Analysis

  • max time kernel
    134s
  • max time network
    137s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    01-08-2024 18:03

General

  • Target

    Battly-Launcher-Windows.exe

  • Size

    112.1MB

  • MD5

    03696da629e834c395f699847326448a

  • SHA1

    3529afa76451ed5beeeb0bb4a31f7cc8bc463aa6

  • SHA256

    9d8763451c2bd900dbf10e3cdb16132ec706b8e13dbd563aa15835d5b2d8cc4d

  • SHA512

    fca0ef778b3ab13cf01e3d39d4c7eb4a587f600ed8d5ab10a03a3061178609dc13a75f6cc736ec27ed9f40a2a554030217cc91a8bf982d42f460585102f1969b

  • SSDEEP

    3145728:SJcuNt6i+X0MdTUPo+YFawtU4odzp7emMT:qcuN7+QYFjmPztemE

Score
7/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 2 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 5 IoCs
  • Loads dropped DLL 13 IoCs
  • Drops file in Windows directory 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Modifies Internet Explorer settings 1 TTPs 2 IoCs
  • Modifies registry class 64 IoCs
  • Runs net.exe
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious behavior: MapViewOfSection 4 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 54 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Battly-Launcher-Windows.exe
    "C:\Users\Admin\AppData\Local\Temp\Battly-Launcher-Windows.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:4592
    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\Battly Launcher.exe
      "C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\Battly Launcher.exe"
      2⤵
      • Checks computer location settings
      • Executes dropped EXE
      • Loads dropped DLL
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of WriteProcessMemory
      PID:3420
      • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\Battly Launcher.exe
        "C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\Battly Launcher.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\Battly Launcher Installer" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1604 --field-trial-handle=1608,i,4085865732201800917,7409638647901136970,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:2
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:4668
      • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\Battly Launcher.exe
        "C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\Battly Launcher.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\Battly Launcher Installer" --mojo-platform-channel-handle=2192 --field-trial-handle=1608,i,4085865732201800917,7409638647901136970,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:3
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        PID:3980
      • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\Battly Launcher.exe
        "C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\Battly Launcher.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Battly Launcher Installer" --app-path="C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app" --no-sandbox --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2868 --field-trial-handle=1608,i,4085865732201800917,7409638647901136970,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:1
        3⤵
        • Checks computer location settings
        • Executes dropped EXE
        • Loads dropped DLL
        PID:4772
      • C:\Windows\system32\cmd.exe
        C:\Windows\system32\cmd.exe /d /s /c "NET SESSION"
        3⤵
        • Suspicious use of WriteProcessMemory
        PID:5112
        • C:\Windows\system32\net.exe
          NET SESSION
          4⤵
          • Suspicious use of WriteProcessMemory
          PID:4180
          • C:\Windows\system32\net1.exe
            C:\Windows\system32\net1 SESSION
            5⤵
              PID:4672
        • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\Battly Launcher.exe
          "C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\Battly Launcher.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --user-data-dir="C:\Users\Admin\AppData\Roaming\Battly Launcher Installer" --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2220 --field-trial-handle=1608,i,4085865732201800917,7409638647901136970,262144 --enable-features=kWebSQLAccess --disable-features=SpareRendererForSitePerProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version /prefetch:8
          3⤵
          • Executes dropped EXE
          • Loads dropped DLL
          • Suspicious behavior: EnumeratesProcesses
          PID:3460
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:5104
    • C:\Windows\system32\browser_broker.exe
      C:\Windows\system32\browser_broker.exe -Embedding
      1⤵
      • Modifies Internet Explorer settings
      PID:4584
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Modifies registry class
      • Suspicious behavior: MapViewOfSection
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:3360
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Modifies Internet Explorer settings
      • Modifies registry class
      PID:2588
    • C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
      "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
      1⤵
      • Drops file in Windows directory
      • Modifies registry class
      PID:3620

