Resubmissions

06/08/2024, 22:36 UTC

240806-2jnb2swgrd 6

06/08/2024, 22:24 UTC

240806-2bm2bawfkc 7

Analysis

  • max time kernel
    449s
  • max time network
    441s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/08/2024, 22:36 UTC

General

  • Target

    LauncherFenix-Minecraft-v7.exe

  • Size

    397KB

  • MD5

    d99bb55b57712065bc88be297c1da38c

  • SHA1

    fb6662dd31e8e5be380fbd7a33a50a45953fe1e7

  • SHA256

    122bfbb9f67e355340991deeacb167be9c12ad726b5a7c5779448dd0cc4af0cb

  • SHA512

    3eb5d57faea4c0146c2af40102deaac18235b379f5e81fe35a977b642e3edf70704c8cedd835e94f27b04c8413968f7469fccf82c1c9339066d38d3387c71b17

  • SSDEEP

    3072:puzvch1rugYc4wqYSRR756K7ItBjgXHUYCnlK:Wch1aIqYSRVM+unlK

Score
6/10

Malware Config

Signatures

  • Drops desktop.ini file(s) 1 IoCs
  • Network Service Discovery 1 TTPs 1 IoCs

    Attempt to gather information on host's network.

  • Drops file in System32 directory 2 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 38 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\LauncherFenix-Minecraft-v7.exe
    "C:\Users\Admin\AppData\Local\Temp\LauncherFenix-Minecraft-v7.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:400
    • C:\Program Files\Java\jre-1.8\bin\javaw.exe
      "C:\Program Files\Java\jre-1.8\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Local\Temp\LauncherFenix-Minecraft-v7.exe"
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:3144
  • C:\Windows\System32\GameBarPresenceWriter.exe
    "C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
    1⤵
    • Network Service Discovery
    PID:3452
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:4644
  • C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
    1⤵
    • Drops desktop.ini file(s)
    • Checks processor information in registry
    • Modifies registry class
    PID:2204
  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe"
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1144
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffbd18bcc40,0x7ffbd18bcc4c,0x7ffbd18bcc58
      2⤵
        PID:4624
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2068,i,13681930593487926525,17104547053424119281,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2056 /prefetch:2
        2⤵
          PID:4524
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1872,i,13681930593487926525,17104547053424119281,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2172 /prefetch:3
          2⤵
            PID:1652
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2312,i,13681930593487926525,17104547053424119281,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2324 /prefetch:8
            2⤵
              PID:3996
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3128,i,13681930593487926525,17104547053424119281,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3148 /prefetch:1
              2⤵
                PID:4320
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3168,i,13681930593487926525,17104547053424119281,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3200 /prefetch:1
                2⤵
                  PID:4344
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3688,i,13681930593487926525,17104547053424119281,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4588 /prefetch:1
                  2⤵
                    PID:1292
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4816,i,13681930593487926525,17104547053424119281,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4812 /prefetch:8
                    2⤵
                      PID:4428
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5052,i,13681930593487926525,17104547053424119281,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5084 /prefetch:8
                      2⤵
                        PID:2424
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4392,i,13681930593487926525,17104547053424119281,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5140 /prefetch:1
                        2⤵
                          PID:4548
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=4708,i,13681930593487926525,17104547053424119281,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4900 /prefetch:1
                          2⤵
                            PID:1808
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5336,i,13681930593487926525,17104547053424119281,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5284 /prefetch:1
                            2⤵
                              PID:388
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5428,i,13681930593487926525,17104547053424119281,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4576 /prefetch:8
                              2⤵
                                PID:2136
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5504,i,13681930593487926525,17104547053424119281,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5496 /prefetch:8
                                2⤵
                                • Drops file in System32 directory
                                • Suspicious behavior: EnumeratesProcesses
                                PID:1592
                            • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                              "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                              1⤵
                                PID:3424
                              • C:\Windows\system32\svchost.exe
                                C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                                1⤵
                                  PID:3432

