app-zilla.com

    DNS Response

    3.130.204.160
    3.130.253.23

  • 8.8.8.8:53
    www.hugedomains.com
    dns
    regver.exe
    65 B
     113 B
     1
    1

    DNS Request

    www.hugedomains.com

    DNS Response

    104.26.6.37
    104.26.7.37
    172.67.70.191

  • 8.8.8.8:53
    cdn-cookieyes.com
    dns
    regver.exe
    63 B
     111 B
     1
    1

    DNS Request

    cdn-cookieyes.com

    DNS Response

    104.22.58.91
    172.67.20.8
    104.22.59.91

  • 8.8.8.8:53
    cdn.jsdelivr.net
    dns
    regver.exe
    62 B
     160 B
     1
    1

    DNS Request

    cdn.jsdelivr.net

    DNS Response

    151.101.193.229
    151.101.1.229
    151.101.65.229
    151.101.129.229

  • 8.8.8.8:53
    use.typekit.net
    dns
    regver.exe
    61 B
     169 B
     1
    1

    DNS Request

    use.typekit.net

    DNS Response

    184.31.15.74
    184.31.15.40

  • 8.8.8.8:53
    static.hugedomains.com
    dns
    regver.exe
    68 B
     116 B
     1
    1

    DNS Request

    static.hugedomains.com

    DNS Response

    104.26.6.37
    172.67.70.191
    104.26.7.37

  • 8.8.8.8:53
    c.pki.goog
    dns
    regver.exe
    56 B
     107 B
     1
    1

    DNS Request

    c.pki.goog

    DNS Response

    172.217.169.67

  • 8.8.8.8:53
    c.pki.goog
    dns
    regver.exe
    56 B
     107 B
     1
    1

    DNS Request

    c.pki.goog

    DNS Response

    172.217.169.67

  • 8.8.8.8:53
    o.pki.goog
    dns
    regver.exe
    56 B
     107 B
     1
    1

    DNS Request

    o.pki.goog

    DNS Response

    172.217.169.67

  • 8.8.8.8:53
    o.pki.goog
    dns
    regver.exe
    56 B
     107 B
     1
    1

    DNS Request

    o.pki.goog

    DNS Response

    172.217.169.67

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1
    Filesize

    867B

    MD5

    c5dfb849ca051355ee2dba1ac33eb028

    SHA1

    d69b561148f01c77c54578c10926df5b856976ad

    SHA256

    cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b

    SHA512

    88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    713053f1d9d830200590e33b9663faa1

    SHA1

    781f3ab5ed9abe40d196475f7a1b2d889fe38b1f

    SHA256

    ca024eb756b2736e19418d2360b7709b7416dae7b84fe01f431aa87db8947ab0

    SHA512

    aa58ff8a1febe8123e4d59bea5f40d8753c8275ec4bac73d3f07b9624afbe387c2f961fcac38b5485deb47472fa50d4d8d637f35c3f67f627647362117a6bbbc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e7bdc3a77a3653a7f89fc895afa17e83

    SHA1

    325fb48d219c83a49c9cb99874553927a5139fa3

    SHA256

    7c5c26d7983dbead62fa90a385d409e341a7e885b5d2848d470a8d07b67650c5

    SHA512

    6e9c4b5b3db4fe1b89c7a30e1de41537d833434477875ca34100bbfddf6f0e3d4f203ff414e88295585f186113991746930f5837f21f767e56b0d5875de17783

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    605834c627fcc3354797103e119de2a5

    SHA1

    d87e1d0a743335c78cdbdc0496c9030e168f0fef

    SHA256

    4472f42e42bf54ba9c408acac2f7fd531fa7837cd8378bfd39c0d151a688fe1a

    SHA512

    a0eab166c795fb85509ae6395e2a50a05bc06e779d1f487a0062ce2b5a52dd39b23171d87a2ede87021f07a5d8dfd1c52c9af0e1e7dca5527f053a8186e42c75

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a033430426b6fe4798ae6cc179734192

    SHA1

    9914c6ea6c56ddbfaeb9f261ce647508dcc6241f

    SHA256

    b63e28499a943dae8ab5bf4a4a39253ec63ecc2016f4b1e01a1819063e3ec098

    SHA512

    861c6f5096155f5cd822075f2a9234389a34418796742bd100de6b410822bc97f2524cea8d7e6a97b391106bdeee6f0c7928c245ed6c9068cb2a4d891336e748

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    84a8209d5ab4cf7ce129285acfb937d1