    Network

    • flag-us
      DNS
      95.27.250.142.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      95.27.250.142.in-addr.arpa
      IN PTR
      Response
      95.27.250.142.in-addr.arpa
      IN PTR
      ra-in-f951e100net
    • flag-us
      DNS
      94.102.250.142.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      94.102.250.142.in-addr.arpa
      IN PTR
      Response
      94.102.250.142.in-addr.arpa
      IN PTR
      rb-in-f941e100net
    • flag-us
      DNS
      dns.google
      Battly Launcher.exe
      Remote address:
      8.8.8.8:53
      Request
      dns.google
      IN A
      Response
      dns.google
      IN A
      8.8.8.8
      dns.google
      IN A
      8.8.4.4
    • flag-us
      DNS
      dns.google
      Battly Launcher.exe
      Remote address:
      8.8.8.8:53
      Request
      dns.google
      IN Unknown
      Response
    • flag-us
      DNS
      dns.google
      Battly Launcher.exe
      Remote address:
      8.8.8.8:53
      Request
      dns.google
      IN A
      Response
      dns.google
      IN A
      8.8.8.8
      dns.google
      IN A
      8.8.4.4
    • flag-us
      DNS
      dns.google
      Battly Launcher.exe
      Remote address:
      8.8.8.8:53
      Request
      dns.google
      IN Unknown
      Response
    • flag-us
      DNS
      210.156.26.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      210.156.26.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      net.geo.opera.com
      Battly Launcher.exe
      Remote address:
      8.8.8.8:53
      Request
      net.geo.opera.com
      IN A
      Response
      net.geo.opera.com
      IN CNAME
      eu.net.opera.com
      eu.net.opera.com
      IN A
      185.26.182.111
      eu.net.opera.com
      IN A
      185.26.182.112
    • flag-us
      DNS
      github.com
      Battly Launcher.exe
      Remote address:
      8.8.8.8:53
      Request
      github.com
      IN A
      Response
      github.com
      IN A
      20.26.156.215
    • flag-us
      DNS
      111.182.26.185.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      111.182.26.185.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      215.156.26.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      215.156.26.20.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      battlylauncher.com
      MicrosoftEdge.exe
      Remote address:
      8.8.8.8:53
      Request
      battlylauncher.com
      IN A
      Response
      battlylauncher.com
      IN A
      172.67.216.146
      battlylauncher.com
      IN A
      104.21.86.75
    • flag-us
      DNS
      75.86.21.104.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      75.86.21.104.in-addr.arpa
      IN PTR
      Response
    • flag-us
      GET
      https://battlylauncher.com/claim?code=undefined
      MicrosoftEdgeCP.exe
      Remote address:
      172.67.216.146:443
      Request
      GET /claim?code=undefined HTTP/2.0
      host: battlylauncher.com
      accept: text/html, application/xhtml+xml, image/jxr, */*
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 302
      date: Thu, 01 Aug 2024 18:07:32 GMT
      content-type: text/html; charset=utf-8
      x-powered-by: Express
      access-control-allow-origin: *
      access-control-allow-credentials: true
      location: /login?redirect=/claim?code=undefined
      vary: Accept
      set-cookie: connect.sid=s%3AnY6XfaGROV0qvfvIa37ZBfJApZT3TM57.aftqfEYlk29wW00bLnSramznrW3bg%2ForQdK%2B4ug%2Fctk; Path=/; HttpOnly
      cf-cache-status: DYNAMIC
      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lo6EiABn734nTpjew7%2F9DTSY1gQzdaWzSGfiuxS4WsEKSZil1%2FKxNfwH3tCj7ZKg07xGPCbJeLzUpc%2BjWdHV6rFD0MystOoozbq1Keq9msvxkQuiqUeLN6b5wENMz1ppR8yerL4%3D"}],"group":"cf-nel","max_age":604800}
      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      server: cloudflare
      cf-ray: 8ac7c4b2fc3f71da-LHR
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://battlylauncher.com/login?redirect=/claim?code=undefined
      MicrosoftEdgeCP.exe
      Remote address:
      172.67.216.146:443
      Request
      GET /login?redirect=/claim?code=undefined HTTP/2.0
      host: battlylauncher.com
      accept: text/html, application/xhtml+xml, image/jxr, */*
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: connect.sid=s%3AnY6XfaGROV0qvfvIa37ZBfJApZT3TM57.aftqfEYlk29wW00bLnSramznrW3bg%2ForQdK%2B4ug%2Fctk
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 18:07:32 GMT
      content-type: text/html; charset=utf-8
      x-powered-by: Express
      access-control-allow-origin: *
      access-control-allow-credentials: true
      cf-cache-status: DYNAMIC
      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r699SS8HJioZrgTjcV1RD9qOvZuhKQ7%2B4mq5k5q%2FmtrJs4EHXdSO4mgtLH78lsDkNeNvFmibBPV8a6%2FXsXNMYCb%2BIZfjbMhilaX8tlXlFYIE7oPS9zmQ0aoAAI7al4rh53MYJ%2Fk%3D"}],"group":"cf-nel","max_age":604800}
      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      server: cloudflare
      cf-ray: 8ac7c4b45dc571da-LHR
      content-encoding: br
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://battlylauncher.com/assets/css/estilo_home.css
      MicrosoftEdgeCP.exe
      Remote address:
      172.67.216.146:443
      Request
      GET /assets/css/estilo_home.css HTTP/2.0
      host: battlylauncher.com
      accept: text/css, */*
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: connect.sid=s%3AnY6XfaGROV0qvfvIa37ZBfJApZT3TM57.aftqfEYlk29wW00bLnSramznrW3bg%2ForQdK%2B4ug%2Fctk
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 18:07:32 GMT
      content-type: application/javascript
      last-modified: Tue, 30 Jul 2024 21:56:14 GMT
      etag: W/"66a9617e-4d7"
      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jVfBfJ6YF27k7IBLmc9yY86%2B1qQTzAYmND%2F4WoxwUly8Hrixef0jvkhJ0hQcCbfWWpNxPOM4oUS13ARFzh4VexMWMj1Q%2BUb5YziO3AKwTAwGxYwk%2Ff36hAz8D7MRCZ8%2Fx5JEr6s%3D"}],"group":"cf-nel","max_age":604800}
      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      vary: Accept-Encoding
      server: cloudflare
      cf-ray: 8ac7c4b56eb971da-LHR
      x-frame-options: DENY
      x-content-type-options: nosniff
      expires: Sat, 03 Aug 2024 18:07:32 GMT
      cache-control: max-age=172800
      cache-control: public
      content-encoding: gzip
    • flag-us
      GET
      https://battlylauncher.com/assets/css/estilo_login.css
      MicrosoftEdgeCP.exe
      Remote address:
      172.67.216.146:443
      Request
      GET /assets/css/estilo_login.css HTTP/2.0
      host: battlylauncher.com
      accept: text/css, */*
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: connect.sid=s%3AnY6XfaGROV0qvfvIa37ZBfJApZT3TM57.aftqfEYlk29wW00bLnSramznrW3bg%2ForQdK%2B4ug%2Fctk
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 18:07:32 GMT
      content-type: application/javascript; charset=UTF-8
      x-powered-by: Express
      cache-control: public, max-age=120
      last-modified: Tue, 28 May 2024 22:28:22 GMT
      etag: W/"748-18fc1519b70"
      cf-cache-status: REVALIDATED
      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nNP8uS%2BxjPLS6xKOl%2FGOJYX5%2FKI9bbr3DJDePI4ox0JlSB%2FbY45mHg6nY4dxuUd%2FK1dWUMN2VPNz2ivPos5XOnFSdimGbwDKjqX71L%2B20TiaUlccniliRMuUNDNKkCWOUfwMjtM%3D"}],"group":"cf-nel","max_age":604800}
      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      vary: Accept-Encoding
      server: cloudflare
      cf-ray: 8ac7c4b50e7a71da-LHR
      content-encoding: br
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://battlylauncher.com/assets/js/script-home.js
      MicrosoftEdgeCP.exe
      Remote address:
      172.67.216.146:443
      Request
      GET /assets/js/script-home.js HTTP/2.0
      host: battlylauncher.com
      accept: application/javascript, */*;q=0.8
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: connect.sid=s%3AnY6XfaGROV0qvfvIa37ZBfJApZT3TM57.aftqfEYlk29wW00bLnSramznrW3bg%2ForQdK%2B4ug%2Fctk
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 18:07:32 GMT
      content-type: text/css; charset=UTF-8
      x-powered-by: Express
      cache-control: public, max-age=120
      last-modified: Fri, 26 Apr 2024 19:56:46 GMT
      etag: W/"d6b-18f1bfb5030"
      cf-cache-status: REVALIDATED
      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fLhPxa3yGuk%2BQSvmimzpVx9G4ncBqOBQ3YhWsAN7yIHZzWsPbZevRsaecXaqrApWlU5Xy9oQ6S4BNt8h%2FwYrQ9xW1oHhhZDemlZzmqxCNEmdET0wCvBD2nQYl%2BpLPOdBepgwhDI%3D"}],"group":"cf-nel","max_age":604800}
      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      vary: Accept-Encoding
      server: cloudflare
      cf-ray: 8ac7c4b50e7571da-LHR
      content-encoding: br
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://battlylauncher.com/assets/img/logo_500.png
      MicrosoftEdgeCP.exe
      Remote address:
      172.67.216.146:443
      Request
      GET /assets/img/logo_500.png HTTP/2.0
      host: battlylauncher.com
      accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: connect.sid=s%3AnY6XfaGROV0qvfvIa37ZBfJApZT3TM57.aftqfEYlk29wW00bLnSramznrW3bg%2ForQdK%2B4ug%2Fctk
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 18:07:32 GMT
      content-type: text/css; charset=UTF-8
      cache-control: public, max-age=120
      cf-bgj: minify
      cf-polished: origSize=183683
      etag: W/"2cd83-189b7206970"
      last-modified: Wed, 02 Aug 2023 16:41:42 GMT
      x-powered-by: Express
      cf-cache-status: REVALIDATED
      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5m2aRsruZIRD5j2MlTTxN5UwLXlS0qTcaczB5KUjyGvzEv9d7%2F2jdnpUVBR1ZtisOrEYsTuzwSwM1cilY636Un%2FxExwvIlktfmoQHkN5%2BfKIgzdPu%2FyK6pgJta3xMZ%2FigzHU%2BcI%3D"}],"group":"cf-nel","max_age":604800}
      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      vary: Accept-Encoding
      server: cloudflare
      cf-ray: 8ac7c4b50e7371da-LHR
      content-encoding: br
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://battlylauncher.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
      MicrosoftEdgeCP.exe
      Remote address:
      172.67.216.146:443
      Request
      GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/2.0
      host: battlylauncher.com
      accept: application/javascript, */*;q=0.8
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: connect.sid=s%3AnY6XfaGROV0qvfvIa37ZBfJApZT3TM57.aftqfEYlk29wW00bLnSramznrW3bg%2ForQdK%2B4ug%2Fctk
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 18:07:32 GMT
      content-type: application/javascript; charset=UTF-8
      cache-control: public, max-age=120
      cf-bgj: minify
      cf-polished: origSize=2662
      etag: W/"a66-18f1be71098"
      last-modified: Fri, 26 Apr 2024 19:34:39 GMT
      x-powered-by: Express
      cf-cache-status: REVALIDATED
      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JHd%2BlgUux04GBSRak8ThsnsGlEyypdfGfLrza91nR9k7ZnBYQq3gBqtwycoRJN7ObHWyhiqf6R0d9147Co4iIbeRKJXTKZe%2Bt%2Ff7wwkIeMZREQSFZo959AqMsaxB0K%2BXOlpxKLY%3D"}],"group":"cf-nel","max_age":604800}
      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      vary: Accept-Encoding
      server: cloudflare
      cf-ray: 8ac7c4b56ebb71da-LHR
      content-encoding: br
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://battlylauncher.com/assets/js/alert.js
      MicrosoftEdgeCP.exe
      Remote address:
      172.67.216.146:443
      Request
      GET /assets/js/alert.js HTTP/2.0
      host: battlylauncher.com
      accept: application/javascript, */*;q=0.8
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: connect.sid=s%3AnY6XfaGROV0qvfvIa37ZBfJApZT3TM57.aftqfEYlk29wW00bLnSramznrW3bg%2ForQdK%2B4ug%2Fctk
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 18:07:32 GMT
      content-type: image/png
      content-length: 38249
      x-powered-by: Express
      cache-control: public, max-age=120
      last-modified: Thu, 08 Feb 2024 20:59:34 GMT
      etag: W/"9569-18d8a84c6f0"
      cf-cache-status: REVALIDATED
      accept-ranges: bytes
      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KEBqHtSHW4x4raQN4rKjwBvfmQXIKMFYO1XC0jscnPmyBzWI1dIuAUJAbrJ6kYNSAn0qRDcHxDumaC%2F28NQ%2Fv0v8QR1WRdrTeRbikjmxzM44KuuB68Ly8RH9WrTnyY6xKyP35HE%3D"}],"group":"cf-nel","max_age":604800}
      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      vary: Accept-Encoding
      server: cloudflare
      cf-ray: 8ac7c4b56ebd71da-LHR
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://battlylauncher.com/assets/img/google.png
      MicrosoftEdgeCP.exe
      Remote address:
      172.67.216.146:443
      Request
      GET /assets/img/google.png HTTP/2.0
      host: battlylauncher.com
      accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: connect.sid=s%3AnY6XfaGROV0qvfvIa37ZBfJApZT3TM57.aftqfEYlk29wW00bLnSramznrW3bg%2ForQdK%2B4ug%2Fctk
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 18:07:32 GMT
      content-type: image/png
      content-length: 26585
      x-powered-by: Express
      cache-control: public, max-age=120
      last-modified: Fri, 15 Sep 2023 21:21:57 GMT
      etag: W/"67d9-18a9ab8cd08"
      cf-cache-status: REVALIDATED
      accept-ranges: bytes
      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3aSoMp2qijve%2BHICM2iXVDk1wcT67yoYfgCLgYszHjvPu4gb7aZPxgKLN%2FEVj5wMWy76x5fd2h9koMgIzOfGLnyy06Xkri50tNMdqgKgxV5Wmeg1R5DwQS5XIjCu1ng3Xu5ZLk%3D"}],"group":"cf-nel","max_age":604800}
      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      vary: Accept-Encoding
      server: cloudflare
      cf-ray: 8ac7c4b55ea771da-LHR
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://battlylauncher.com/assets/img/5.jpg
      MicrosoftEdgeCP.exe
      Remote address:
      172.67.216.146:443
      Request
      GET /assets/img/5.jpg HTTP/2.0
      host: battlylauncher.com
      accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: connect.sid=s%3AnY6XfaGROV0qvfvIa37ZBfJApZT3TM57.aftqfEYlk29wW00bLnSramznrW3bg%2ForQdK%2B4ug%2Fctk
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 18:07:35 GMT
      content-type: image/jpeg
      content-length: 850580
      x-powered-by: Express
      cache-control: public, max-age=120
      last-modified: Thu, 03 Aug 2023 22:03:39 GMT
      etag: W/"cfa94-189bd6d8678"
      cf-cache-status: REVALIDATED
      accept-ranges: bytes
      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IzjYhExSPYsLfp7TCPe3JZ99%2FWm2J7194A3h5lM9g2jy4U1LCRjefcMU7Eemi4aPxeo2wN1yCc4W7%2FNbvGgB%2FNdZHH30rQcI13SisFnqbt4DESFjJ1DFNyL1w%2BeepX0ypWuGohU%3D"}],"group":"cf-nel","max_age":604800}
      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      vary: Accept-Encoding
      server: cloudflare
      cf-ray: 8ac7c4c49f6271da-LHR
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://battlylauncher.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
      MicrosoftEdgeCP.exe
      Remote address:
      172.67.216.146:443
      Request
      GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/2.0
      host: battlylauncher.com
      accept: application/javascript, */*;q=0.8
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      cookie: connect.sid=s%3AnY6XfaGROV0qvfvIa37ZBfJApZT3TM57.aftqfEYlk29wW00bLnSramznrW3bg%2ForQdK%2B4ug%2Fctk
      Response
      HTTP/2.0 302
      date: Thu, 01 Aug 2024 18:07:35 GMT
      content-length: 0
      location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
      cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
      access-control-allow-origin: *
      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z5O7sXU1DIA8yCdzwswolSoRjTaIYSNK1hDlcvajW%2F0CuH0alID76bljjx7vBP7tC%2BSete7MN6XN0TTo7bU5cM3ptZW0zaOThe4zsJDclZ%2Fcn0DRcRA6bt%2FdCAbR4l4lOvvMOUQ%3D"}],"group":"cf-nel","max_age":604800}
      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      vary: Accept-Encoding
      server: cloudflare
      cf-ray: 8ac7c4c84c1871da-LHR
      alt-svc: h3=":443"; ma=86400
    • flag-us
      DNS
      objects.githubusercontent.com
      Battly Launcher.exe
      Remote address:
      8.8.8.8:53
      Request
      objects.githubusercontent.com
      IN A
      Response
      objects.githubusercontent.com
      IN A
      185.199.109.133
      objects.githubusercontent.com
      IN A
      185.199.110.133
      objects.githubusercontent.com
      IN A
      185.199.108.133
      objects.githubusercontent.com
      IN A
      185.199.111.133
    • flag-us
      DNS
      146.216.67.172.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      146.216.67.172.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      146.216.67.172.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      146.216.67.172.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      146.216.67.172.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      146.216.67.172.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      c.pki.goog
      MicrosoftEdge.exe
      Remote address:
      8.8.8.8:53
      Request
      c.pki.goog
      IN A
      Response
      c.pki.goog
      IN CNAME
      pki-goog.l.google.com
      pki-goog.l.google.com
      IN A
      142.250.27.94
    • flag-nl
      GET
      http://c.pki.goog/r/gsr1.crl
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.27.94:80
      Request
      GET /r/gsr1.crl HTTP/1.1
      Connection: Keep-Alive
      Accept: */*
      User-Agent: Microsoft-CryptoAPI/10.0
      Host: c.pki.goog
      Response
      HTTP/1.1 200 OK
      Accept-Ranges: bytes
      Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
      Cross-Origin-Resource-Policy: cross-origin
      Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
      Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
      Content-Length: 1739
      X-Content-Type-Options: nosniff
      Server: sffe
      X-XSS-Protection: 0
      Date: Thu, 01 Aug 2024 17:37:07 GMT
      Expires: Thu, 01 Aug 2024 18:27:07 GMT
      Cache-Control: public, max-age=3000