                                Network

                                • flag-us
                                  DNS
                                  g.bing.com
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  g.bing.com
                                  IN A
                                  Response
                                  g.bing.com
                                  IN CNAME
                                  g-bing-com.dual-a-0034.a-msedge.net
                                  g-bing-com.dual-a-0034.a-msedge.net
                                  IN CNAME
                                  dual-a-0034.a-msedge.net
                                  dual-a-0034.a-msedge.net
                                  IN A
                                  204.79.197.237
                                  dual-a-0034.a-msedge.net
                                  IN A
                                  13.107.21.237
                                • flag-us
                                  GET
                                  https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=b3edeaf09431400fa17f3fba4a24ec8f&localId=w:F595C12A-38F0-79CD-7666-DE379BE74C7C&deviceId=6966569430194623&anid=
                                  Remote address:
                                  204.79.197.237:443
                                  Request
                                  GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=b3edeaf09431400fa17f3fba4a24ec8f&localId=w:F595C12A-38F0-79CD-7666-DE379BE74C7C&deviceId=6966569430194623&anid= HTTP/2.0
                                  host: g.bing.com
                                  accept-encoding: gzip, deflate
                                  user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                                  Response
                                  HTTP/2.0 204
                                  cache-control: no-cache, must-revalidate
                                  pragma: no-cache
                                  expires: Fri, 01 Jan 1990 00:00:00 GMT
                                  set-cookie: MUID=0E9E813A765F6A820A4195E977786B99; domain=.bing.com; expires=Sun, 31-Aug-2025 22:37:16 GMT; path=/; SameSite=None; Secure; Priority=High;
                                  strict-transport-security: max-age=31536000; includeSubDomains; preload
                                  access-control-allow-origin: *
                                  x-cache: CONFIG_NOCACHE
                                  accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                  x-msedge-ref: Ref A: A2F13A24D1544D19A4827CE2B4A59651 Ref B: LON04EDGE0619 Ref C: 2024-08-06T22:37:16Z
                                  date: Tue, 06 Aug 2024 22:37:16 GMT
                                • flag-us
                                  GET
                                  https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=b3edeaf09431400fa17f3fba4a24ec8f&localId=w:F595C12A-38F0-79CD-7666-DE379BE74C7C&deviceId=6966569430194623&anid=
                                  Remote address:
                                  204.79.197.237:443
                                  Request
                                  GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=b3edeaf09431400fa17f3fba4a24ec8f&localId=w:F595C12A-38F0-79CD-7666-DE379BE74C7C&deviceId=6966569430194623&anid= HTTP/2.0
                                  host: g.bing.com
                                  accept-encoding: gzip, deflate
                                  user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                                  cookie: MUID=0E9E813A765F6A820A4195E977786B99
                                  Response
                                  HTTP/2.0 204
                                  cache-control: no-cache, must-revalidate
                                  pragma: no-cache
                                  expires: Fri, 01 Jan 1990 00:00:00 GMT
                                  set-cookie: MSPTC=FQqD4zO3phvWe2Q1w_Gr4Igjzja3dca9fiR-yiBcrVA; domain=.bing.com; expires=Sun, 31-Aug-2025 22:37:17 GMT; path=/; Partitioned; secure; SameSite=None
                                  strict-transport-security: max-age=31536000; includeSubDomains; preload
                                  access-control-allow-origin: *
                                  x-cache: CONFIG_NOCACHE
                                  accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                  x-msedge-ref: Ref A: 286A7938C6BE4E1090F69F6A7B4F3E84 Ref B: LON04EDGE0619 Ref C: 2024-08-06T22:37:17Z
                                  date: Tue, 06 Aug 2024 22:37:16 GMT
                                • flag-us
                                  GET
                                  https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=b3edeaf09431400fa17f3fba4a24ec8f&localId=w:F595C12A-38F0-79CD-7666-DE379BE74C7C&deviceId=6966569430194623&anid=
                                  Remote address:
                                  204.79.197.237:443
                                  Request
                                  GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=b3edeaf09431400fa17f3fba4a24ec8f&localId=w:F595C12A-38F0-79CD-7666-DE379BE74C7C&deviceId=6966569430194623&anid= HTTP/2.0
                                  host: g.bing.com
                                  accept-encoding: gzip, deflate
                                  user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                                  cookie: MUID=0E9E813A765F6A820A4195E977786B99; MSPTC=FQqD4zO3phvWe2Q1w_Gr4Igjzja3dca9fiR-yiBcrVA
                                  Response
                                  HTTP/2.0 204
                                  cache-control: no-cache, must-revalidate
                                  pragma: no-cache
                                  expires: Fri, 01 Jan 1990 00:00:00 GMT
                                  strict-transport-security: max-age=31536000; includeSubDomains; preload
                                  access-control-allow-origin: *
                                  x-cache: CONFIG_NOCACHE
                                  accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                  x-msedge-ref: Ref A: 30074ABFC6AD4DFEBD752511CD013044 Ref B: LON04EDGE0619 Ref C: 2024-08-06T22:37:17Z
                                  date: Tue, 06 Aug 2024 22:37:16 GMT
                                • flag-us
                                  DNS
                                  8.8.8.8.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  8.8.8.8.in-addr.arpa
                                  IN PTR
                                  Response
                                  8.8.8.8.in-addr.arpa
                                  IN PTR
                                  dnsgoogle
                                • flag-us
                                  DNS
                                  71.31.126.40.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  71.31.126.40.in-addr.arpa
                                  IN PTR
                                  Response
                                • flag-us
                                  DNS
                                  240.221.184.93.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  240.221.184.93.in-addr.arpa
                                  IN PTR
                                  Response
                                • flag-us
                                  DNS
                                  237.197.79.204.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  237.197.79.204.in-addr.arpa
                                  IN PTR
                                  Response
                                • flag-us
                                  DNS
                                  88.156.103.20.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  88.156.103.20.in-addr.arpa
                                  IN PTR
                                  Response
                                • flag-us
                                  DNS
                                  www.dropbox.com
                                  javaw.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  www.dropbox.com
                                  IN A
                                  Response
                                  www.dropbox.com
                                  IN CNAME
                                  www-env.dropbox-dns.com
                                  www-env.dropbox-dns.com
                                  IN A
                                  162.125.64.18
                                • flag-us
                                  DNS
                                  18.64.125.162.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  18.64.125.162.in-addr.arpa
                                  IN PTR
                                  Response
                                • flag-us
                                  DNS
                                  ucbf8a56fd708e2f3bffe3fe1009.dl.dropboxusercontent.com
                                  javaw.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  ucbf8a56fd708e2f3bffe3fe1009.dl.dropboxusercontent.com
                                  IN A
                                  Response
                                  ucbf8a56fd708e2f3bffe3fe1009.dl.dropboxusercontent.com
                                  IN CNAME
                                  edge-block-www-env.dropbox-dns.com
                                  edge-block-www-env.dropbox-dns.com
                                  IN A
                                  162.125.64.15
                                • flag-us
                                  DNS
                                  15.64.125.162.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  15.64.125.162.in-addr.arpa
                                  IN PTR
                                  Response
                                • flag-us
                                  DNS
                                  uc4ff547442f865456953eebbb60.dl.dropboxusercontent.com
                                  javaw.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  uc4ff547442f865456953eebbb60.dl.dropboxusercontent.com
                                  IN A
                                  Response
                                  uc4ff547442f865456953eebbb60.dl.dropboxusercontent.com
                                  IN CNAME
                                  edge-block-www-env.dropbox-dns.com
                                  edge-block-www-env.dropbox-dns.com
                                  IN A
                                  162.125.64.15
                                • flag-us
                                  DNS
                                  launchermeta.mojang.com
                                  javaw.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  launchermeta.mojang.com
                                  IN A
                                  Response
                                  launchermeta.mojang.com
                                  IN CNAME
                                  launcher-meta-cdn.azureedge.net
                                  launcher-meta-cdn.azureedge.net
                                  IN CNAME
                                  launcher-meta-cdn.afd.azureedge.net
                                  launcher-meta-cdn.afd.azureedge.net
                                  IN CNAME
                                  azureedge-t-prod.trafficmanager.net
                                  azureedge-t-prod.trafficmanager.net
                                  IN CNAME
                                  shed.dual-low.s-part-0036.t-0009.t-msedge.net
                                  shed.dual-low.s-part-0036.t-0009.t-msedge.net
                                  IN CNAME
                                  s-part-0036.t-0009.t-msedge.net
                                  s-part-0036.t-0009.t-msedge.net
                                  IN A
                                  13.107.246.64
                                • flag-us
                                  DNS
                                  iniciolauncherfx.tumblr.com
                                  javaw.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  iniciolauncherfx.tumblr.com
                                  IN A
                                  Response
                                  iniciolauncherfx.tumblr.com
                                  IN A
                                  74.114.154.18
                                  iniciolauncherfx.tumblr.com
                                  IN A
                                  74.114.154.22
                                • flag-us
                                  GET
                                  http://iniciolauncherfx.tumblr.com/
                                  javaw.exe
                                  Remote address:
                                  74.114.154.18:80
                                  Request
                                  GET / HTTP/1.1
                                  Accept-Language: en-us;q=0.8,en;q=0.7
                                  Accept-Encoding: gzip
                                  Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                  Upgrade-Insecure-Requests: 1
                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/615.1 (KHTML, like Gecko) JavaFX/8.0 Safari/615.1
                                  Cache-Control: no-cache
                                  Pragma: no-cache
                                  Host: iniciolauncherfx.tumblr.com
                                  Connection: keep-alive
                                  Response