    SHA1

    d90571462e7876df8e85b5f4f297432dd6648ae2

    SHA256

    c5c3f37c1ed5094ed7a125405002d63aea4f0c9de118e4297c7791a9065c412c

    SHA512

    eae39068b0fa1a978dc66872edaa7c8c43c111454b7112d609976abb4d603b1fcf428a9d9e4ebd3403fbaa8b27d2992162ee6d832f7693276a12cd6f0e543810

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    625c88761781f6864e21c7a7100c1dfa

    SHA1

    a9c8ae81ef0b0a8f9a4b1990059ad7a04cae671c

    SHA256

    8cb641cce6ac7cfeba6de0863afb04113b9a1f67d1b2aaba7ec45374468ef1b6

    SHA512

    c83e8390ffe409ad0acf41eee0934fb159785968671d061e50cdbf2afb7e344b8aa52c759d10425d45f95cc32327f476eb939dd4bab3993e59a3024804f87be9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    783a8e9ca7161e3ccbd665bb0c2f26c8

    SHA1

    cdbc72920d5caa829f45bc24c63a573d807a8102

    SHA256

    dfd83a3f50cb19b0e2c2c226c26290837793cba70e081063bc8d2d548d39c92f

    SHA512

    276190213ee73a205a3c261d0b591f1f5b32c44623e2d76dfa26ca25abdada2a73826e496ce40a152319e580ccf0d742cf4b09d57f7be7d396e073ec9aa22310

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    a0c6e87eeec3f95b94564bfc94e7bd02

    SHA1

    125be89c8ad248182d46cd257a0d9502a2375521

    SHA256

    9e48fff5a2cf3a381b80233df28d30542f90873c8e03bb1448699d34fcc7f17f

    SHA512

    5cbdfbf4dec1fb083104df257b50ef7f9c32d6d19008883519b2f52a7f495dbb805436158f480171ee5c426da19516aa88750e3f90686db4167ae5bd17daf837

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    33a035ba6021f8519c850b9fca518895

    SHA1

    5af3abdf96ff3bae2a03ea26bc89cfd4f564c70e

    SHA256

    3d3a7267f491fe7292b1820e2259b1c62f95d04959a5396ff15513bec5dcfa76

    SHA512

    5b68d56a7b4de206b2fb93b60a31e8b1cc797b2839fe19e8dc941cbac1bc798cd708233f4d2e125d999add9160a506ea47a8244497bfb2ef9e3f7b07849b5f2d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    afd7b2ed2c659b8c66151dff1208eae1

    SHA1

    da8fbf3d81180a126271e3add9c6da71bdff8755

    SHA256

    a9bbf53abec38a4eee4e5ce00e229bd840a2bdfed3544e38d8a7f5fa95c25b8d

    SHA512

    a5e589e9e8cf7ccc68a1b9859fbadbf4a28c8a20f41d79cf358113064caf11bebea2d9079f63770147a3fa0b892f9f4c36ebf3baa3158dbc00271895e9826ead

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1
    Filesize

    242B

    MD5

    c1a25e71c72599595a02117301fa5342

    SHA1

    3408e207b907396ec86795c66246999c1ea4de65

    SHA256

    0405e657cc2ba1ce42a06f6fea88f4ad33e65113aaa2f01bca2fb6b6894e0d3b

    SHA512

    4136210266dbe04b18e833cdd2e2065df876a37c043e7cd32a6d215dc8c44982bcca871d3f5beba86c44ab946543117c7d17fb301ec40decb6c8c349e2d279bb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab17C7.tmp
    Filesize

    67KB

    MD5

    2d3dcf90f6c99f47e7593ea250c9e749

    SHA1

    51be82be4a272669983313565b4940d4b1385237

    SHA256

    8714e7be9f9b6de26673d9d09bd4c9f41b1b27ae10b1d56a7ad83abd7430ebd4

    SHA512

    9c11dd7d448ffebe2167acde37be77d42175edacf5aaf6fb31d3bdfe6bb1f63f5fdbc9a0a2125ed9d5ce0529b6b548818c8021532e1ea6b324717cc9bec0aaa5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar1889.tmp
    Filesize

    160KB

    MD5

    7186ad693b8ad9444401bd9bcd2217c2

    SHA1

    5c28ca10a650f6026b0df4737078fa4197f3bac1

    SHA256

    9a71fa0cb44aa51412b16a0bf83a275977ba4e807d022f78364338b99b3a3eed

    SHA512

    135be0e6370fd057762c56149526f46bf6a62fb65ef5b3b26ae01fa07b4c4e37188e203bd3812f31e260ec5cccff5924633dd55ab17e9fa106479783c2fb212b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.