      Age: 1825
      Last-Modified: Mon, 08 Jul 2024 07:38:00 GMT
      Content-Type: application/pkix-crl
      Vary: Accept-Encoding
    • flag-nl
      GET
      http://c.pki.goog/r/r4.crl
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.27.94:80
      Request
      GET /r/r4.crl HTTP/1.1
      Connection: Keep-Alive
      Accept: */*
      User-Agent: Microsoft-CryptoAPI/10.0
      Host: c.pki.goog
      Response
      HTTP/1.1 200 OK
      Accept-Ranges: bytes
      Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
      Cross-Origin-Resource-Policy: cross-origin
      Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
      Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
      Content-Length: 436
      X-Content-Type-Options: nosniff
      Server: sffe
      X-XSS-Protection: 0
      Date: Thu, 01 Aug 2024 17:38:28 GMT
      Expires: Thu, 01 Aug 2024 18:28:28 GMT
      Cache-Control: public, max-age=3000
      Age: 1744
      Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
      Content-Type: application/pkix-crl
      Vary: Accept-Encoding
    • flag-nl
      GET
      http://c.pki.goog/r/r1.crl
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.27.94:80
      Request
      GET /r/r1.crl HTTP/1.1
      Connection: Keep-Alive
      Accept: */*
      User-Agent: Microsoft-CryptoAPI/10.0
      Host: c.pki.goog
      Response
      HTTP/1.1 200 OK
      Accept-Ranges: bytes
      Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
      Cross-Origin-Resource-Policy: cross-origin
      Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
      Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
      Content-Length: 854
      X-Content-Type-Options: nosniff
      Server: sffe
      X-XSS-Protection: 0
      Date: Thu, 01 Aug 2024 17:44:06 GMT
      Expires: Thu, 01 Aug 2024 18:34:06 GMT
      Cache-Control: public, max-age=3000
      Age: 1407
      Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
      Content-Type: application/pkix-crl
      Vary: Accept-Encoding
    • flag-us
      DNS
      kit.fontawesome.com
      MicrosoftEdgeCP.exe
      Remote address:
      8.8.8.8:53
      Request
      kit.fontawesome.com
      IN A
      Response
      kit.fontawesome.com
      IN CNAME
      kit.fontawesome.com.cdn.cloudflare.net
      kit.fontawesome.com.cdn.cloudflare.net
      IN A
      104.18.19.62
      kit.fontawesome.com.cdn.cloudflare.net
      IN A
      104.18.18.62
    • flag-us
      DNS
      kit.fontawesome.com
      MicrosoftEdgeCP.exe
      Remote address:
      8.8.8.8:53
      Request
      kit.fontawesome.com
      IN A
    • flag-us
      DNS
      kit.fontawesome.com
      MicrosoftEdgeCP.exe
      Remote address:
      8.8.8.8:53
      Request
      kit.fontawesome.com
      IN A
    • flag-us
      DNS
      cdn.jsdelivr.net
      MicrosoftEdgeCP.exe
      Remote address:
      8.8.8.8:53
      Request
      cdn.jsdelivr.net
      IN A
      Response
      cdn.jsdelivr.net
      IN CNAME
      jsdelivr.map.fastly.net
      jsdelivr.map.fastly.net
      IN A
      151.101.65.229
      jsdelivr.map.fastly.net
      IN A
      151.101.193.229
      jsdelivr.map.fastly.net
      IN A
      151.101.129.229
      jsdelivr.map.fastly.net
      IN A
      151.101.1.229
    • flag-us
      DNS
      fundingchoicesmessages.google.com
      MicrosoftEdgeCP.exe
      Remote address:
      8.8.8.8:53
      Request
      fundingchoicesmessages.google.com
      IN A
      Response
      fundingchoicesmessages.google.com
      IN CNAME
      www3.l.google.com
      www3.l.google.com
      IN A
      142.250.27.100
      www3.l.google.com
      IN A
      142.250.27.101
      www3.l.google.com
      IN A
      142.250.27.138
      www3.l.google.com
      IN A
      142.250.27.139
      www3.l.google.com
      IN A
      142.250.27.102
      www3.l.google.com
      IN A
      142.250.27.113
    • flag-us
      DNS
      upload.wikimedia.org
      MicrosoftEdgeCP.exe
      Remote address:
      8.8.8.8:53
      Request
      upload.wikimedia.org
      IN A
      Response
      upload.wikimedia.org
      IN A
      185.15.59.240
    • flag-us
      GET
      https://cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.min.css
      MicrosoftEdgeCP.exe
      Remote address:
      151.101.65.229:443
      Request
      GET /npm/bulma@0.9.4/css/bulma.min.css HTTP/2.0
      host: cdn.jsdelivr.net
      accept: text/css, */*
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      access-control-allow-origin: *
      access-control-expose-headers: *
      timing-allow-origin: *
      cache-control: public, max-age=31536000, s-maxage=31536000, immutable
      cross-origin-resource-policy: cross-origin
      x-content-type-options: nosniff
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      content-type: text/css; charset=utf-8
      x-jsd-version: 0.9.4
      x-jsd-version-type: version
      etag: W/"329c6-nL+P0n9QpqJ97JxmCBpSBWnGeaQ"
      content-encoding: br
      accept-ranges: bytes
      date: Thu, 01 Aug 2024 18:07:34 GMT
      age: 4885348
      x-served-by: cache-fra-etou8220141-FRA, cache-lcy-eglc8600075-LCY
      x-cache: HIT, HIT
      vary: Accept-Encoding
      alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
      content-length: 29970
    • flag-us
      GET
      https://cdn.jsdelivr.net/npm/sweetalert2@11
      MicrosoftEdgeCP.exe
      Remote address:
      151.101.65.229:443
      Request
      GET /npm/sweetalert2@11 HTTP/2.0
      host: cdn.jsdelivr.net
      accept: application/javascript, */*;q=0.8
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      access-control-allow-origin: *
      access-control-expose-headers: *
      timing-allow-origin: *
      cache-control: public, max-age=604800, s-maxage=43200
      cross-origin-resource-policy: cross-origin
      x-content-type-options: nosniff
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      content-type: application/javascript; charset=utf-8
      x-jsd-version: 11.12.3
      x-jsd-version-type: version
      etag: W/"12d76-wYuz575IMdyzN84kOgs3ItEe4yg"
      content-encoding: br
      accept-ranges: bytes
      date: Thu, 01 Aug 2024 18:07:34 GMT
      age: 6234
      x-served-by: cache-fra-eddf8230029-FRA, cache-lcy-eglc8600075-LCY
      x-cache: HIT, HIT
      vary: Accept-Encoding
      alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
      content-length: 19552
    • flag-us
      DNS
      static.cloudflareinsights.com
      MicrosoftEdgeCP.exe
      Remote address:
      8.8.8.8:53
      Request
      static.cloudflareinsights.com
      IN A
      Response
      static.cloudflareinsights.com
      IN A
      104.16.79.73
      static.cloudflareinsights.com
      IN A
      104.16.80.73
    • flag-nl
      GET
      https://upload.wikimedia.org/wikipedia/commons/thumb/c/c1/Google_%22G%22_logo.svg/768px-Google_%22G%22_logo.svg.png
      MicrosoftEdgeCP.exe
      Remote address:
      185.15.59.240:443
      Request
      GET /wikipedia/commons/thumb/c/c1/Google_%22G%22_logo.svg/768px-Google_%22G%22_logo.svg.png HTTP/2.0
      host: upload.wikimedia.org
      accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 07:47:02 GMT
      etag: 60be6853186bb52edca433f629a026f9
      server: ATS/9.1.4
      content-type: image/png
      content-disposition: inline;filename*=UTF-8''Google_%22G%22_logo.svg.png
      last-modified: Sun, 23 Jun 2024 19:52:34 GMT
      content-length: 27620
      age: 37230
      x-cache: cp3080 hit, cp3080 hit/80
      x-cache-status: hit-front
      server-timing: cache;desc="hit-front", host;desc="cp3080"
      strict-transport-security: max-age=106384710; includeSubDomains; preload
      report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
      nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
      x-client-ip: 194.110.13.70
      x-content-type-options: nosniff
      access-control-allow-origin: *
      access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
      timing-allow-origin: *
      accept-ranges: bytes
    • flag-nl
      GET
      https://fundingchoicesmessages.google.com/i/pub-2325315275982779?ers=1
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.27.100:443
      Request
      GET /i/pub-2325315275982779?ers=1 HTTP/2.0
      host: fundingchoicesmessages.google.com
      accept: application/javascript, */*;q=0.8
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      content-type: application/javascript; charset=utf-8
      timing-allow-origin: *
      cache-control: no-cache, no-store, max-age=0, must-revalidate
      pragma: no-cache
      expires: Mon, 01 Jan 1990 00:00:00 GMT
      date: Thu, 01 Aug 2024 18:07:33 GMT
      content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self'
      content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
      cross-origin-resource-policy: cross-origin
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
      cross-origin-opener-policy: same-origin
      reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1ZBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQBid62LrP5AvCTiIuuBxIusBx9fZD0JxIYKl1jtgXh6_SXW-UAsxMPxdO76rWwCD3o3P2FU0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjEwNzbUMzCJLzAAAMuuQwI"
      content-encoding: gzip
      server: ESF
      x-xss-protection: 0
      x-frame-options: SAMEORIGIN
      x-content-type-options: nosniff
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-nl
      GET
      https://fundingchoicesmessages.google.com/b/pub-2325315275982779
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.27.100:443
      Request
      GET /b/pub-2325315275982779 HTTP/2.0
      host: fundingchoicesmessages.google.com
      accept: application/javascript, */*;q=0.8
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      content-type: application/javascript; charset=utf-8
      cache-control: no-cache, no-store, max-age=0, must-revalidate
      pragma: no-cache
      expires: Mon, 01 Jan 1990 00:00:00 GMT
      date: Thu, 01 Aug 2024 18:07:35 GMT
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
      content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self'
      cross-origin-opener-policy: same-origin
      permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
      cross-origin-resource-policy: cross-origin
      reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1pBiOHnrNtNFID7vdIfpOhBLfH3JpAbETukzWAOA2Kd-BmsUELfePMc6GYg_Pz7H-huIk_6dZy0AYneti6z-QLwk4iLrgcSLrAcfX2Q9CcSGCpdY7YF4ev0l1vlALMTN8Xzu-q1sAg1f59gqaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRiYGxvqGZjEFxgAAJJKR1I"
      content-encoding: gzip
      server: ESF
      x-xss-protection: 0
      x-frame-options: SAMEORIGIN
      x-content-type-options: nosniff
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-nl
      GET
      https://fundingchoicesmessages.google.com/el/AGSKWxUVIXwrs084ATBxA7rO2-GnaMwYBamrznVeZl-vGClseb3UqaCqD3buM8X0jo9Lgfym565_04sz8K0wWpQT99BvuA==
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.27.100:443
      Request
      GET /el/AGSKWxUVIXwrs084ATBxA7rO2-GnaMwYBamrznVeZl-vGClseb3UqaCqD3buM8X0jo9Lgfym565_04sz8K0wWpQT99BvuA== HTTP/2.0
      host: fundingchoicesmessages.google.com
      accept: */*
      origin: https://battlylauncher.com
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 204
      content-type: text/html; charset=utf-8
      access-control-allow-methods: POST, GET, OPTIONS
      access-control-max-age: 86400
      access-control-allow-origin: https://battlylauncher.com
      access-control-allow-credentials: true
      cache-control: no-cache, no-store, max-age=0, must-revalidate
      pragma: no-cache
      expires: Mon, 01 Jan 1990 00:00:00 GMT
      date: Thu, 01 Aug 2024 18:07:35 GMT
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
      content-security-policy: script-src 'unsafe-inline' https: http:;object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self'
      cross-origin-opener-policy: same-origin
      permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
      reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtDikmLw15BicEqfwRoAxJ8fn2P9DcTuWhdZ_YF4ScRF1gOJF1mn119inQ_EQjwcz-eu38om0LHkzV8mJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiYG5sqGdgHl9gAACKDDKq"
      server: ESF
      content-length: 0
      x-xss-protection: 0
      x-frame-options: SAMEORIGIN
      x-content-type-options: nosniff
      alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-us
      GET
      https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
      MicrosoftEdgeCP.exe
      Remote address:
      104.16.79.73:443
      Request
      GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/2.0
      host: static.cloudflareinsights.com
      accept: application/javascript, */*;q=0.8
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      origin: https://battlylauncher.com
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 18:07:32 GMT
      content-type: text/javascript;charset=UTF-8
      access-control-allow-origin: *
      cache-control: public, max-age=86400
      etag: W/"2024.6.1"
      last-modified: Thu, 06 Jun 2024 15:52:56 GMT
      cross-origin-resource-policy: cross-origin
      vary: Accept-Encoding
      server: cloudflare
      cf-ray: 8ac7c4b69d729412-LHR
      content-encoding: gzip
    • flag-us
      DNS
      172.210.232.199.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      172.210.232.199.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      172.210.232.199.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      172.210.232.199.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      133.109.199.185.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      133.109.199.185.in-addr.arpa
      IN PTR
      Response
      133.109.199.185.in-addr.arpa
      IN PTR
      cdn-185-199-109-133githubcom
    • flag-us
      DNS
      133.109.199.185.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      133.109.199.185.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      94.27.250.142.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      94.27.250.142.in-addr.arpa
      IN PTR
      Response
      94.27.250.142.in-addr.arpa
      IN PTR
      ra-in-f941e100net
    • flag-us
      DNS
      94.27.250.142.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      94.27.250.142.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      229.65.101.151.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      229.65.101.151.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      229.65.101.151.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      229.65.101.151.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      157.102.250.142.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      157.102.250.142.in-addr.arpa
      IN PTR
      Response
      157.102.250.142.in-addr.arpa
      IN PTR
      rb-in-f1571e100net
    • flag-us
      DNS
      157.102.250.142.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      157.102.250.142.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      100.27.250.142.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      100.27.250.142.in-addr.arpa
      IN PTR
      Response
      100.27.250.142.in-addr.arpa
      IN PTR
      ra-in-f1001e100net
    • flag-us
      DNS
      100.27.250.142.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      100.27.250.142.in-addr.arpa
      IN PTR
    • flag-us
      DNS
      o.pki.goog
      MicrosoftEdgeCP.exe
      Remote address:
      8.8.8.8:53
      Request
      o.pki.goog
      IN A
      Response
      o.pki.goog
      IN CNAME
      pki-goog.l.google.com
      pki-goog.l.google.com
      IN A
      142.250.27.94
    • flag-nl
      GET
      http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.27.94:80
      Request
      GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D HTTP/1.1
      Connection: Keep-Alive
      Accept: */*
      User-Agent: Microsoft-CryptoAPI/10.0
      Host: o.pki.goog
      Response
      HTTP/1.1 200 OK
      Server: ocsp_responder
      Content-Length: 471
      X-XSS-Protection: 0
      X-Frame-Options: SAMEORIGIN
      Date: Thu, 01 Aug 2024 18:03:14 GMT
      Cache-Control: public, max-age=14400
      Content-Type: application/ocsp-response
      Age: 259
    • flag-nl
      GET
      http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHvQOfnMl3BnEBjGqYCOwmQ%3D
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.27.94:80
      Request
      GET /wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHvQOfnMl3BnEBjGqYCOwmQ%3D HTTP/1.1
      Connection: Keep-Alive
      Accept: */*
      User-Agent: Microsoft-CryptoAPI/10.0
      Host: o.pki.goog
      Response
      HTTP/1.1 200 OK
      Server: ocsp_responder
      Content-Length: 471
      X-XSS-Protection: 0
      X-Frame-Options: SAMEORIGIN
      Date: Thu, 01 Aug 2024 17:21:49 GMT
      Cache-Control: public, max-age=14400
      Content-Type: application/ocsp-response
      Age: 2744
    • flag-nl
      GET
      http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCjHbN8Q48ByBJsBZfEZOeO
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.27.94:80
      Request
      GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCjHbN8Q48ByBJsBZfEZOeO HTTP/1.1
      Connection: Keep-Alive
      Accept: */*
      User-Agent: Microsoft-CryptoAPI/10.0
      Host: o.pki.goog
      Response
      HTTP/1.1 200 OK
      Server: ocsp_responder
      Content-Length: 472
      X-XSS-Protection: 0
      X-Frame-Options: SAMEORIGIN
      Date: Thu, 01 Aug 2024 17:51:54 GMT
      Cache-Control: public, max-age=14400
      Content-Type: application/ocsp-response
      Age: 939
    • flag-nl
      GET
      http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6