                                  HTTP/1.1 302 Found
                                  Server: nginx
                                  Date: Tue, 06 Aug 2024 22:37:23 GMT
                                  Content-Type: text/html; charset=UTF-8
                                  Content-Length: 0
                                  Connection: keep-alive
                                  X-Rid: 3ebd66f92db8eb9efd69c4b1dac9bbd0
                                  P3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
                                  X-Frame-Options: deny
                                  X-Xss-Protection: 1; mode=block
                                  X-Content-Type-Options: nosniff
                                  Strict-Transport-Security: max-age=15552001
                                  Location: https://iniciolauncherfx.tumblr.com/
                                  X-UA-Compatible: IE=Edge,chrome=1
                                  X-UA-Device: desktop
                                  Vary: X-UA-Device, Accept
                                • flag-us
                                  DNS
                                  profile.launcherfenix.com.ar
                                  javaw.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  profile.launcherfenix.com.ar
                                  IN A
                                  Response
                                  profile.launcherfenix.com.ar
                                  IN A
                                  104.21.72.175
                                  profile.launcherfenix.com.ar
                                  IN A
                                  172.67.153.84
                                • flag-us
                                  DNS
                                  mc.launcherfenix.com.ar
                                  javaw.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  mc.launcherfenix.com.ar
                                  IN A
                                  Response
                                  mc.launcherfenix.com.ar
                                  IN A
                                  104.21.72.175
                                  mc.launcherfenix.com.ar
                                  IN A
                                  172.67.153.84
                                • flag-us
                                  GET
                                  http://mc.launcherfenix.com.ar/modsloader/mcforge/version_manifest.json
                                  javaw.exe
                                  Remote address:
                                  104.21.72.175:80
                                  Request
                                  GET /modsloader/mcforge/version_manifest.json HTTP/1.1
                                  Cache-Control: no-cache
                                  Pragma: no-cache
                                  User-Agent: Java/1.8.0_381
                                  Host: mc.launcherfenix.com.ar
                                  Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
                                  Connection: keep-alive
                                  Response
                                  HTTP/1.1 200 OK
                                  Date: Tue, 06 Aug 2024 22:37:24 GMT
                                  Content-Type: application/json
                                  Content-Length: 3408
                                  Connection: keep-alive
                                  Last-Modified: Sun, 02 Feb 2020 18:02:49 GMT
                                  ETag: "5e370ec9-d50"
                                  X-Powered-By: PleskLin
                                  Access-Control-Allow-Origin: https://launcherfenix.com.ar
                                  Accept-Ranges: bytes
                                  CF-Cache-Status: DYNAMIC
                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JOgjukWXm1q4Skn71dJh4D%2F%2BvOm7OT4MGVJa3v6Zp7kIBS%2BHIxby0Sz3BJHmNrzSnSmGfJyakgPryH02ua%2FwsndagapUMQvKMGpF4L5yuH6B9Yf21HihWvo%2BF1618TeB%2Fq3ydAmVGAZKCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                  Server: cloudflare
                                  CF-RAY: 8af282e03e507735-LHR
                                  alt-svc: h3=":443"; ma=86400
                                • flag-us
                                  DNS
                                  18.154.114.74.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  18.154.114.74.in-addr.arpa
                                  IN PTR
                                  Response
                                • flag-us
                                  DNS
                                  64.246.107.13.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  64.246.107.13.in-addr.arpa
                                  IN PTR
                                  Response
                                • flag-us
                                  DNS
                                  175.72.21.104.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  175.72.21.104.in-addr.arpa
                                  IN PTR
                                  Response
                                • flag-us
                                  DNS
                                  assets.tumblr.com
                                  javaw.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  assets.tumblr.com
                                  IN A
                                  Response
                                  assets.tumblr.com
                                  IN A
                                  192.0.77.40
                                • flag-us
                                  DNS
                                  px.srvcs.tumblr.com
                                  javaw.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  px.srvcs.tumblr.com
                                  IN A
                                  Response
                                  px.srvcs.tumblr.com
                                  IN A
                                  192.0.77.40
                                • flag-us
                                  DNS
                                  static.tumblr.com
                                  javaw.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  static.tumblr.com
                                  IN A
                                  Response
                                  static.tumblr.com
                                  IN A
                                  192.0.77.40
                                • flag-us
                                  DNS
                                  40.77.0.192.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  40.77.0.192.in-addr.arpa
                                  IN PTR
                                  Response
                                  40.77.0.192.in-addr.arpa
                                  IN PTR
                                  assetstumblrcom
                                • flag-us
                                  DNS
                                  www.google.com
                                  chrome.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  www.google.com
                                  IN A
                                  Response
                                  www.google.com
                                  IN A
                                  142.250.179.196
                                • flag-nl
                                  GET
                                  https://www.google.com/async/ddljson?async=ntp:2
                                  chrome.exe
                                  Remote address:
                                  142.250.179.196:443
                                  Request
                                  GET /async/ddljson?async=ntp:2 HTTP/2.0
                                  host: www.google.com
                                  sec-fetch-site: none
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: empty
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                • flag-nl
                                  GET
                                  https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
                                  chrome.exe
                                  Remote address:
                                  142.250.179.196:443
                                  Request
                                  GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/2.0
                                  host: www.google.com
                                  x-client-data: CN7nygE=
                                  sec-fetch-site: cross-site
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: empty
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                • flag-nl
                                  GET
                                  https://www.google.com/async/newtab_promos
                                  chrome.exe
                                  Remote address:
                                  142.250.179.196:443
                                  Request
                                  GET /async/newtab_promos HTTP/2.0
                                  host: www.google.com
                                  sec-fetch-site: cross-site
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: empty
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                • flag-us
                                  DNS
                                  131.179.250.142.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  131.179.250.142.in-addr.arpa
                                  IN PTR
                                  Response
                                  131.179.250.142.in-addr.arpa
                                  IN PTR
                                  ams17s10-in-f31e100net
                                • flag-us
                                  DNS
                                  170.179.250.142.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  170.179.250.142.in-addr.arpa
                                  IN PTR
                                  Response
                                  170.179.250.142.in-addr.arpa
                                  IN PTR
                                  ams15s41-in-f101e100net
                                • flag-us
                                  DNS
                                  196.179.250.142.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  196.179.250.142.in-addr.arpa
                                  IN PTR
                                  Response
                                  196.179.250.142.in-addr.arpa
                                  IN PTR
                                  ams15s42-in-f41e100net
                                • flag-us
                                  DNS
                                  clients2.google.com
                                  chrome.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  clients2.google.com
                                  IN A
                                  Response
                                  clients2.google.com
                                  IN CNAME
                                  clients.l.google.com
                                  clients.l.google.com
                                  IN A
                                  172.217.23.206
                                • flag-us
                                  DNS
                                  206.23.217.172.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  206.23.217.172.in-addr.arpa
                                  IN PTR
                                  Response
                                  206.23.217.172.in-addr.arpa
                                  IN PTR
                                  ams16s37-in-f141e100net
                                  206.23.217.172.in-addr.arpa
                                  IN PTR
                                  prg03s05-in-f206�I
                                  206.23.217.172.in-addr.arpa
                                  IN PTR
                                  prg03s05-in-f14�I
                                • flag-us
                                  DNS
                                  gofile.io
                                  chrome.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  gofile.io
                                  IN A
                                  Response
                                  gofile.io
                                  IN A
                                  45.112.123.126
                                  gofile.io
                                  IN A
                                  51.38.43.18
                                • flag-fr
                                  GET
                                  https://gofile.io/d/aDhzM5
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /d/aDhzM5 HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  sec-ch-ua-platform: "Windows"
                                  upgrade-insecure-requests: 1
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                  sec-fetch-site: none
                                  sec-fetch-mode: navigate
                                  sec-fetch-user: ?1
                                  sec-fetch-dest: document
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: text/html; charset=UTF-8
                                  date: Tue, 06 Aug 2024 22:37:43 GMT
                                  etag: W/"27a7-190c87768fe"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 10151
                                • flag-fr
                                  GET