      MicrosoftEdgeCP.exe
      Remote address:
      142.250.27.94:80
      Request
      GET /wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6 HTTP/1.1
      Connection: Keep-Alive
      Accept: */*
      User-Agent: Microsoft-CryptoAPI/10.0
      Host: o.pki.goog
      Response
      HTTP/1.1 200 OK
      Server: ocsp_responder
      Content-Length: 472
      X-XSS-Protection: 0
      X-Frame-Options: SAMEORIGIN
      Date: Thu, 01 Aug 2024 18:02:56 GMT
      Cache-Control: public, max-age=14400
      Content-Type: application/ocsp-response
      Age: 278
    • flag-us
      DNS
      240.59.15.185.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      240.59.15.185.in-addr.arpa
      IN PTR
      Response
      240.59.15.185.in-addr.arpa
      IN PTR
      upload-lbesams wikimediaorg
    • flag-us
      DNS
      73.79.16.104.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      73.79.16.104.in-addr.arpa
      IN PTR
      Response
    • flag-us
      GET
      https://kit.fontawesome.com/bdec180db7.js
      MicrosoftEdgeCP.exe
      Remote address:
      104.18.19.62:443
      Request
      GET /bdec180db7.js HTTP/2.0
      host: kit.fontawesome.com
      accept: application/javascript, */*;q=0.8
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      origin: https://battlylauncher.com
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 18:07:35 GMT
      content-type: text/javascript
      access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
      access-control-allow-methods: GET, OPTIONS
      access-control-allow-origin: *
      access-control-max-age: 3000
      cache-control: max-age=60, public, stale-while-revalidate=30
      vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
      x-request-id: F-Q8w4AiecLVr0oVjidB
      cf-cache-status: REVALIDATED
      server: cloudflare
      cf-ray: 8ac7c4c3186771a2-LHR
      content-encoding: gzip
    • flag-us
      DNS
      226.21.18.104.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      226.21.18.104.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      62.19.18.104.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      62.19.18.104.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      ka-f.fontawesome.com
      MicrosoftEdgeCP.exe
      Remote address:
      8.8.8.8:53
      Request
      ka-f.fontawesome.com
      IN A
      Response
      ka-f.fontawesome.com
      IN CNAME
      ka-f.fontawesome.com.cdn.cloudflare.net
      ka-f.fontawesome.com.cdn.cloudflare.net
      IN A
      172.67.139.119
      ka-f.fontawesome.com.cdn.cloudflare.net
      IN A
      104.21.26.223
    • flag-us
      DNS
      api.battlylauncher.com
      MicrosoftEdgeCP.exe
      Remote address:
      8.8.8.8:53
      Request
      api.battlylauncher.com
      IN A
      Response
      api.battlylauncher.com
      IN A
      104.21.86.75
      api.battlylauncher.com
      IN A
      172.67.216.146
    • flag-us
      GET
      https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v5-font-face.min.css?token=bdec180db7
      MicrosoftEdgeCP.exe
      Remote address:
      172.67.139.119:443
      Request
      GET /releases/v6.6.0/css/free-v5-font-face.min.css?token=bdec180db7 HTTP/2.0
      host: ka-f.fontawesome.com
      accept: */*
      origin: https://battlylauncher.com
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 18:07:35 GMT
      content-type: text/css
      access-control-allow-origin: *
      access-control-allow-methods: GET
      access-control-max-age: 3000
      last-modified: Mon, 15 Jul 2024 22:20:40 GMT
      etag: W/"4ca760f49cd8a14911c81e6c14328874"
      x-amz-server-side-encryption: AES256
      cache-control: max-age=31556926
      access-control-allow-headers: fa-kit-token
      content-encoding: gzip
      vary: Accept-Encoding
      x-cache: Hit from cloudfront
      via: 1.1 6c2060b8177554cc176ab1e04cbbfe1e.cloudfront.net (CloudFront)
      x-amz-cf-pop: LHR5-P6
      x-amz-cf-id: 1zuDzRd2C95NsL9Asdp0GHvHBquM5T3m-2Kto0ew_jfIuS1X-smrYg==
      age: 707673
      cf-cache-status: HIT
      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SfiYn%2F%2FXi4zgjnHWGoBm17uwdFyYqmXhsGC5Fsr%2BdIhs%2FVo1XKyKNbqx8UGDYqjCdue3OjS7mhi5Z%2F7baZM0mQwbfdde05KtBpOqnSQjYQpPOsHlBwC8WJSB%2BFzthFb9f0XBXprgTA%3D%3D"}],"group":"cf-nel","max_age":604800}
      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      server: cloudflare
      cf-ray: 8ac7c4c57850d170-LHR
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-shims.min.css?token=bdec180db7
      MicrosoftEdgeCP.exe
      Remote address:
      172.67.139.119:443
      Request
      GET /releases/v6.6.0/css/free-v4-shims.min.css?token=bdec180db7 HTTP/2.0
      host: ka-f.fontawesome.com
      accept: */*
      origin: https://battlylauncher.com
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 18:07:35 GMT
      content-type: text/css
      access-control-allow-origin: *
      access-control-allow-methods: GET
      access-control-max-age: 3000
      last-modified: Mon, 15 Jul 2024 22:20:39 GMT
      etag: W/"8972ae5004bc634ffa6641be3960e78a"
      x-amz-server-side-encryption: AES256
      cache-control: max-age=31556926
      access-control-allow-headers: fa-kit-token
      x-cache: Hit from cloudfront
      via: 1.1 b25a88361ae631ab0435a1c107ccf948.cloudfront.net (CloudFront)
      x-amz-cf-pop: LHR5-P6
      x-amz-cf-id: PgG0K88pQ_7tPnaa85pYZ1SzhOUahr_i9UO-TPWqWXgei2KVpNVRVA==
      age: 405113
      cf-cache-status: HIT
      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cgt7fEFxvR1Qvu2i6lmvBzz6iPNUct0R0RppeFPJDtNOUggnOetoZ153tH3SjKGAAUli0%2FFOmB5GvdPxdZ3qpboJ6TcSNs0ARGe801e%2BA7VElyT65xnTG0PCl87sj3O6YMUlnpO%2BtA%3D%3D"}],"group":"cf-nel","max_age":604800}
      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      vary: Accept-Encoding
      server: cloudflare
      cf-ray: 8ac7c4c5684bd170-LHR
      content-encoding: br
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-font-face.min.css?token=bdec180db7
      MicrosoftEdgeCP.exe
      Remote address:
      172.67.139.119:443
      Request
      GET /releases/v6.6.0/css/free-v4-font-face.min.css?token=bdec180db7 HTTP/2.0
      host: ka-f.fontawesome.com
      accept: */*
      origin: https://battlylauncher.com
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 18:07:35 GMT
      content-type: text/css
      access-control-allow-origin: *
      access-control-allow-methods: GET
      access-control-max-age: 3000
      last-modified: Mon, 15 Jul 2024 22:20:39 GMT
      etag: W/"5e5b0d8c7be5919570a305b6bc229a36"
      x-amz-server-side-encryption: AES256
      cache-control: max-age=31556926
      access-control-allow-headers: fa-kit-token
      content-encoding: gzip
      vary: Accept-Encoding
      x-cache: Hit from cloudfront
      via: 1.1 1fbc4ed92487877d10ad1d7d3fa8355e.cloudfront.net (CloudFront)
      x-amz-cf-pop: LHR5-P6
      x-amz-cf-id: ujGreylMpkEsB085_JMen_vWbx23Kslrm0s5fNjUqxTbBrZmYOYssA==
      age: 707673
      cf-cache-status: HIT
      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FlI8%2BFWpTYkwwKvVYNrrT2ANfEKECsdDlAQwj%2FW9iWuHjqEGflxhl74sW69qLfVzBZfVy%2BAHxsC5ZQAE4CKn3OcOxs1Kea1wWfA%2FnuhKNbms%2FmLvfxi8z3ucC%2BV2bGgAtzz2TfeapA%3D%3D"}],"group":"cf-nel","max_age":604800}
      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      server: cloudflare
      cf-ray: 8ac7c4c5784dd170-LHR
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://ka-f.fontawesome.com/releases/v6.6.0/css/free.min.css?token=bdec180db7
      MicrosoftEdgeCP.exe
      Remote address:
      172.67.139.119:443
      Request
      GET /releases/v6.6.0/css/free.min.css?token=bdec180db7 HTTP/2.0
      host: ka-f.fontawesome.com
      accept: */*
      origin: https://battlylauncher.com
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 18:07:35 GMT
      content-type: text/css
      access-control-allow-origin: *
      access-control-allow-methods: GET
      access-control-max-age: 3000
      last-modified: Mon, 15 Jul 2024 22:20:39 GMT
      etag: W/"a5a0c9048efb7cb5df90023064d09ba4"
      x-amz-server-side-encryption: AES256
      cache-control: max-age=31556926
      access-control-allow-headers: fa-kit-token
      content-encoding: gzip
      vary: Accept-Encoding
      x-cache: Hit from cloudfront
      via: 1.1 1696a1e7f7602d80638fb508ba2b83d2.cloudfront.net (CloudFront)
      x-amz-cf-pop: LHR5-P6
      x-amz-cf-id: 4ZI4fdIK5b4PMP39TvMwThO1Ip22UxF6UNBbsZgC5oUKmmjCbvHCJA==
      age: 707673
      cf-cache-status: HIT
      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n8aO%2F6aNu%2B7T6FBNblsEtXybTt0eswMKeuBIQBjc5GIXqx6pu8qnJCK%2F49rL3xVOU8xVvGJMiYDoL%2FO4FXkCQUYKsUuWcO1EB6EscWHYih4KmRo10DJGouOp7w3014Picwj4LetdjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      server: cloudflare
      cf-ray: 8ac7c4c5784fd170-LHR
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://ka-f.fontawesome.com/releases/v6.6.0/webfonts/free-fa-regular-400.woff2
      MicrosoftEdgeCP.exe
      Remote address:
      172.67.139.119:443
      Request
      GET /releases/v6.6.0/webfonts/free-fa-regular-400.woff2 HTTP/2.0
      host: ka-f.fontawesome.com
      accept: */*
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      origin: https://battlylauncher.com
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 18:07:35 GMT
      content-type: font/woff2
      content-length: 157192
      access-control-allow-origin: *
      access-control-allow-methods: GET
      access-control-max-age: 3000
      last-modified: Mon, 15 Jul 2024 22:44:08 GMT
      etag: "76cf3ff0dbd23dd4504e2089f0df4acb"
      x-amz-server-side-encryption: AES256
      cache-control: max-age=31556926
      access-control-allow-headers: fa-kit-token
      x-cache: Hit from cloudfront
      via: 1.1 5927d891220e83a3690eb179e65c3b0a.cloudfront.net (CloudFront)
      x-amz-cf-pop: LHR5-P6
      x-amz-cf-id: 0IyyWcyWnlUiR-X3Qj0wHoayg62YHIaVsj4Vx-LJhR58YLpPQeT9tg==
      age: 695407
      cf-cache-status: HIT
      accept-ranges: bytes
      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3g6Or7YZPKG11WLAPM%2BqWJYD7kXpsTHf43OPp5Dbi0X5NRbvSc4WdrUL0BhRrS2s0DQaJJ%2FYn3to6uflGhqRzS3Hneb66BF%2F2UX4DJIS0JR7ifEwu47GBV%2FHcpeMG1d1AW4T0gi3zw%3D%3D"}],"group":"cf-nel","max_age":604800}
      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      vary: Accept-Encoding
      server: cloudflare
      cf-ray: 8ac7c4c8dcded170-LHR
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://ka-f.fontawesome.com/releases/v6.6.0/webfonts/free-fa-solid-900.woff2
      MicrosoftEdgeCP.exe
      Remote address:
      172.67.139.119:443
      Request
      GET /releases/v6.6.0/webfonts/free-fa-solid-900.woff2 HTTP/2.0
      host: ka-f.fontawesome.com
      accept: */*
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      origin: https://battlylauncher.com
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 18:07:35 GMT
      content-type: font/woff2
      content-length: 25464
      last-modified: Mon, 15 Jul 2024 22:44:07 GMT
      etag: "f5e38eecd547d3ef0dd9e2666140c0c1"
      x-amz-server-side-encryption: AES256
      cache-control: max-age=31556926
      access-control-allow-origin: *
      access-control-allow-methods: GET
      access-control-allow-headers: fa-kit-token
      access-control-max-age: 3000
      x-cache: Hit from cloudfront
      via: 1.1 1fbc4ed92487877d10ad1d7d3fa8355e.cloudfront.net (CloudFront)
      x-amz-cf-pop: LHR5-P6
      x-amz-cf-id: kzJ8LiFcAbmtKIRkrRl0vnSulCayiJ9yFJiukPG9pITFcSyY8GJcFQ==
      cf-cache-status: MISS
      accept-ranges: bytes
      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6xxtLddYqpRP2zMMopjqlED22c5sdZ4Qzf8TDyW08dZllwWjeZQ2O48%2F4V%2FSOOdukz%2BzjG3NsdRJq0L2ebQv5yWET72qoQFoSRLo48mTWx0YBTpnJFcRsqg%2B%2BDj6Fw0myTcABgTntw%3D%3D"}],"group":"cf-nel","max_age":604800}
      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      vary: Accept-Encoding
      server: cloudflare
      cf-ray: 8ac7c4c8dcdbd170-LHR
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://api.battlylauncher.com/battlylauncher/usuarios_online
      MicrosoftEdgeCP.exe
      Remote address:
      104.21.86.75:443
      Request
      GET /battlylauncher/usuarios_online HTTP/2.0
      host: api.battlylauncher.com
      accept: */*
      origin: https://battlylauncher.com
      referer: https://battlylauncher.com/login?redirect=/claim?code=undefined
      accept-language: en-US
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      accept-encoding: gzip, deflate, br
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 18:07:35 GMT
      content-type: application/json; charset=utf-8
      content-length: 17
      x-powered-by: Express
      access-control-allow-origin: *
      access-control-allow-credentials: true
      etag: W/"11-Os0lYB49a4+cLxZuM4V70t4HY9Y"
      cf-cache-status: DYNAMIC
      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q3WsGUFlxhFf2wsqm8t1HMKKCbtf0ZNaqBt9jb2KhuBOMI47uUqiNJjxQfMDbYZfNMzeRjg1lrqX2%2B5OoMcPOF2OCQEsfHIYduvJx7HxBfH2bzpb8%2BRNxjCYQvcDSpwG7HDE8urCxU4r"}],"group":"cf-nel","max_age":604800}
      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      server: cloudflare
      cf-ray: 8ac7c4c57dd78926-LHR
      alt-svc: h3=":443"; ma=86400
    • flag-us
      GET
      https://battlylauncher.com/assets/img/logo_500.png
      MicrosoftEdge.exe
      Remote address:
      172.67.216.146:443
      Request
      GET /assets/img/logo_500.png HTTP/2.0
      host: battlylauncher.com
      accept: */*
      accept-encoding: gzip, deflate, br
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Edge/15.15063
      dnt: 1
      Response
      HTTP/2.0 200
      date: Thu, 01 Aug 2024 18:07:36 GMT
      content-type: image/png
      content-length: 26585
      x-powered-by: Express
      cache-control: public, max-age=120
      last-modified: Fri, 15 Sep 2023 21:21:57 GMT
      etag: W/"67d9-18a9ab8cd08"
      cf-cache-status: REVALIDATED
      accept-ranges: bytes
      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7oUWz0tsKK2offiJzbEX4psYYImcIX00mO6rEP6Z0UW92BapNCNOrZZ8QDzNBk%2FEYMgaZF4YlMXtPlYdRBRyZG9gDBRjqoBy8ps2gcBCSmC3xvsiqH%2BuvYntKuaVdRrWAMYBa0Q%3D"}],"group":"cf-nel","max_age":604800}
      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
      vary: Accept-Encoding
      server: cloudflare
      cf-ray: 8ac7c4cb6f1f7192-LHR
      alt-svc: h3=":443"; ma=86400
    • flag-us
      DNS
      119.139.67.172.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      119.139.67.172.in-addr.arpa
      IN PTR
      Response
    • flag-nl
      GET
      http://c.pki.goog/r/gsr1.crl
      MicrosoftEdge.exe
      Remote address:
      142.250.27.94:80
      Request
      GET /r/gsr1.crl HTTP/1.1
      Connection: Keep-Alive
      Accept: */*
      User-Agent: Microsoft-CryptoAPI/10.0
      Host: c.pki.goog
      Response
      HTTP/1.1 200 OK
      Accept-Ranges: bytes
      Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
      Cross-Origin-Resource-Policy: cross-origin
      Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
      Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
      Content-Length: 1739
      X-Content-Type-Options: nosniff
      Server: sffe
      X-XSS-Protection: 0
      Date: Thu, 01 Aug 2024 17:37:07 GMT
      Expires: Thu, 01 Aug 2024 18:27:07 GMT
      Cache-Control: public, max-age=3000
      Age: 1829
      Last-Modified: Mon, 08 Jul 2024 07:38:00 GMT
      Content-Type: application/pkix-crl
      Vary: Accept-Encoding
    • flag-nl
      GET
      http://c.pki.goog/r/r4.crl
      MicrosoftEdge.exe
      Remote address:
      142.250.27.94:80
      Request
      GET /r/r4.crl HTTP/1.1
      Connection: Keep-Alive
      Accept: */*
      User-Agent: Microsoft-CryptoAPI/10.0
      Host: c.pki.goog
      Response
      HTTP/1.1 200 OK
      Accept-Ranges: bytes
      Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
      Cross-Origin-Resource-Policy: cross-origin
      Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
      Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
      Content-Length: 436
      X-Content-Type-Options: nosniff
      Server: sffe
      X-XSS-Protection: 0
      Date: Thu, 01 Aug 2024 17:38:28 GMT
      Expires: Thu, 01 Aug 2024 18:28:28 GMT
      Cache-Control: public, max-age=3000
      Age: 1748
      Last-Modified: Thu, 25 Jul 2024 14:48:00 GMT
      Content-Type: application/pkix-crl
      Vary: Accept-Encoding
    • flag-us
      DNS
      169.117.168.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      169.117.168.52.in-addr.arpa
      IN PTR
      Response
    • 8.8.8.8:443
      dns.google
      tls
      Battly Launcher.exe
      1.7kB
      6.9kB
      15
      15
    • 8.8.8.8:443
      dns.google
      tls
      Battly Launcher.exe
      2.5kB
      8.6kB
      24
      24
    • 20.26.156.210:443
      api.github.com
      tls
      Battly Launcher.exe
      2.6kB
      57.6kB
      34
      52
    • 185.26.182.111:443
      net.geo.opera.com
      tls
      Battly Launcher.exe
      5.3kB
      198.8kB
      105
      154
    • 20.26.156.215:443
      github.com
      tls
      Battly Launcher.exe
      1.5kB
      10.7kB
      16
      16
    • 104.21.86.75:443
      api.battlylauncher.com
      tls
      Battly Launcher.exe
      1.8kB
      4.7kB
      15
      15
    • 104.21.86.75:443
      api.battlylauncher.com
      tls
      Battly Launcher.exe
      922 B
      2.6kB
      7
      5
    • 172.67.216.146:443
      battlylauncher.com
      tls, http2
      MicrosoftEdgeCP.exe
      963 B
      3.7kB
      12
      8
    • 172.67.216.146:443
      https://battlylauncher.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
      tls, http2
      MicrosoftEdgeCP.exe
      42.4kB
      992.0kB
      778
      771