                                  https://gofile.io/dist/css/bootstrap.min.css
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /dist/css/bootstrap.min.css HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: text/css,*/*;q=0.1
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: style
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: text/css; charset=UTF-8
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"2fbaa-190c87768da"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 195498
                                • flag-fr
                                  GET
                                  https://gofile.io/dist/css/bootstrap-icons.css
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /dist/css/bootstrap-icons.css HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: text/css,*/*;q=0.1
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: style
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: text/css; charset=UTF-8
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"c869-190c87768da"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 51305
                                • flag-fr
                                  GET
                                  https://gofile.io/dist/css/bootstrap-nightfall.css
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /dist/css/bootstrap-nightfall.css HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: text/css,*/*;q=0.1
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: style
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: text/css; charset=UTF-8
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"17579-190c87768da"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 95609
                                • flag-fr
                                  GET
                                  https://gofile.io/dist/css/plyr.css
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /dist/css/plyr.css HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: text/css,*/*;q=0.1
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: style
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: text/css; charset=UTF-8
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"85ae-190c87768e2"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 34222
                                • flag-fr
                                  GET
                                  https://gofile.io/dist/css/allcss.css
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /dist/css/allcss.css HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: text/css,*/*;q=0.1
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: style
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: text/css; charset=UTF-8
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"758-190c87768d6"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 1880
                                • flag-fr
                                  GET
                                  https://gofile.io/dist/img/logo-small-70.png
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /dist/img/logo-small-70.png HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: image
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: image/png
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"93f-190c87768ea"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 2367
                                • flag-fr
                                  GET
                                  https://gofile.io/dist/js/bootstrap.bundle.min.js
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /dist/js/bootstrap.bundle.min.js HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: */*
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: script
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: application/javascript; charset=UTF-8
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"13a49-190c87768ee"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 80457
                                • flag-fr
                                  GET
                                  https://gofile.io/dist/js/sha256.min.js
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /dist/js/sha256.min.js HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: */*
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: script
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: application/javascript; charset=UTF-8
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"2339-190c87768fe"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 9017
                                • flag-fr
                                  GET
                                  https://gofile.io/dist/js/qrcode.min.js
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /dist/js/qrcode.min.js HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: */*
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: script
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: application/javascript; charset=UTF-8
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"4dda-190c87768fe"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 19930
                                • flag-fr
                                  GET
                                  https://gofile.io/dist/js/dayjs.min.js
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /dist/js/dayjs.min.js HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: */*
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: script
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: application/javascript; charset=UTF-8
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"1a0e-190c87768f6"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 6670
                                • flag-fr
                                  GET
                                  https://gofile.io/dist/js/customParseFormat.js
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /dist/js/customParseFormat.js HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: */*
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: script
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: application/javascript; charset=UTF-8
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"ea2-190c87768f6"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 3746
                                • flag-fr
                                  GET
                                  https://gofile.io/dist/js/marked.min.js
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /dist/js/marked.min.js HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: */*
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: script
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: application/javascript; charset=UTF-8
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"aca2-190c87768fa"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 44194
                                • flag-fr
                                  GET
                                  https://gofile.io/dist/js/plyr.js
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /dist/js/plyr.js HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: */*
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: script
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: application/javascript; charset=UTF-8
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"1b1b2-190c87768fa"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 111026
                                • flag-fr
                                  GET
                                  https://gofile.io/dist/js/chart.umd.min.js
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /dist/js/chart.umd.min.js HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: */*
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: script
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: application/javascript; charset=UTF-8
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"3094c-190c87768f6"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 198988
                                • flag-fr
                                  GET
                                  https://gofile.io/dist/js/alljs.js
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /dist/js/alljs.js HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: */*
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: script
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: application/javascript; charset=UTF-8
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"38e8b-191280c1d3f"
                                  expect-ct: max-age=0
                                  last-modified: Tue, 06 Aug 2024 14:16:08 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 233099
                                • flag-fr
                                  GET
                                  https://gofile.io/dist/css/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /dist/css/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47 HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  origin: https://gofile.io
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: */*
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: cors
                                  sec-fetch-dest: font
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: font/woff2
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"1d9d0-190c87768e2"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 121296
                                • flag-fr
                                  GET
                                  https://gofile.io/dist/img/favicon96.png
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /dist/img/favicon96.png HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: image
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: image/png
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"b46-190c87768ea"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 2886
                                • flag-fr
                                  GET
                                  https://gofile.io/dist/img/favicon32.png
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /dist/img/favicon32.png HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: image
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: image/png
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"387-190c87768ea"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 903
                                • flag-fr
                                  GET
                                  https://gofile.io/dist/img/favicon16.png
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /dist/img/favicon16.png HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: image
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: image/png
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"1f7-190c87768ea"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 503
                                • flag-fr
                                  GET
                                  https://gofile.io/contents/files.html
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /contents/files.html HTTP/2.0
                                  host: gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: */*
                                  sec-fetch-site: same-origin
                                  sec-fetch-mode: cors
                                  sec-fetch-dest: empty
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  cookie: accountToken=xxMSdByz6ONjIDAWCgOU7ngVf4ktGavl
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  alt-svc: h3=":443"; ma=2592000
                                  cache-control: public, max-age=0
                                  content-type: text/html; charset=UTF-8
                                  date: Tue, 06 Aug 2024 22:37:45 GMT
                                  etag: W/"4a1d-190c87768d6"
                                  expect-ct: max-age=0
                                  last-modified: Fri, 19 Jul 2024 00:49:47 GMT
                                  origin-agent-cluster: ?1
                                  referrer-policy: origin
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 18973
                                • flag-us
                                  DNS
                                  126.123.112.45.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  126.123.112.45.in-addr.arpa
                                  IN PTR
                                  Response
                                • flag-us
                                  DNS
                                  api.gofile.io
                                  chrome.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  api.gofile.io
                                  IN A
                                  Response
                                  api.gofile.io
                                  IN A
                                  45.112.123.126
                                  api.gofile.io
                                  IN A
                                  51.38.43.18
                                • flag-fr
                                  POST
                                  https://api.gofile.io/accounts
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  POST /accounts HTTP/2.0
                                  host: api.gofile.io
                                  content-length: 2
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-platform: "Windows"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  content-type: text/plain;charset=UTF-8
                                  accept: */*
                                  origin: https://gofile.io
                                  sec-fetch-site: same-site
                                  sec-fetch-mode: cors
                                  sec-fetch-dest: empty
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  access-control-allow-credentials: true
                                  access-control-allow-headers: Content-Type, Authorization
                                  access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
                                  access-control-allow-origin: https://gofile.io
                                  alt-svc: h3=":443"; ma=2592000
                                  content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
                                  content-type: application/json; charset=utf-8
                                  cross-origin-embedder-policy: require-corp
                                  cross-origin-opener-policy: same-origin
                                  cross-origin-resource-policy: cross-origin
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"b2-mkgHob6a84PiWw+Zr7zOq0GaRyU"
                                  origin-agent-cluster: ?1
                                  referrer-policy: no-referrer
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 178
                                • flag-fr
                                  OPTIONS
                                  https://api.gofile.io/accounts/d93de790-acbd-49b4-9384-447aab82dddf
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  OPTIONS /accounts/d93de790-acbd-49b4-9384-447aab82dddf HTTP/2.0
                                  host: api.gofile.io
                                  accept: */*
                                  access-control-request-method: GET
                                  access-control-request-headers: authorization
                                  origin: https://gofile.io
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-fetch-mode: cors
                                  sec-fetch-site: same-site
                                  sec-fetch-dest: empty
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  access-control-allow-credentials: true
                                  access-control-allow-headers: Content-Type, Authorization
                                  access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
                                  access-control-allow-origin: https://gofile.io
                                  allow: GET,HEAD
                                  alt-svc: h3=":443"; ma=2592000
                                  content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
                                  content-type: text/html; charset=utf-8
                                  cross-origin-embedder-policy: require-corp
                                  cross-origin-opener-policy: same-origin
                                  cross-origin-resource-policy: cross-origin
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
                                  origin-agent-cluster: ?1
                                  referrer-policy: no-referrer
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 8
                                • flag-fr
                                  GET
                                  https://api.gofile.io/accounts/d93de790-acbd-49b4-9384-447aab82dddf
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /accounts/d93de790-acbd-49b4-9384-447aab82dddf HTTP/2.0
                                  host: api.gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  authorization: Bearer xxMSdByz6ONjIDAWCgOU7ngVf4ktGavl
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: */*
                                  origin: https://gofile.io
                                  sec-fetch-site: same-site
                                  sec-fetch-mode: cors
                                  sec-fetch-dest: empty
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  access-control-allow-credentials: true
                                  access-control-allow-headers: Content-Type, Authorization
                                  access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
                                  access-control-allow-origin: https://gofile.io
                                  alt-svc: h3=":443"; ma=2592000
                                  content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
                                  content-type: application/json; charset=utf-8
                                  cross-origin-embedder-policy: require-corp
                                  cross-origin-opener-policy: same-origin
                                  cross-origin-resource-policy: cross-origin
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  etag: W/"111-nxGin8snAb5nZ+EqThi78lH00yI"
                                  origin-agent-cluster: ?1
                                  referrer-policy: no-referrer
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 273
                                • flag-fr
                                  OPTIONS
                                  https://api.gofile.io/contents/aDhzM5?wt=4fd6sg89d7s6
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  OPTIONS /contents/aDhzM5?wt=4fd6sg89d7s6 HTTP/2.0
                                  host: api.gofile.io
                                  accept: */*
                                  access-control-request-method: GET
                                  access-control-request-headers: authorization
                                  origin: https://gofile.io
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-fetch-mode: cors
                                  sec-fetch-site: same-site
                                  sec-fetch-dest: empty
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  access-control-allow-credentials: true
                                  access-control-allow-headers: Content-Type, Authorization
                                  access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
                                  access-control-allow-origin: https://gofile.io
                                  allow: GET,HEAD
                                  alt-svc: h3=":443"; ma=2592000
                                  content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
                                  content-type: text/html; charset=utf-8
                                  cross-origin-embedder-policy: require-corp
                                  cross-origin-opener-policy: same-origin
                                  cross-origin-resource-policy: cross-origin
                                  date: Tue, 06 Aug 2024 22:37:45 GMT
                                  etag: W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
                                  origin-agent-cluster: ?1
                                  referrer-policy: no-referrer
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 8
                                • flag-fr
                                  GET
                                  https://api.gofile.io/contents/aDhzM5?wt=4fd6sg89d7s6
                                  chrome.exe
                                  Remote address:
                                  45.112.123.126:443
                                  Request
                                  GET /contents/aDhzM5?wt=4fd6sg89d7s6 HTTP/2.0
                                  host: api.gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  authorization: Bearer xxMSdByz6ONjIDAWCgOU7ngVf4ktGavl
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: */*
                                  origin: https://gofile.io
                                  sec-fetch-site: same-site
                                  sec-fetch-mode: cors
                                  sec-fetch-dest: empty
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 200
                                  access-control-allow-credentials: true
                                  access-control-allow-headers: Content-Type, Authorization
                                  access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, HEAD
                                  access-control-allow-origin: https://gofile.io
                                  alt-svc: h3=":443"; ma=2592000
                                  content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
                                  content-type: application/json; charset=utf-8
                                  cross-origin-embedder-policy: require-corp
                                  cross-origin-opener-policy: same-origin
                                  cross-origin-resource-policy: cross-origin
                                  date: Tue, 06 Aug 2024 22:37:45 GMT
                                  etag: W/"30d-Oq/C2kxtJawQvTSyNU//u6MW0wQ"
                                  origin-agent-cluster: ?1
                                  referrer-policy: no-referrer
                                  server: Caddy
                                  strict-transport-security: max-age=15552000; includeSubDomains
                                  x-content-type-options: nosniff
                                  x-dns-prefetch-control: off
                                  x-download-options: noopen
                                  x-frame-options: SAMEORIGIN
                                  x-permitted-cross-domain-policies: none
                                  x-xss-protection: 0
                                  content-length: 781
                                • flag-us
                                  DNS
                                  s.gofile.io
                                  chrome.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  s.gofile.io
                                  IN A
                                  Response
                                  s.gofile.io
                                  IN A
                                  51.75.242.210
                                • flag-fr
                                  GET
                                  https://s.gofile.io/js/script.js
                                  chrome.exe
                                  Remote address:
                                  51.75.242.210:443
                                  Request
                                  GET /js/script.js HTTP/2.0
                                  host: s.gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  sec-ch-ua-platform: "Windows"
                                  accept: */*
                                  sec-fetch-site: same-site
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: script
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  cookie: accountToken=xxMSdByz6ONjIDAWCgOU7ngVf4ktGavl
                                  Response
                                  HTTP/2.0 200
                                  access-control-allow-origin: *
                                  cache-control: public, max-age=86400, must-revalidate
                                  content-type: application/javascript
                                  cross-origin-resource-policy: cross-origin
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  server: Cowboy
                                  x-content-type-options: nosniff
                                  content-length: 1346
                                • flag-us
                                  DNS
                                  210.242.75.51.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  210.242.75.51.in-addr.arpa
                                  IN PTR
                                  Response
                                  210.242.75.51.in-addr.arpa
                                  IN PTR
                                  mailgofileio
                                • flag-us
                                  DNS
                                  content-autofill.googleapis.com
                                  chrome.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  content-autofill.googleapis.com
                                  IN A
                                  Response
                                  content-autofill.googleapis.com
                                  IN A
                                  142.250.179.138
                                  content-autofill.googleapis.com
                                  IN A
                                  172.217.168.234
                                  content-autofill.googleapis.com
                                  IN A
                                  216.58.214.10
                                  content-autofill.googleapis.com
                                  IN A
                                  172.217.23.202
                                  content-autofill.googleapis.com
                                  IN A
                                  142.251.39.106
                                  content-autofill.googleapis.com
                                  IN A
                                  142.251.36.42
                                  content-autofill.googleapis.com
                                  IN A
                                  142.251.36.10
                                  content-autofill.googleapis.com
                                  IN A
                                  142.250.179.202
                                  content-autofill.googleapis.com
                                  IN A
                                  142.250.179.170
                                  content-autofill.googleapis.com
                                  IN A
                                  172.217.168.202
                                • flag-nl
                                  GET
                                  https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQmYyA9JLGj4_xIFDRVSgeIhSFNHZYdHaPY=?alt=proto
                                  chrome.exe
                                  Remote address:
                                  142.250.179.138:443