      HTTP Request

      GET https://battlylauncher.com/claim?code=undefined

      HTTP Response

      302

      HTTP Request

      GET https://battlylauncher.com/login?redirect=/claim?code=undefined

      HTTP Response

      200

      HTTP Request

      GET https://battlylauncher.com/assets/css/estilo_home.css

      HTTP Request

      GET https://battlylauncher.com/assets/css/estilo_login.css

      HTTP Request

      GET https://battlylauncher.com/assets/js/script-home.js

      HTTP Request

      GET https://battlylauncher.com/assets/img/logo_500.png

      HTTP Request

      GET https://battlylauncher.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

      HTTP Request

      GET https://battlylauncher.com/assets/js/alert.js

      HTTP Request

      GET https://battlylauncher.com/assets/img/google.png

      HTTP Response

      200

      HTTP Response

      200

      HTTP Response

      200

      HTTP Response

      200

      HTTP Response

      200

      HTTP Response

      200

      HTTP Response

      200

      HTTP Request

      GET https://battlylauncher.com/assets/img/5.jpg

      HTTP Response

      200

      HTTP Request

      GET https://battlylauncher.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

      HTTP Response

      302
    • 185.199.109.133:443
      objects.githubusercontent.com
      tls
      Battly Launcher.exe
      946.0kB
      51.8MB
      19933
      37061
    • 142.250.27.94:80
      http://c.pki.goog/r/r1.crl
      http
      MicrosoftEdgeCP.exe
      920 B
      5.5kB
      10
      7

      HTTP Request

      GET http://c.pki.goog/r/gsr1.crl

      HTTP Response

      200

      HTTP Request

      GET http://c.pki.goog/r/r4.crl

      HTTP Response

      200

      HTTP Request

      GET http://c.pki.goog/r/r1.crl

      HTTP Response

      200
    • 151.101.65.229:443
      https://cdn.jsdelivr.net/npm/sweetalert2@11
      tls, http2
      MicrosoftEdgeCP.exe
      3.2kB
      58.4kB
      53
      51

      HTTP Request

      GET https://cdn.jsdelivr.net/npm/bulma@0.9.4/css/bulma.min.css

      HTTP Request

      GET https://cdn.jsdelivr.net/npm/sweetalert2@11

      HTTP Response

      200

      HTTP Response

      200
    • 151.101.65.229:443
      cdn.jsdelivr.net
      tls, http2
      MicrosoftEdgeCP.exe
      1.0kB
      5.5kB
      13
      11
    • 185.15.59.240:443
      https://upload.wikimedia.org/wikipedia/commons/thumb/c/c1/Google_%22G%22_logo.svg/768px-Google_%22G%22_logo.svg.png
      tls, http2
      MicrosoftEdgeCP.exe
      2.4kB
      33.8kB
      35
      28

      HTTP Request

      GET https://upload.wikimedia.org/wikipedia/commons/thumb/c/c1/Google_%22G%22_logo.svg/768px-Google_%22G%22_logo.svg.png

      HTTP Response

      200
    • 185.15.59.240:443
      upload.wikimedia.org
      tls, http2
      MicrosoftEdgeCP.exe
      965 B
      4.3kB
      12
      7
    • 142.250.27.100:443
      fundingchoicesmessages.google.com
      tls, http2
      MicrosoftEdgeCP.exe
      1.1kB
      7.3kB
      14
      10
    • 142.250.27.100:443
      https://fundingchoicesmessages.google.com/el/AGSKWxUVIXwrs084ATBxA7rO2-GnaMwYBamrznVeZl-vGClseb3UqaCqD3buM8X0jo9Lgfym565_04sz8K0wWpQT99BvuA==
      tls, http2
      MicrosoftEdgeCP.exe
      5.8kB
      89.1kB
      85
      80

      HTTP Request

      GET https://fundingchoicesmessages.google.com/i/pub-2325315275982779?ers=1

      HTTP Response

      200

      HTTP Request

      GET https://fundingchoicesmessages.google.com/b/pub-2325315275982779

      HTTP Response

      200

      HTTP Request

      GET https://fundingchoicesmessages.google.com/el/AGSKWxUVIXwrs084ATBxA7rO2-GnaMwYBamrznVeZl-vGClseb3UqaCqD3buM8X0jo9Lgfym565_04sz8K0wWpQT99BvuA==

      HTTP Response

      204
    • 104.16.79.73:443
      static.cloudflareinsights.com
      tls, http2
      MicrosoftEdgeCP.exe
      974 B
      3.7kB
      12
      8
    • 104.16.79.73:443
      https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
      tls, http2
      MicrosoftEdgeCP.exe
      1.9kB
      11.6kB
      24
      19

      HTTP Request

      GET https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

      HTTP Response

      200
    • 142.250.27.94:80
      http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D
      http
      MicrosoftEdgeCP.exe
      467 B
      843 B
      5
      3

      HTTP Request

      GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHGN%2BKTRSIp4CcztJxB9gYQ%3D

      HTTP Response

      200
    • 142.250.27.94:80
      http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHvQOfnMl3BnEBjGqYCOwmQ%3D
      http
      MicrosoftEdgeCP.exe
      465 B
      844 B
      5
      3

      HTTP Request

      GET http://o.pki.goog/wr2/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEHvQOfnMl3BnEBjGqYCOwmQ%3D

      HTTP Response

      200
    • 142.250.27.94:80
      http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6
      http
      MicrosoftEdgeCP.exe
      782 B
      1.6kB
      7
      4

      HTTP Request

      GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQCjHbN8Q48ByBJsBZfEZOeO

      HTTP Response

      200

      HTTP Request

      GET http://o.pki.goog/wr2/MFIwUDBOMEwwSjAJBgUrDgMCGgUABBRTQtSEi8EX%2BbYUTXd8%2ByMxD3s1zQQU3hse7XkV1D43JMMhu%2Bw0OW1CsjACEQDAezvzBOn2FxIghPLaMkP6

      HTTP Response

      200
    • 104.18.19.62:443
      https://kit.fontawesome.com/bdec180db7.js
      tls, http2
      MicrosoftEdgeCP.exe
      1.7kB
      10.3kB
      21
      16

      HTTP Request

      GET https://kit.fontawesome.com/bdec180db7.js

      HTTP Response

      200
    • 104.18.19.62:443
      kit.fontawesome.com
      tls, http2
      MicrosoftEdgeCP.exe
      964 B
      4.6kB
      12
      8
    • 172.67.139.119:443
      ka-f.fontawesome.com
      tls, http2
      MicrosoftEdgeCP.exe
      965 B
      3.7kB
      12
      8
    • 172.67.139.119:443
      ka-f.fontawesome.com
      tls, http2
      MicrosoftEdgeCP.exe
      965 B
      3.7kB
      12
      8
    • 172.67.139.119:443
      https://ka-f.fontawesome.com/releases/v6.6.0/webfonts/free-fa-solid-900.woff2
      tls, http2
      MicrosoftEdgeCP.exe
      10.9kB
      227.1kB
      203
      194

      HTTP Request

      GET https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v5-font-face.min.css?token=bdec180db7

      HTTP Request

      GET https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-shims.min.css?token=bdec180db7

      HTTP Request

      GET https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-font-face.min.css?token=bdec180db7

      HTTP Request

      GET https://ka-f.fontawesome.com/releases/v6.6.0/css/free.min.css?token=bdec180db7

      HTTP Response

      200

      HTTP Response

      200

      HTTP Response

      200

      HTTP Response

      200

      HTTP Request

      GET https://ka-f.fontawesome.com/releases/v6.6.0/webfonts/free-fa-regular-400.woff2

      HTTP Request

      GET https://ka-f.fontawesome.com/releases/v6.6.0/webfonts/free-fa-solid-900.woff2

      HTTP Response

      200

      HTTP Response

      200
    • 172.67.139.119:443
      ka-f.fontawesome.com
      tls, http2
      MicrosoftEdgeCP.exe
      965 B
      3.7kB
      12
      8
    • 104.21.86.75:443
      https://api.battlylauncher.com/battlylauncher/usuarios_online
      tls, http2
      MicrosoftEdgeCP.exe
      1.4kB
      4.4kB
      16
      10

      HTTP Request

      GET https://api.battlylauncher.com/battlylauncher/usuarios_online

      HTTP Response

      200
    • 104.21.86.75:443
      api.battlylauncher.com
      tls, http2
      MicrosoftEdgeCP.exe
      967 B
      3.7kB
      12
      8
    • 172.67.216.146:443
      battlylauncher.com
      tls, http2
      MicrosoftEdge.exe
      921 B
      3.8kB
      11
      9
    • 172.67.216.146:443
      https://battlylauncher.com/assets/img/logo_500.png
      tls, http2
      MicrosoftEdge.exe
      2.4kB
      32.6kB
      38
      36

      HTTP Request

      GET https://battlylauncher.com/assets/img/logo_500.png

      HTTP Response

      200
    • 142.250.27.94:80
      http://c.pki.goog/r/r4.crl
      http
      MicrosoftEdge.exe
      556 B
      3.8kB
      7
      5

      HTTP Request

      GET http://c.pki.goog/r/gsr1.crl

      HTTP Response

      200

      HTTP Request

      GET http://c.pki.goog/r/r4.crl

      HTTP Response

      200
    • 8.8.8.8:53
      95.27.250.142.in-addr.arpa
      dns
      72 B
      105 B
      1
      1

      DNS Request

      95.27.250.142.in-addr.arpa

    • 8.8.8.8:53
      94.102.250.142.in-addr.arpa
      dns
      73 B
      106 B
      1
      1

      DNS Request

      94.102.250.142.in-addr.arpa

    • 8.8.8.8:53
      dns.google
      dns
      Battly Launcher.exe
      56 B
      88 B
      1
      1

      DNS Request

      dns.google

      DNS Response

      8.8.8.8
      8.8.4.4

    • 8.8.8.8:53
      dns.google
      dns
      Battly Launcher.exe
      56 B
      132 B
      1
      1

      DNS Request

      dns.google

    • 8.8.8.8:53
      dns.google
      dns
      Battly Launcher.exe
      56 B
      88 B
      1
      1

      DNS Request

      dns.google

      DNS Response

      8.8.8.8
      8.8.4.4

    • 8.8.8.8:53
      dns.google
      dns
      Battly Launcher.exe
      56 B
      132 B
      1
      1

      DNS Request

      dns.google

    • 8.8.8.8:443
      dns.google
      https
      Battly Launcher.exe
      3.0kB
      7.9kB
      15
      15
    • 8.8.8.8:53
      210.156.26.20.in-addr.arpa
      dns
      72 B
      158 B
      1
      1

      DNS Request

      210.156.26.20.in-addr.arpa

    • 8.8.8.8:53
      net.geo.opera.com
      dns
      Battly Launcher.exe
      63 B
      116 B
      1
      1

      DNS Request

      net.geo.opera.com

      DNS Response

      185.26.182.111
      185.26.182.112

    • 8.8.8.8:53
      github.com
      dns
      Battly Launcher.exe
      56 B
      72 B
      1
      1

      DNS Request

      github.com

      DNS Response

      20.26.156.215

    • 8.8.8.8:53
      111.182.26.185.in-addr.arpa
      dns
      73 B
      134 B
      1
      1

      DNS Request

      111.182.26.185.in-addr.arpa

    • 8.8.8.8:53
      215.156.26.20.in-addr.arpa
      dns
      72 B
      158 B
      1
      1

      DNS Request

      215.156.26.20.in-addr.arpa

    • 8.8.8.8:53
      battlylauncher.com
      dns
      MicrosoftEdge.exe
      64 B
      96 B
      1
      1

      DNS Request

      battlylauncher.com

      DNS Response

      172.67.216.146
      104.21.86.75

    • 8.8.8.8:53
      75.86.21.104.in-addr.arpa
      dns
      71 B
      133 B
      1
      1

      DNS Request

      75.86.21.104.in-addr.arpa

    • 8.8.8.8:53
      objects.githubusercontent.com
      dns
      Battly Launcher.exe
      75 B
      139 B
      1
      1

      DNS Request

      objects.githubusercontent.com

      DNS Response

      185.199.109.133
      185.199.110.133
      185.199.108.133
      185.199.111.133

    • 8.8.8.8:53
      146.216.67.172.in-addr.arpa
      dns
      219 B
      135 B
      3
      1

      DNS Request

      146.216.67.172.in-addr.arpa

      DNS Request

      146.216.67.172.in-addr.arpa

      DNS Request

      146.216.67.172.in-addr.arpa

    • 8.8.8.8:53
      c.pki.goog
      dns
      MicrosoftEdge.exe
      56 B
      107 B
      1
      1

      DNS Request

      c.pki.goog

      DNS Response

      142.250.27.94

    • 8.8.8.8:53
      kit.fontawesome.com
      dns
      MicrosoftEdgeCP.exe
      195 B
      149 B
      3
      1

      DNS Request

      kit.fontawesome.com

      DNS Request

      kit.fontawesome.com

      DNS Request

      kit.fontawesome.com

      DNS Response

      104.18.19.62
      104.18.18.62

    • 8.8.8.8:53
      cdn.jsdelivr.net
      dns
      MicrosoftEdgeCP.exe
      62 B
      160 B
      1
      1

      DNS Request

      cdn.jsdelivr.net

      DNS Response

      151.101.65.229
      151.101.193.229
      151.101.129.229
      151.101.1.229

    • 8.8.8.8:53
      fundingchoicesmessages.google.com
      dns
      MicrosoftEdgeCP.exe
      79 B
      196 B
      1
      1

      DNS Request

      fundingchoicesmessages.google.com

      DNS Response

      142.250.27.100
      142.250.27.101
      142.250.27.138
      142.250.27.139
      142.250.27.102
      142.250.27.113

    • 8.8.8.8:53
      upload.wikimedia.org
      dns
      MicrosoftEdgeCP.exe
      66 B
      82 B
      1
      1

      DNS Request

      upload.wikimedia.org

      DNS Response

      185.15.59.240

    • 8.8.8.8:53
      static.cloudflareinsights.com
      dns
      MicrosoftEdgeCP.exe
      75 B
      107 B
      1
      1

      DNS Request

      static.cloudflareinsights.com

      DNS Response

      104.16.79.73
      104.16.80.73

    • 8.8.8.8:53
      172.210.232.199.in-addr.arpa
      dns
      148 B
      128 B
      2
      1

      DNS Request

      172.210.232.199.in-addr.arpa

      DNS Request

      172.210.232.199.in-addr.arpa

    • 8.8.8.8:53
      133.109.199.185.in-addr.arpa
      dns
      148 B
      118 B
      2
      1

      DNS Request

      133.109.199.185.in-addr.arpa

      DNS Request

      133.109.199.185.in-addr.arpa

    • 8.8.8.8:53
      94.27.250.142.in-addr.arpa
      dns
      144 B
      105 B
      2
      1

      DNS Request

      94.27.250.142.in-addr.arpa

      DNS Request

      94.27.250.142.in-addr.arpa

    • 8.8.8.8:53
      229.65.101.151.in-addr.arpa
      dns
      146 B
      133 B
      2
      1

      DNS Request

      229.65.101.151.in-addr.arpa

      DNS Request

      229.65.101.151.in-addr.arpa

    • 8.8.8.8:53
      157.102.250.142.in-addr.arpa
      dns
      148 B
      108 B
      2
      1

      DNS Request

      157.102.250.142.in-addr.arpa

      DNS Request

      157.102.250.142.in-addr.arpa

    • 8.8.8.8:53
      100.27.250.142.in-addr.arpa
      dns
      146 B
      107 B
      2
      1

      DNS Request

      100.27.250.142.in-addr.arpa

      DNS Request

      100.27.250.142.in-addr.arpa

    • 8.8.8.8:53
      o.pki.goog
      dns
      MicrosoftEdgeCP.exe
      56 B
      107 B
      1
      1

      DNS Request

      o.pki.goog

      DNS Response

      142.250.27.94

    • 8.8.8.8:53
      240.59.15.185.in-addr.arpa
      dns
      72 B
      115 B
      1
      1

      DNS Request

      240.59.15.185.in-addr.arpa

    • 8.8.8.8:53
      73.79.16.104.in-addr.arpa
      dns
      71 B
      133 B
      1
      1

      DNS Request

      73.79.16.104.in-addr.arpa

    • 8.8.8.8:53
      226.21.18.104.in-addr.arpa
      dns
      72 B
      134 B
      1
      1

      DNS Request

      226.21.18.104.in-addr.arpa

    • 8.8.8.8:53
      62.19.18.104.in-addr.arpa
      dns
      71 B
      133 B
      1
      1

      DNS Request

      62.19.18.104.in-addr.arpa

    • 8.8.8.8:53
      ka-f.fontawesome.com
      dns
      MicrosoftEdgeCP.exe
      66 B
      151 B
      1
      1

      DNS Request

      ka-f.fontawesome.com

      DNS Response

      172.67.139.119
      104.21.26.223

    • 8.8.8.8:53
      api.battlylauncher.com
      dns
      MicrosoftEdgeCP.exe
      68 B
      100 B
      1
      1

      DNS Request

      api.battlylauncher.com

      DNS Response

      104.21.86.75
      172.67.216.146

    • 8.8.8.8:53
      119.139.67.172.in-addr.arpa
      dns
      73 B
      135 B
      1
      1

      DNS Request

      119.139.67.172.in-addr.arpa

    • 8.8.8.8:53
      169.117.168.52.in-addr.arpa
      dns
      73 B
      147 B
      1
      1

      DNS Request

      169.117.168.52.in-addr.arpa

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\Cache\4J2O6FKV\logo_500[1].png

      Filesize

      25KB

      MD5

      a3eee7b1a705507648ee013f01eda06a

      SHA1

      c73272a849ad0d75fa3b6d826ffefad60c2bf9fd

      SHA256

      fec4bc11cebc824f76b47499965c90597531f89716646903e606c477f40cd169

      SHA512

      f1d895f303542802738aafc0aa74fd02b75c0379a282eb9b45d200f9c467323b149a24a6d5241c398eb6d7081049be1f85f7359f9da28f86a322a52622246642

    • C:\Users\Admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp\~DFAF22F993C654A935.TMP

      Filesize

      16KB

      MD5

      99117587531eb2a43b89da57ee7e4a5b

      SHA1

      a78d012f7be3fd02c43c5545dee2b2c0df31013e

      SHA256

      3c1fb6e8fc8c54a749fd4a60ffcfb5921bcc15b6011be4ce3531a02ef761b38a

      SHA512

      1256103dee0a3c725099da3a68e099f1f0e0af0fb6a6569cb52a301bf21a2039a3b08edb3da7bd74a9ec3bb7547288450237c2752f5a6760a8cb1526576cb3ce

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\chrome_100_percent.pak

      Filesize

      150KB

      MD5

      b1bccf31fa5710207026d373edd96161

      SHA1

      ae7bb0c083aea838df1d78d61b54fb76c9a1182e

      SHA256

      49aff5690cb9b0f54f831351aa0f64416ba180a0c4891a859fa7294e81e9c8e3

      SHA512

      134a13ad86f8bd20a1d2350236269fd39c306389a600556a82025d5e0d5adaab0709d59e9b7ee96e8e2d25b6df49fefea27cdccefe5fba9687abf92a9a941d91

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\chrome_200_percent.pak

      Filesize

      229KB

      MD5

      e02160c24b8077b36ff06dc05a9df057

      SHA1

      fc722e071ce9caf52ad9a463c90fc2319aa6c790

      SHA256

      4d5b51f720f7d3146e131c54a6f75e4e826c61b2ff15c8955f6d6dd15bedf106

      SHA512

      1bf873b89b571974537b685cdb739f8ed148f710f6f24f0f362f8b6bb605996fcfec1501411f2cb2df374d5fdaf6e2daaada8cea68051e3c10a67030ea25929e

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\ffmpeg.dll

      Filesize

      2.7MB

      MD5

      bf09deeeb497aeddaf6194e695776b8b

      SHA1

      e7d8719d6d0664b8746581b88eb03a486f588844

      SHA256

      450d5e6a11dc31dc6e1a7af472cd08b7e7a78976b1f0aa1c62055a0a720f5080

      SHA512

      38d3cac922634df85ddfd8d070b38cf4973bba8f37d3246453377f30165cc4377b4e67c4e0bca0ffe3c3fa0e024b23a31ec009e16d0ab3042593b5a6e164669f

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\icudtl.dat

      Filesize

      10.2MB

      MD5

      e0f1ad85c0933ecce2e003a2c59ae726

      SHA1

      a8539fc5a233558edfa264a34f7af6187c3f0d4f

      SHA256

      f5170aa2b388d23bebf98784dd488a9bcb741470384a6a9a8d7a2638d768defb

      SHA512

      714ed5ae44dfa4812081b8de42401197c235a4fa05206597f4c7b4170dd37e8360cc75d176399b735c9aec200f5b7d5c81c07b9ab58cbca8dc08861c6814fb28

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\libglesv2.dll

      Filesize

      7.3MB

      MD5

      c783045e4b7f00c847678d43a77367f7

      SHA1

      7f9192ce0b23ac93561aeec9d9c38daa3136c146

      SHA256

      3a39137dcee6cb6663ae9cca424b6b05cf56c0ad7e32fb72cb94549ea9dbcae8

      SHA512

      64e6d4fc84f1217ceef05a22ad63a6618ffdc470b1faf4ad9e2d7bab59e9285527b9c5fd7ea4be673a08b9466434e3c098e839bf6955597e3d8aa0e80589f4a3

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\locales\en-US.pak

      Filesize

      440KB

      MD5

      731c45f9f23957acc11b43d775758aaa

      SHA1

      12e66417a2dc0c5211ed67f026208ef02fcb40af

      SHA256

      02b97817b6eebd7caeaaff750f6462abc68911c398ddf0571b7900ff9b4ea9a2

      SHA512

      1a008df585ef76d9cf4459fc3e617b8d4397e7078c77852712fc7cf4f304081bc5195243437e64074016b05a8cd671db93666042e59b959595ba854ceb330a81

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources.pak

      Filesize

      5.0MB

      MD5

      67bb5e75ceb8ced4c98cf0454933cb45

      SHA1

      c2b1c8c8d753318bc5ec18762c27512a5eb9f9cd

      SHA256

      5d63acd4034f7771ca346d138d7478014abf1f3f4386d07fc025dbc2c2bc0bff

      SHA512

      fd213d59ebc625f6f8b20cc8fde1a22132ce827b81deaddb9ca7993fe0d9616de17e089def338d23c4b6bbd7d3a931ee73aa329325eaa17f8145a58fe11d8c38

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\AppData\Launcher\shared_proto_db\metadata\CURRENT

      Filesize

      16B

      MD5

      46295cac801e5d4857d09837238a6394

      SHA1

      44e0fa1b517dbf802b18faf0785eeea6ac51594b

      SHA256

      0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

      SHA512

      8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\node_modules\adm-zip\adm-zip.js

      Filesize

      30KB

      MD5

      9b6da3cd4a4ce0963e80d0e6dc1a11f1

      SHA1

      fce6550c2231f60425661f2f7db99efff491cdff

      SHA256

      cb49867d6ffe8e7c08ad0e6466c86450b0f81910069ed1ad9d5b7b9c27367929

      SHA512

      38f325ced4315f7fd39f9ec885e1a35f8d5c49bfe9721c3ae0b54d040c76e7df3e6d557f76bb5783594b0fe5c15f9e73f8c7a21fee373ecbd97ed9220d3127ba

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\node_modules\adm-zip\package.json

      Filesize

      793B

      MD5

      d54047857da5c5c0f798702eaf6bbdb2

      SHA1

      13268d9836a3e86768a55e94d9ae566083450c32

      SHA256

      4a972775a807ee9450338de8587428f444df10d7d383721ab6f60c1981562089

      SHA512

      fd3311c500231a24c3923e9833e9c39e9369c340fba01bb8c5930313be2f1bd7cb7cdfa9ecedd16418a2164a87dfef09f0a33fb55c01da2d38cacae9e9c0a1ac

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\node_modules\ejs-electron\index.js

      Filesize

      4KB

      MD5

      d441fba9399d196f943308f66d215d95

      SHA1

      76557f8a00782c3503b62784098b7832256c136b

      SHA256

      4574224bdcf1a47aab456dbec7b485d7cb8bd62bea5295f85db622b3ebab0c1b

      SHA512

      7f11d59d870c0ae386b6c0ae4a65b2ab49445ce8b36528323bb2a03a8a55611c8e71d2c7439f0a57c69fb7cfdc2d05fde59e535e0da36adf24947a131db18a0f

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\node_modules\ejs-electron\node_modules\mime\Mime.js

      Filesize

      2KB

      MD5

      5a77829e31fd521878c9484a90ff107a

      SHA1

      73efaff8e2e9adb871396c15c076dbf28757949a

      SHA256

      9482411a27e56e69e9ff5ae077b25f64c38768ae268ac07ab74a9896b582b6a9

      SHA512

      dc542b656f18818fc5caab6bebaf67f2f33691661196fd588eeba8bb8d1520ea61f76df314d407e0e23b405706889f0e73f0bc61871a36764d2c3564a44b1c35

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\node_modules\ejs-electron\node_modules\mime\index.js

      Filesize

      127B

      MD5

      f18d3eb05bbc4d65415ee72c4b5d4dff

      SHA1

      e2d3efd8917c4ff9cbe668474891269d3fedcb37

      SHA256

      7b35e6b3b981b498b62860b99063916772a7a199125866d4593db952ba1c14b9

      SHA512

      65316d6a06666e5acdb6fd293fcb737109a264fb6ed1174e7853f86b32d2b334fab3280d28535be21524fa15f86bc8f16b663461439d6bdf4ead0cba4b297eb5