                                  Request
                                  GET /v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQmYyA9JLGj4_xIFDRVSgeIhSFNHZYdHaPY=?alt=proto HTTP/2.0
                                  host: content-autofill.googleapis.com
                                  x-goog-encode-response-if-executable: base64
                                  x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                                  x-client-data: CN7nygE=
                                  sec-fetch-site: none
                                  sec-fetch-mode: no-cors
                                  sec-fetch-dest: empty
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                • flag-fr
                                  POST
                                  https://s.gofile.io/api/event
                                  chrome.exe
                                  Remote address:
                                  51.75.242.210:443
                                  Request
                                  POST /api/event HTTP/2.0
                                  host: s.gofile.io
                                  content-length: 74
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-platform: "Windows"
                                  sec-ch-ua-mobile: ?0
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  content-type: text/plain
                                  accept: */*
                                  origin: https://gofile.io
                                  sec-fetch-site: same-site
                                  sec-fetch-mode: cors
                                  sec-fetch-dest: empty
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  Response
                                  HTTP/2.0 202
                                  access-control-allow-credentials: true
                                  access-control-allow-origin: *
                                  access-control-expose-headers:
                                  cache-control: max-age=0, private, must-revalidate
                                  content-type: text/plain; charset=utf-8
                                  date: Tue, 06 Aug 2024 22:37:44 GMT
                                  server: Cowboy
                                  x-request-id: F-lEsl96YjyFZDAq07HD
                                  content-length: 2
                                • flag-us
                                  DNS
                                  138.179.250.142.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  138.179.250.142.in-addr.arpa
                                  IN PTR
                                  Response
                                  138.179.250.142.in-addr.arpa
                                  IN PTR
                                  ams17s10-in-f101e100net
                                • flag-us
                                  DNS
                                  183.59.114.20.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  183.59.114.20.in-addr.arpa
                                  IN PTR
                                  Response
                                • flag-us
                                  DNS
                                  171.39.242.20.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  171.39.242.20.in-addr.arpa
                                  IN PTR
                                  Response
                                • flag-us
                                  DNS
                                  store8.gofile.io
                                  chrome.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  store8.gofile.io
                                  IN A
                                  Response
                                  store8.gofile.io
                                  IN A
                                  206.168.191.31
                                • flag-us
                                  GET
                                  https://store8.gofile.io/download/web/5d0668c3-64f2-4b7b-88de-7c238deb3f38/Rise.zip
                                  chrome.exe
                                  Remote address:
                                  206.168.191.31:443
                                  Request
                                  GET /download/web/5d0668c3-64f2-4b7b-88de-7c238deb3f38/Rise.zip HTTP/2.0
                                  host: store8.gofile.io
                                  sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                  sec-ch-ua-mobile: ?0
                                  sec-ch-ua-platform: "Windows"
                                  upgrade-insecure-requests: 1
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                  sec-fetch-site: same-site
                                  sec-fetch-mode: navigate
                                  sec-fetch-user: ?1
                                  sec-fetch-dest: document
                                  referer: https://gofile.io/
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                  cookie: accountToken=xxMSdByz6ONjIDAWCgOU7ngVf4ktGavl
                                  Response
                                  HTTP/2.0 200
                                  accept-ranges: bytes
                                  access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type, Content-Length, Range, Authorization
                                  access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
                                  access-control-allow-origin: *
                                  access-control-expose-headers: Cache-Control, Content-Encoding, Content-Range
                                  alt-svc: h3=":443"; ma=2592000
                                  content-disposition: attachment; filename*=UTF-8''Rise.zip
                                  content-type: application/zip
                                  date: Tue, 06 Aug 2024 22:37:48 GMT
                                  last-modified: Mon, 05 Aug 2024 09:26:04 GMT
                                  server: Caddy
                                  content-length: 21783021
                                • flag-us
                                  DNS
                                  31.191.168.206.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  31.191.168.206.in-addr.arpa
                                  IN PTR
                                  Response
                                • flag-us
                                  DNS
                                  0.205.248.87.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  0.205.248.87.in-addr.arpa
                                  IN PTR
                                  Response
                                  0.205.248.87.in-addr.arpa
                                  IN PTR
                                  https-87-248-205-0lgwllnwnet
                                • flag-us
                                  DNS
                                  30.243.111.52.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  30.243.111.52.in-addr.arpa
                                  IN PTR
                                  Response
                                • flag-us
                                  DNS
                                  beacons.gcp.gvt2.com
                                  chrome.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  beacons.gcp.gvt2.com
                                  IN A
                                  Response
                                  beacons.gcp.gvt2.com
                                  IN CNAME
                                  beacons-handoff.gcp.gvt2.com
                                  beacons-handoff.gcp.gvt2.com
                                  IN A
                                  142.250.69.3
                                • flag-us
                                  POST
                                  https://beacons.gcp.gvt2.com/domainreliability/upload
                                  chrome.exe
                                  Remote address:
                                  142.250.69.3:443
                                  Request
                                  POST /domainreliability/upload HTTP/2.0
                                  host: beacons.gcp.gvt2.com
                                  content-length: 1057
                                  content-type: application/json; charset=utf-8
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                • flag-us
                                  POST
                                  https://beacons.gcp.gvt2.com/domainreliability/upload
                                  chrome.exe
                                  Remote address:
                                  142.250.69.3:443
                                  Request
                                  POST /domainreliability/upload HTTP/2.0
                                  host: beacons.gcp.gvt2.com
                                  content-length: 336
                                  content-type: application/json; charset=utf-8
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                • flag-us
                                  DNS
                                  beacons4.gvt2.com
                                  chrome.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  beacons4.gvt2.com
                                  IN A
                                  Response
                                  beacons4.gvt2.com
                                  IN A
                                  216.239.32.116
                                • flag-us
                                  OPTIONS
                                  https://beacons4.gvt2.com/domainreliability/upload-nel
                                  chrome.exe
                                  Remote address:
                                  216.239.32.116:443
                                  Request
                                  OPTIONS /domainreliability/upload-nel HTTP/2.0
                                  host: beacons4.gvt2.com
                                  origin: https://beacons.gcp.gvt2.com
                                  access-control-request-method: POST
                                  access-control-request-headers: content-type
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                • flag-us
                                  POST
                                  https://beacons4.gvt2.com/domainreliability/upload-nel
                                  chrome.exe
                                  Remote address:
                                  216.239.32.116:443
                                  Request
                                  POST /domainreliability/upload-nel HTTP/2.0
                                  host: beacons4.gvt2.com
                                  content-length: 401
                                  content-type: application/reports+json
                                  user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                  accept-encoding: gzip, deflate, br, zstd
                                  accept-language: en-US,en;q=0.9
                                • flag-us
                                  DNS
                                  3.69.250.142.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  3.69.250.142.in-addr.arpa
                                  IN PTR
                                  Response
                                  3.69.250.142.in-addr.arpa
                                  IN PTR
                                  lcphxq-aa-in-f31e100net
                                  3.69.250.142.in-addr.arpa
                                  IN PTR
                                  qro02s18-in-f3�G
                                • flag-us
                                  DNS
                                  116.32.239.216.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  116.32.239.216.in-addr.arpa
                                  IN PTR
                                  Response
                                  116.32.239.216.in-addr.arpa
                                  IN PTR
                                  e2agooglecom
                                • flag-us
                                  DNS
                                  11.173.189.20.in-addr.arpa
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  11.173.189.20.in-addr.arpa
                                  IN PTR
                                  Response
                                • flag-us
                                  DNS
                                  beacons.gcp.gvt2.com
                                  chrome.exe
                                  Remote address:
                                  8.8.8.8:53
                                  Request
                                  beacons.gcp.gvt2.com
                                  IN A
                                  Response
                                  beacons.gcp.gvt2.com
                                  IN CNAME
                                  beacons-handoff.gcp.gvt2.com
                                  beacons-handoff.gcp.gvt2.com
                                  IN A
                                  142.250.69.3
                                • 204.79.197.237:443
                                  https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=b3edeaf09431400fa17f3fba4a24ec8f&localId=w:F595C12A-38F0-79CD-7666-DE379BE74C7C&deviceId=6966569430194623&anid=
                                  tls, http2
                                  2.0kB
                                  9.3kB
                                  22
                                  19

                                  HTTP Request

                                  GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=b3edeaf09431400fa17f3fba4a24ec8f&localId=w:F595C12A-38F0-79CD-7666-DE379BE74C7C&deviceId=6966569430194623&anid=

                                  HTTP Response

                                  204

                                  HTTP Request

                                  GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=b3edeaf09431400fa17f3fba4a24ec8f&localId=w:F595C12A-38F0-79CD-7666-DE379BE74C7C&deviceId=6966569430194623&anid=

                                  HTTP Response

                                  204

                                  HTTP Request

                                  GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=b3edeaf09431400fa17f3fba4a24ec8f&localId=w:F595C12A-38F0-79CD-7666-DE379BE74C7C&deviceId=6966569430194623&anid=

                                  HTTP Response

                                  204
                                • 162.125.64.18:443
                                  www.dropbox.com
                                  tls
                                  javaw.exe
                                  1.4kB
                                  6.0kB
                                  13
                                  14
                                • 162.125.64.18:443
                                  www.dropbox.com
                                  tls
                                  javaw.exe
                                  1.7kB
                                  5.3kB
                                  13
                                  11
                                • 162.125.64.15:443
                                  ucbf8a56fd708e2f3bffe3fe1009.dl.dropboxusercontent.com
                                  tls
                                  javaw.exe
                                  1.6kB
                                  6.0kB
                                  14
                                  13
                                • 162.125.64.18:443
                                  www.dropbox.com
                                  tls
                                  javaw.exe
                                  1.6kB
                                  2.7kB
                                  11
                                  11
                                • 162.125.64.18:443
                                  www.dropbox.com
                                  tls
                                  javaw.exe
                                  1.7kB
                                  5.4kB
                                  12
                                  13
                                • 162.125.64.15:443
                                  uc4ff547442f865456953eebbb60.dl.dropboxusercontent.com
                                  tls
                                  javaw.exe
                                  9.7kB
                                  492.6kB
                                  187
                                  362
                                • 13.107.246.64:443
                                  launchermeta.mojang.com
                                  tls
                                  javaw.exe
                                  4.2kB
                                  184.9kB
                                  77
                                  139
                                • 74.114.154.18:80
                                  http://iniciolauncherfx.tumblr.com/
                                  http
                                  javaw.exe
                                  726 B
                                  731 B
                                  6
                                  4

                                  HTTP Request

                                  GET http://iniciolauncherfx.tumblr.com/

                                  HTTP Response

                                  302
                                • 104.21.72.175:80
                                  profile.launcherfenix.com.ar
                                  javaw.exe
                                  190 B
                                  132 B
                                  4
                                  3
                                • 104.21.72.175:80
                                  http://mc.launcherfenix.com.ar/modsloader/mcforge/version_manifest.json
                                  http
                                  javaw.exe
                                  568 B
                                  4.5kB
                                  7
                                  7

                                  HTTP Request

                                  GET http://mc.launcherfenix.com.ar/modsloader/mcforge/version_manifest.json

                                  HTTP Response

                                  200
                                • 74.114.154.18:443
                                  iniciolauncherfx.tumblr.com
                                  tls
                                  javaw.exe
                                  1.6kB
                                  14.9kB
                                  16
                                  20
                                • 192.0.77.40:443
                                  assets.tumblr.com
                                  tls
                                  javaw.exe
                                  1.6kB
                                  7.0kB
                                  14
                                  13
                                • 192.0.77.40:443
                                  assets.tumblr.com
                                  tls
                                  javaw.exe
                                  1.4kB
                                  5.2kB
                                  12
                                  10
                                • 192.0.77.40:443
                                  px.srvcs.tumblr.com
                                  tls
                                  javaw.exe
                                  2.2kB
                                  6.3kB
                                  13
                                  13
                                • 192.0.77.40:443
                                  px.srvcs.tumblr.com
                                  tls
                                  javaw.exe
                                  1.7kB
                                  6.4kB
                                  13
                                  14
                                • 192.0.77.40:443
                                  static.tumblr.com
                                  tls
                                  javaw.exe
                                  1.5kB
                                  4.8kB
                                  12
                                  9
                                • 142.250.179.196:443
                                  https://www.google.com/async/newtab_promos
                                  tls, http2
                                  chrome.exe
                                  2.4kB
                                  10.1kB
                                  27
                                  31

                                  HTTP Request

                                  GET https://www.google.com/async/ddljson?async=ntp:2

                                  HTTP Request

                                  GET https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0

                                  HTTP Request

                                  GET https://www.google.com/async/newtab_promos
                                • 172.217.23.206:443
                                  clients2.google.com
                                  tls, http2
                                  chrome.exe
                                  1.1kB
                                  8.2kB
                                  11
                                  11
                                • 45.112.123.126:443
                                  https://gofile.io/contents/files.html
                                  tls, http2
                                  chrome.exe
                                  38.2kB
                                  1.3MB
                                  665
                                  980