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\node_modules\ejs-electron\node_modules\mime\package.json

      Filesize

      775B

      MD5

      41460dd956f1244d052cbe727cb6be27

      SHA1

      4982079e4fc60559ed7fa2c066bf71fc7b74d9b4

      SHA256

      a1dccf7b9e97739c70cfe4a205babae71016a576f4385a8d66308978f21e0d19

      SHA512

      4e273dcbe5b5bde34c1ba8c0bf35251037b058fe3eef5703e53027a53b9f6661db97411be2ae2e7b4353adf5d77bb389566a81258adb8f11cac679ee6450c978

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\node_modules\ejs-electron\node_modules\mime\types\other.js

      Filesize

      25KB

      MD5

      ce7fcb8480cc926c86d46e4b1fb6cc9d

      SHA1

      dbfc26ed679cce39b3ecb6bee5ef5968cea6408a

      SHA256

      ee0e65cdfde6e492be9c52e35bffcbe0e0fd9a5be1a18fbaa7cbbc7b9b406934

      SHA512

      c5c943a1722aa52c3f85f28189258ebb4e3ed025c98bfa0d7ce978de2587b10239c578d5d96fb63f85bd8ec16d7d156847268cc14421cb920832688984fc0cc9

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\node_modules\ejs-electron\node_modules\mime\types\standard.js

      Filesize

      9KB

      MD5

      5119196e906ee770dfd3610bcfbd0587

      SHA1

      a21f9b1eba88b1af8d16231a5759ffb8108a645c

      SHA256

      70aaa6f9c1b7caf38db2eff138406911368729b8dfb478fe70078e46ec1824bc

      SHA512

      30d30134c1044d36bf4ffd93cb0b6f003cb702a14b9e006bbc9a18a7e9e6915f18c22eb0b8bcfb5cae6cc15636726e0d8ab59189610550140ac90e51f45c324e

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\node_modules\ejs-electron\package.json

      Filesize

      367B

      MD5

      381be2da7b731d7e9f68c149ef521e46

      SHA1

      11f4eabe7d5c1236c02c9c6e1ef2e8f58226a2e3

      SHA256

      c30372a8a6ef7a7cf021a48200d7ca770ca5ad68022e92c6d15bd27878dc326a

      SHA512

      0595738800f268106a61f3526448bb1c89ed37db1950d00b7fc1f1d2874cfcd1bf7454b49d757614543caf756407d6594e2246f68d6916db51553c95e22c4f01

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\node_modules\ejs\lib\ejs.js

      Filesize

      26KB

      MD5

      e7286ffae51527e51efadb4ce65d1dd8

      SHA1

      2170a351835c1ff3ef58faab251e3d5ce5dfe9d6

      SHA256

      9ff1cb7fb0a7dbd822e04d35e50560a199926cc323b5aa11f1e89556d7b89814

      SHA512

      5a551b8ae5dc38eb4893acb2876046ebe27ed3852777b7e832173bfba8d5470b08495232811a82edd0662634bc6351e51d7d3509c87663900ca122a15e1d50e7

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\node_modules\ejs\lib\utils.js

      Filesize

      6KB

      MD5

      c4ed9f400aaac2c0b2ebe7c7f5795b1d

      SHA1

      4e88b60293299d879774768f84cf38524c3d34c3

      SHA256

      d77d4660b6fd5131949906b67fa4456223c308bd13a88d7dadbd2e10e5e7ace4

      SHA512

      100faa0f015ba8001eff8dc435174dde0af2d8717976448a3202272e7d0edde3d149f0a0acc6469f8d86fa0b15b79237cc1ffd5efb9456e0bbb625e6cfd53242

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\node_modules\ejs\package.json

      Filesize

      748B

      MD5

      c811f299cfedf923d32f6126894283b1

      SHA1

      4d25c24f5ff44f2963d08d74d474b03127c02ecf

      SHA256

      ba32b2005d817a23dc0e0b57c248b53b8b0316e8271fa433780750a954d56e69

      SHA512

      ce77756d8c128eff055923c6622f3b438a3eba87513fc6d962180b93762cb325c5b96c89e05e1df4a7ef227d35ad1de659d28c893742c5a1e8912b365b1a3fcb

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\package.json

      Filesize

      530B

      MD5

      e102ea0d9f0e36be31e25b787c35ca2c

      SHA1

      022ea237f37e95570872a64ba6af1e2f63cb0dab

      SHA256

      9f66eafe35c475aaba1157c877406f448273c6e4811a1ef2fce10aa0d5eee706

      SHA512

      426e0af432f24562e548bf53ea972636c494f0c5b840b9e6affbc40f32fdb9de3cde3c4fd83d9a221eae9832a42631b2b178a3d46f1b2a56d1a82978fe32fc51

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\ads.ejs

      Filesize

      1KB

      MD5

      d7f2205fb3ea4fc29629fd16cc13e42e

      SHA1

      ac4addc19bdf3f56a2b2aa0b8e5a2b2d459b209f

      SHA256

      828df948e8dd1e0fc2a88511fd1f59568a97fc2c3626152e574e5f31c89ff5e8

      SHA512

      6ff7cbfb366642d6b1ce5ce15f335b27a8f500341bb059f6037d50409c071d9ef8a735c447a876bd986f4902e377a773b9e41e09d7d433b8365a5049a689bf3a

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\assets\css\index.css

      Filesize

      20KB

      MD5

      9338a403220d934986f5dc738419174d

      SHA1

      33d0a93608f28900b4771b49d88259b2f70350e7

      SHA256

      2f281d5eb03f52a46514089fd0b0af408f02613a8fcef8d506dc01f590651d7c

      SHA512

      cd92d15c6ee9d6d9ed78fa073406462d5f3b33cc9c198a693fa51f53889ba9f5ef2a498ea3f033ef7cad73b1248e4bad9afcad8246f5b98dcde3435399dca508

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\assets\icon.ico

      Filesize

      11KB

      MD5

      372b8e595552272d8980d7ce68a22a45

      SHA1

      3458abecc3172f86c0a42f889402a700964a7bdc

      SHA256

      9a6b51f26c9efb993a02f67582477d9b524b029af5d6b1bea046840012dc110e

      SHA512

      bb712405ea0c0ec66add82abd04ca8f32e07bea7e4bbdcb2bce53a16caf8d9bf2a514ec8e647739e739f995931fc6d04d155e8b2f381fb93765024a4aebc1fa4

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\assets\images\background.png

      Filesize

      713KB

      MD5

      54d3046d693ef7dc0e06a32ff629e7a1

      SHA1

      1d14c54f2db92c94e467dc3b3f6480fe737ed830

      SHA256

      62a7ec1cb750aa28bcfdc93cebf1521f8cdc352992938652527aacb79618e57c

      SHA512

      b4e123d3bf4b21bdb1c73ab9374bad0e1090e5cfd0b758bebfd907d4f3736c9f4e87e73e693a85eed66bd0e1eee85fbcf1a152eeb83ea6f317e85022d67fca3d

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\assets\images\flags\de.png

      Filesize

      274B

      MD5

      0c730750c8a99bc30cf20b83d235aea6

      SHA1

      8ea6cd3bbdaae43607b4882560c4e04ef8eeaf8d

      SHA256

      b9d2aced61236662459e3acaaeaf44ce7af28405847c9a54d42fa4ae344f045f

      SHA512

      2fc3251378520052892b529b8c3638cbc3dd9c4ac471dc20382930c103c886826f05969400d7d1054b066cc81d00813ba86532b20be646aa8910efec9dfc6c23

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\assets\images\flags\en.png

      Filesize

      310B

      MD5

      c2de03c4d117d87763d4e1e5e28482db

      SHA1

      bfbecbfba4c5a871894c6784da913fa495a2aa3b

      SHA256

      e423db68a40835ac299155e365864461e37115a96f996091d5af026103d753e2

      SHA512

      628f47a91c2605a66dda06430f26d8685384136c0d04bc3146dd033462ef7def71c7d9ddd43cf3d07e892a400d089faed938a91317a94fce4febfd01183e1301

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\assets\images\flags\es.png

      Filesize

      370B

      MD5

      ff0df90a5a69c16ef24fab173a89ee4f

      SHA1

      02b14de1912f54b2b0630346c2cfe75a8da6d5b9

      SHA256

      c79f2cdfee1e6666b8180b7ee33d1f06bcffb113e602e8ec47b668d4db4f18d9

      SHA512

      4387449064aada45fba5e933304c5f931c29187acc025d291f1a758c6b2453085faa42693b2395fb08829b62187577988149514e133c2d4c58d6a2ed851f7ccc

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\assets\images\flags\fr.png

      Filesize

      284B

      MD5

      d03e36af77543804318d6a5e220724ea

      SHA1

      58f8df12d68e055019dce59a93afe17207d68bd8

      SHA256

      9914c4861965f03acbbc077509a8dbe76471a4b3c26eb3932427f9972236edb5

      SHA512

      8b10141b6411d05c4f7f7a1e3139fb0e7a8223c470b5f6a2ab84e07c482d39a56820b3e3a867263321744e2d5272bf9fabc81bde61fbb7e79e2ef31a37cacc12

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\assets\images\flags\it.png

      Filesize

      279B

      MD5

      b9673fed0ded2c7a6a3e2572b60ebb5c

      SHA1

      b4c6de948d9d7fb396dee563804fb161dc541cbe

      SHA256

      7ed6102d8a617b6cc2f7fe101ce130b037bf4fe7cc41deb011430f8def81b14a

      SHA512

      0f5965e93a08ea0a4f2a38de0e9f4accef71dea85d56f07c771ca62a966ab2049d611b1749544343e4389cea203137cb037fa2b7bd420087acfd3ddec2fc52f8

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\assets\images\flags\pt.png

      Filesize

      806B

      MD5

      188d843e650bbcb429950217dfc0131f

      SHA1

      ec3a3cbab918dc69f797f96b718fc22e398771b0

      SHA256

      60d97aeb01ec6481d1c9f5be24082655c880a4ec947e42713168e3c36d6015b6

      SHA512

      8b8aa9535194304633d229161377c73e0b13fb757a2661620a4ebb33d0bf6bc7d56fe2456a062e7ef9f6224fc2aabeaad9d472b83c96f2643e4e44b9e46015ea

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\assets\images\opera_banner_es.png

      Filesize

      460KB

      MD5

      71feb71eed2ab2a53ff3765f4a1e83de

      SHA1

      5dbd35ad7104691f4996311516504c844fdf23a8

      SHA256

      d624cb45b2d295fbbfd59d20c20a825fe73f5cd2b09d1e01f8da5aae1508aff4

      SHA512

      f30ec6e622106e05d02caec8f2464157348bf150b4c3cf33565e1bdd66c35dde542383c788b37c78c8a06876ece338dc65ecbd8f0020b1ae1bfe2e803150d78f

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\assets\js\index.js

      Filesize

      5KB

      MD5

      959306e641b1474f109d59c7320d2663

      SHA1

      add0e58d53d96050af3a55b07bef4e2b3aebb443

      SHA256

      863203fb3952d5a921208ceff5cef705fc35bfb29519799ac5c1f8ca228fe437

      SHA512

      dcd41217bc980b5817456341fa07c9d7301f0188479850942042d07c0183068b621445dc6903367e3ce809afbfe52ee574c69cb9913da9175b3f1b1bcad1b5dd

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\assets\js\langs\es.js

      Filesize

      2KB

      MD5

      6e6fdf68120d784a17b10a8e1d87c2d8

      SHA1

      e6ef1aada60b098a9cbd60028a64a5f5aacf3407

      SHA256

      0bfb77caf7b42746b6738f4127ea215b43ed7d9e311b158d8776b22ae6a1e531

      SHA512

      be6b434436dafea7f545b208e525335d72013b9ac967b3a184598ecf06ed6fba1d5b6fda5ed59973f598648af3de4cbd1565622bb934300a238c733fe16760cd

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\assets\js\main.js

      Filesize

      32KB

      MD5

      809b1a3f7d58f4b0b46a0b034b869df7

      SHA1

      1ec374e6f59b910ca6534c83cc606a1ea463d71b

      SHA256

      8f90bd5446d45e457bcfdb3cd4da2428d3b516ad07a3d72f1dee1cba4678b9dd

      SHA512

      00720a80126dd93737e87e4a9a3171083b9d342c34bb928d8b3c680b1de3e18bc90ae2189fe86b22c7afa4c8277bc79ae6150a06b6f6114b207399ab94512db8

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\assets\langs\es\eula.txt

      Filesize

      1KB

      MD5

      3c09cb08016752513697717cb4524919

      SHA1

      4aaa2a8d3f1e759570252e0bf16b744b575fbb38

      SHA256

      6458dd3cfef6f596c6ba49bf5cb42429b8573ac9af021d6e0fedb8c2f89a3e5c

      SHA512

      4c866141850d40ba21b20cb96a2f7bed13afc6b0534fdb08e68381ea40ba072fc769c15cd416a0a5c6e71aa485a44d364327d215af7ba581340363e61809c11d

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\eula.ejs

      Filesize

      981B

      MD5

      0887c927cc2ba0250bea889fd5d40660

      SHA1

      8ae1b01d3c501a15cfeade573a13b93c44ae34d5

      SHA256

      df0dc42c4ec4e3dbed33e6fd855e977f3bfb4cc2a49a8402ead53bfb9f544d6e

      SHA512

      01dd4c0e622e95adc652fd06c8503864506cae7466d4114bd11938f69a5b97065ecedf2a9d516d485abaa33fc3442bcd9de46f6a00b0979c11b05951bf2183db

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\footer.ejs

      Filesize

      4KB

      MD5

      d6c4aec009f8a181f5f805169cbad491

      SHA1

      7a7263138772c78c8c4330a2ed6cfbd3092c8985

      SHA256

      a2da2ca46128fdf7530a27ab8345986278cda1b78d7a075ec0fb11b66474fa8d

      SHA512

      d0a2d60113cdce329303f9657b741317e2f5b691d248fa2131b6668e07e7db9a5292ab734456681f335b71c732e003009631113cf14f218e13aaad7d4e8bb4d7

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\header.ejs

      Filesize

      38KB

      MD5

      eef60d35e9f75d3c7030d0574250e56f

      SHA1

      6d29148b90187fa1583652bc8799e65efa10f637

      SHA256

      3cf434b126e4369ffb8e9f4d489daee1aad9f47828850386984b3c752cdc7042

      SHA512

      529bf36dacd2fc808e63a8091a8aa92f5d3d39c23077bc72298bf052f1bdcd6fc05282608ce5337643d3c1a794bdde2b8d364f7deb0c4b7ae75810be3bdb165b

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\index.ejs

      Filesize

      880B

      MD5

      5cb43b3d3c087f4dfb7ef3604a39e757

      SHA1

      62796be76ccb921544aa6279dd0139b00450e24a

      SHA256

      88b3b17146349c92955cc88bdd70ef1fa414bf624d771a0b8ed0d7f2d40d76cd

      SHA512

      b5247488c6dbd4f682d27884f3b516df00ad6725665f79c2d4ea76c1a54d318a31e32c6f96a11fafc382d36097e50f505e0cba904e13b4d45afa96544401eb81

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\index.js

      Filesize

      4KB

      MD5

      45ed15c0c0a7ec66046343f4f3212a7a

      SHA1

      296de778426805a2bda8566c5b37f24c34a6c24a

      SHA256

      5f8ce9450962956086e6f19cfb2bd6c84f230a6264e3164f41e2d2c91ab61925

      SHA512

      4baa2d75426cde366088aec26907ab8fe9ca5eacbb3ea648e5864f807d83b1586dc00d0d4a9f4e06ca219505978139a14869fdac18e39faa47777e74d7621a67

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\install-options.ejs

      Filesize

      3KB

      MD5

      877f16609a32c46ff5f8eab3648b1078

      SHA1

      5a3d5785704f016235b96fdbe04a9de69b48e203

      SHA256

      f8981d7e2001efe11511d6779675bcbead2fa27d6557a54dcb8492ea958a1454

      SHA512

      c6df43c91537d13d75e1b2e1b35fc2b452f7d62326f0074c24e975e18a47d31bade8a9e84514091bd537b8cb016c60e87920249cee73370188be045c628a30b0

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\language.ejs

      Filesize

      5KB

      MD5

      3fbf51eb59e0f0b050f5abcd2fcd3dca

      SHA1

      90d676bc914c2bebf33464dd088952abbedd56f3

      SHA256

      9016b2792ecdd22276e1d1e4172b4e598478f5668b27beb005e2219d229f216c

      SHA512

      c5e04500ebdd922d989594e3a0822fa9a9557d749e60af86ab1e309847342431a606f5e604538fa5d5666535bc68c4f5fbeeb4cdda9a832384505aac1ba2d998

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\logs.ejs

      Filesize

      1KB

      MD5

      6fc7c3d8bac3259202cb981acf8b18b6

      SHA1

      f3963b01f9a2df4e9b0b989b4e7ea8f55198ddfa

      SHA256

      62e112e61b5c9c582f5a9aac790a9275be8a560d1edb93c3a6879330298e53fc

      SHA512

      7d719b9698344ba99d3d860e28421bc7cfaf2e9d80cfc6da472413800900aa64f055add8269553e9838aa998df4d6575c6bf0091cf6263a6ea0c2537c36b5df0

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\resources\app\src\path.ejs

      Filesize

      2KB

      MD5

      21e1d48f90eb1017539741c7a74cf059

      SHA1

      7906534922134e26a5c59324aafad63e20bf10ba

      SHA256

      870496c864624ebce9da0b98ea830249897a2a2317f6a816751f0edb30aeb32b

      SHA512

      2cd3d44337c5e1b794a2233d25fef122a97910d7f7d32cb811c0fa3f84397dd4781e917ba3db0e024384439413925dd0ab73888d3d82119951b86192e807685b

    • C:\Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\v8_context_snapshot.bin

      Filesize

      663KB

      MD5

      81870fb2f641c8b845e9c6d1a632f0b7

      SHA1

      fcd47d8d1232c189a1c4087bb03a015ce14c25ba

      SHA256

      875515af4e7254458c17a98bed087fc609d45fbc8ebf60663e112c37204f6840

      SHA512

      7748c8fb6f356aa45023a56245c43c5171d0413617fb1ac6c75650be75bbe94bd5528e9aa83cd9df9a08af65540a76ab59bc866e5dcf0fa7284122f290bd45d3

    • C:\Users\Admin\AppData\Roaming\Battly Launcher Installer\Cache\Cache_Data\data_0

      Filesize

      8KB

      MD5

      cf89d16bb9107c631daabf0c0ee58efb

      SHA1

      3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b

      SHA256

      d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e

      SHA512

      8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

    • C:\Users\Admin\AppData\Roaming\Battly Launcher Installer\Cache\Cache_Data\data_2

      Filesize

      8KB

      MD5

      0962291d6d367570bee5454721c17e11

      SHA1

      59d10a893ef321a706a9255176761366115bedcb

      SHA256

      ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7

      SHA512

      f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

    • C:\Users\Admin\AppData\Roaming\Battly Launcher Installer\Code Cache\js\index

      Filesize

      24B

      MD5

      54cb446f628b2ea4a5bce5769910512e

      SHA1

      c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

      SHA256

      fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

      SHA512

      8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

    • C:\Users\Admin\AppData\Roaming\Battly Launcher Installer\DawnCache\data_3

      Filesize

      8KB

      MD5

      41876349cb12d6db992f1309f22df3f0

      SHA1

      5cf26b3420fc0302cd0a71e8d029739b8765be27

      SHA256

      e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c

      SHA512

      e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

    • C:\Users\Admin\AppData\Roaming\Battly Launcher Installer\Local Storage\leveldb\MANIFEST-000001

      Filesize

      41B

      MD5

      5af87dfd673ba2115e2fcf5cfdb727ab

      SHA1

      d5b5bbf396dc291274584ef71f444f420b6056f1

      SHA256

      f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

      SHA512

      de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

    • C:\Users\Admin\AppData\Roaming\Battly Launcher Installer\Network\Network Persistent State

      Filesize

      1KB

      MD5

      25392f81439ee8c11c83f761dfccfe00

      SHA1

      c19892e9b630fd69c2a13744f401d48120a25d15

      SHA256

      a0d484c1c4b12cf5d5d8d2fcd149cebf3bb40d2ba51702fc4287abe52f4906b8

      SHA512

      eaa1bec72b67d69da31b72584ee1f263d7b16a3c375679a3a402292b22de6941ce382246a4b9b6c071d8ebcbfe591d3ccf9d442d8d8d969fe472e6dc04a3cc45

    • C:\Users\Admin\AppData\Roaming\Battly Launcher Installer\Network\Network Persistent State~RFe58997c.TMP

      Filesize

      59B

      MD5

      2800881c775077e1c4b6e06bf4676de4

      SHA1

      2873631068c8b3b9495638c865915be822442c8b

      SHA256

      226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974

      SHA512

      e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

    • C:\Users\Admin\AppData\Roaming\Battly Launcher Installer\Network\TransportSecurity

      Filesize

      523B

      MD5

      ce8a178ae8fee3ce12b7ba77f6dd7a95

      SHA1

      580064c8a6c03e095b219a1a1df18c78c2028a90

      SHA256

      c2f43a86621b626e8997b3547e899688b3cee7a661fc8af6edeff10e21ccb0e9

      SHA512

      e89ed9e2a451b2d97fe0138be2d272b581a1b38b69dc6ac559357be96fe8723c80f3772c46b67f955f97533029b9eb615a6e67cb68e575bc682d6aeac38a275f

    • C:\Users\Admin\AppData\Roaming\Battly Launcher Installer\Network\TransportSecurity

      Filesize

      523B

      MD5

      c15a8d5b38f4a7585ff106c0445450f6

      SHA1

      194cf773ba6f2250a9bb801650bf4338f4d57310

      SHA256

      80251b4a384636b416db9e6e94f871610fae22e4cffe75f0b35568ab2f098343

      SHA512

      e91fead2edc8d87b0585363422dbc2c9f392b0b31aadb1c705714b6c2e3603998a85d688d36d07ce78d0f83c86810469df69dbcb82f67f2a6e6e585567a484f9

    • C:\Users\Admin\AppData\Roaming\Battly Launcher Installer\Network\TransportSecurity~RFe58314c.TMP

      Filesize

      356B

      MD5

      9e4c96469818bc10f09d7a25d0cffbc1

      SHA1

      f2656f0d609824c2fe4c0d0ac00c34d14b643e70

      SHA256

      798742fd5cb49fc7debfe4f82b5cc9fdc87b71290d4429d27da6e06650195593

      SHA512

      1150b3a9b41a6e06d8c9a863f64b89137c611fe9cdd1d24f55ad9b08c59efcee944c36981ceac9a5e898230504c2214b7d9cc3dd6fed1d8198c77fda19041cb8

    • \Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\d3dcompiler_47.dll

      Filesize

      4.7MB

      MD5

      2191e768cc2e19009dad20dc999135a3

      SHA1

      f49a46ba0e954e657aaed1c9019a53d194272b6a

      SHA256

      7353f25dc5cf84d09894e3e0461cef0e56799adbc617fce37620ca67240b547d

      SHA512

      5adcb00162f284c16ec78016d301fc11559dd0a781ffbeff822db22efbed168b11d7e5586ea82388e9503b0c7d3740cf2a08e243877f5319202491c8a641c970

    • \Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\libEGL.dll

      Filesize

      467KB

      MD5

      3a5cbf0ce848ec30a2f8fe1760564515

      SHA1

      31bf9312cd1beaedaa91766e5cde13406d6ea219

      SHA256

      afef052c621f72ba986d917a9e090d23a13f4ab6bc09f158eeb73fd671b94219

      SHA512

      bd5713e1d22145b4cc52f4e46b464f443aad6f783a5793268e7d9dca969f27b70e706eecd54cb01be1c94256e6a95864c6b7e50027cef7fa870cdb16820ad602

    • \Users\Admin\AppData\Local\Temp\2jywVpiXCBPKrhj2foFddYdfPdc\vk_swiftshader.dll

      Filesize

      5.1MB

      MD5

      0a071201e4dd76996e273c81533bfa74

      SHA1

      5c92c634027692c344a8e74eab8b4d5c3e049497

      SHA256

      08e34bc25653f9357a4ccf62966d698b7cc6265dc668046a28403ae5786132ee

      SHA512

      b5de6548c5c743b6f119183fa06aaf67dcd4cdbc3542378ff87916b670ace1e2f4270f6dcaa4caabd01460c638bd02b565267e7bd9617ca92d72187d374bb7d6

    • \Users\Admin\AppData\Local\Temp\nsa6DAF.tmp\BgImage.dll

      Filesize

      7KB

      MD5

      487368e6fce9ab9c5ea053af0990c5ef

      SHA1

      b538e37c87d4b9a7645dcbbd9e93025a31849702

      SHA256

      e27efa5dfde875bd6b826fafb4c7698db6b6e30e68715a1c03eb018e3170fc04

      SHA512

      bb3ed4c0d17a11365b72653112b48c8c63ab10590dda3dfd90aa453f0d64203000e4571c73998063352240e1671d14da5ee394439899aaa31054fa2e9b722ea7

    • \Users\Admin\AppData\Local\Temp\nsa6DAF.tmp\StdUtils.dll

      Filesize

      100KB

      MD5

      c6a6e03f77c313b267498515488c5740

      SHA1

      3d49fc2784b9450962ed6b82b46e9c3c957d7c15

      SHA256

      b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

      SHA512

      9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

    • \Users\Admin\AppData\Local\Temp\nsa6DAF.tmp\System.dll

      Filesize

      12KB

      MD5

      0d7ad4f45dc6f5aa87f606d0331c6901

      SHA1

      48df0911f0484cbe2a8cdd5362140b63c41ee457

      SHA256

      3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

      SHA512

      c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

    • memory/2588-870-0x00000153E4100000-0x00000153E41AA000-memory.dmp

      Filesize

      680KB

    • memory/2588-721-0x0000015BF8580000-0x0000015BF8582000-memory.dmp

      Filesize

      8KB

    • memory/2588-719-0x0000015BF8540000-0x0000015BF8542000-memory.dmp

      Filesize

      8KB

    • memory/2588-718-0x0000015BF8520000-0x0000015BF8522000-memory.dmp

      Filesize

      8KB

    • memory/2588-716-0x0000015BF84F0000-0x0000015BF84F2000-memory.dmp

      Filesize

      8KB

    • memory/2588-715-0x0000015BF84D0000-0x0000015BF84D2000-memory.dmp

      Filesize

      8KB

    • memory/2588-717-0x0000015BF8500000-0x0000015BF8502000-memory.dmp

      Filesize

      8KB

    • memory/2588-720-0x0000015BF8560000-0x0000015BF8562000-memory.dmp

      Filesize

      8KB

    • memory/3620-741-0x00000280A1EA0000-0x00000280A1FA0000-memory.dmp

      Filesize

      1024KB

    • memory/3620-829-0x00000280B3200000-0x00000280B3300000-memory.dmp

      Filesize

      1024KB

    • memory/5104-854-0x000001C4F9560000-0x000001C4F9562000-memory.dmp

      Filesize

      8KB

    • memory/5104-859-0x000001C4F45B0000-0x000001C4F45B1000-memory.dmp

      Filesize

      4KB

    • memory/5104-878-0x000001C4F2750000-0x000001C4F2751000-memory.dmp

      Filesize

      4KB

    • memory/5104-877-0x000001C4F2740000-0x000001C4F2741000-memory.dmp

      Filesize

      4KB

    • memory/5104-863-0x000001C4F27F0000-0x000001C4F27F1000-memory.dmp

      Filesize

      4KB

    • memory/5104-710-0x000001C4F4580000-0x000001C4F4582000-memory.dmp

      Filesize

      8KB

    • memory/5104-691-0x000001C4F5320000-0x000001C4F5330000-memory.dmp

      Filesize

      64KB

    • memory/5104-675-0x000001C4F5220000-0x000001C4F5230000-memory.dmp

      Filesize

      64KB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.