                                  HTTP Request

                                  GET https://gofile.io/d/aDhzM5

                                  HTTP Response

                                  200

                                  HTTP Request

                                  GET https://gofile.io/dist/css/bootstrap.min.css

                                  HTTP Request

                                  GET https://gofile.io/dist/css/bootstrap-icons.css

                                  HTTP Request

                                  GET https://gofile.io/dist/css/bootstrap-nightfall.css

                                  HTTP Request

                                  GET https://gofile.io/dist/css/plyr.css

                                  HTTP Request

                                  GET https://gofile.io/dist/css/allcss.css

                                  HTTP Request

                                  GET https://gofile.io/dist/img/logo-small-70.png

                                  HTTP Request

                                  GET https://gofile.io/dist/js/bootstrap.bundle.min.js

                                  HTTP Request

                                  GET https://gofile.io/dist/js/sha256.min.js

                                  HTTP Request

                                  GET https://gofile.io/dist/js/qrcode.min.js

                                  HTTP Request

                                  GET https://gofile.io/dist/js/dayjs.min.js

                                  HTTP Request

                                  GET https://gofile.io/dist/js/customParseFormat.js

                                  HTTP Request

                                  GET https://gofile.io/dist/js/marked.min.js

                                  HTTP Request

                                  GET https://gofile.io/dist/js/plyr.js

                                  HTTP Request

                                  GET https://gofile.io/dist/js/chart.umd.min.js

                                  HTTP Request

                                  GET https://gofile.io/dist/js/alljs.js

                                  HTTP Response

                                  200

                                  HTTP Response

                                  200

                                  HTTP Response

                                  200

                                  HTTP Response

                                  200

                                  HTTP Response

                                  200

                                  HTTP Response

                                  200

                                  HTTP Response

                                  200

                                  HTTP Response

                                  200

                                  HTTP Response

                                  200

                                  HTTP Response

                                  200

                                  HTTP Response

                                  200

                                  HTTP Response

                                  200

                                  HTTP Response

                                  200

                                  HTTP Response

                                  200

                                  HTTP Response

                                  200

                                  HTTP Request

                                  GET https://gofile.io/dist/css/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47

                                  HTTP Response

                                  200

                                  HTTP Request

                                  GET https://gofile.io/dist/img/favicon96.png

                                  HTTP Response

                                  200

                                  HTTP Request

                                  GET https://gofile.io/dist/img/favicon32.png

                                  HTTP Response

                                  200

                                  HTTP Request

                                  GET https://gofile.io/dist/img/favicon16.png

                                  HTTP Response

                                  200

                                  HTTP Request

                                  GET https://gofile.io/contents/files.html

                                  HTTP Response

                                  200
                                • 45.112.123.126:443
                                  gofile.io
                                  tls, http2
                                  chrome.exe
                                  1.1kB
                                  4.7kB
                                  10
                                  9
                                • 45.112.123.126:443
                                  https://api.gofile.io/contents/aDhzM5?wt=4fd6sg89d7s6
                                  tls, http2
                                  chrome.exe
                                  3.5kB
                                  8.8kB
                                  42
                                  42

                                  HTTP Request

                                  POST https://api.gofile.io/accounts

                                  HTTP Response

                                  200

                                  HTTP Request

                                  OPTIONS https://api.gofile.io/accounts/d93de790-acbd-49b4-9384-447aab82dddf

                                  HTTP Response

                                  200

                                  HTTP Request

                                  GET https://api.gofile.io/accounts/d93de790-acbd-49b4-9384-447aab82dddf

                                  HTTP Response

                                  200

                                  HTTP Request

                                  OPTIONS https://api.gofile.io/contents/aDhzM5?wt=4fd6sg89d7s6

                                  HTTP Response

                                  200

                                  HTTP Request

                                  GET https://api.gofile.io/contents/aDhzM5?wt=4fd6sg89d7s6

                                  HTTP Response

                                  200
                                • 51.75.242.210:443
                                  https://s.gofile.io/js/script.js
                                  tls, http2
                                  chrome.exe
                                  2.5kB
                                  6.4kB
                                  20
                                  19

                                  HTTP Request

                                  GET https://s.gofile.io/js/script.js

                                  HTTP Response

                                  200
                                • 142.250.179.138:443
                                  https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQmYyA9JLGj4_xIFDRVSgeIhSFNHZYdHaPY=?alt=proto
                                  tls, http2
                                  chrome.exe
                                  2.1kB
                                  7.0kB
                                  20
                                  20

                                  HTTP Request

                                  GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQmYyA9JLGj4_xIFDRVSgeIhSFNHZYdHaPY=?alt=proto
                                • 51.75.242.210:443
                                  https://s.gofile.io/api/event
                                  tls, http2
                                  chrome.exe
                                  2.7kB
                                  5.1kB
                                  20
                                  18

                                  HTTP Request

                                  POST https://s.gofile.io/api/event

                                  HTTP Response

                                  202
                                • 206.168.191.31:443
                                  https://store8.gofile.io/download/web/5d0668c3-64f2-4b7b-88de-7c238deb3f38/Rise.zip
                                  tls, http2
                                  chrome.exe
                                  984.5kB
                                  22.7MB
                                  15053
                                  16280

                                  HTTP Request

                                  GET https://store8.gofile.io/download/web/5d0668c3-64f2-4b7b-88de-7c238deb3f38/Rise.zip

                                  HTTP Response

                                  200
                                • 206.168.191.31:443
                                  store8.gofile.io
                                  tls, http2
                                  chrome.exe
                                  1.1kB
                                  4.7kB
                                  9
                                  8
                                • 142.250.69.3:443
                                  https://beacons.gcp.gvt2.com/domainreliability/upload
                                  tls, http2
                                  chrome.exe
                                  4.0kB
                                  7.7kB
                                  28
                                  29

                                  HTTP Request

                                  POST https://beacons.gcp.gvt2.com/domainreliability/upload

                                  HTTP Request

                                  POST https://beacons.gcp.gvt2.com/domainreliability/upload
                                • 216.239.32.116:443
                                  https://beacons4.gvt2.com/domainreliability/upload-nel
                                  tls, http2
                                  chrome.exe
                                  2.9kB
                                  8.2kB
                                  27
                                  28

                                  HTTP Request

                                  OPTIONS https://beacons4.gvt2.com/domainreliability/upload-nel

                                  HTTP Request

                                  POST https://beacons4.gvt2.com/domainreliability/upload-nel
                                • 8.8.8.8:53
                                  g.bing.com
                                  dns
                                  56 B
                                  151 B
                                  1
                                  1

                                  DNS Request

                                  g.bing.com

                                  DNS Response

                                  204.79.197.237
                                  13.107.21.237

                                • 8.8.8.8:53
                                  8.8.8.8.in-addr.arpa
                                  dns
                                  66 B
                                  90 B
                                  1
                                  1

                                  DNS Request

                                  8.8.8.8.in-addr.arpa

                                • 8.8.8.8:53
                                  71.31.126.40.in-addr.arpa
                                  dns
                                  71 B
                                  157 B
                                  1
                                  1

                                  DNS Request

                                  71.31.126.40.in-addr.arpa

                                • 8.8.8.8:53
                                  240.221.184.93.in-addr.arpa
                                  dns
                                  73 B
                                  144 B
                                  1
                                  1

                                  DNS Request

                                  240.221.184.93.in-addr.arpa

                                • 8.8.8.8:53
                                  237.197.79.204.in-addr.arpa
                                  dns
                                  73 B
                                  143 B
                                  1
                                  1

                                  DNS Request

                                  237.197.79.204.in-addr.arpa

                                • 8.8.8.8:53
                                  88.156.103.20.in-addr.arpa
                                  dns
                                  72 B
                                  158 B
                                  1
                                  1

                                  DNS Request

                                  88.156.103.20.in-addr.arpa

                                • 8.8.8.8:53
                                  www.dropbox.com
                                  dns
                                  javaw.exe
                                  61 B
                                  111 B
                                  1
                                  1

                                  DNS Request

                                  www.dropbox.com

                                  DNS Response

                                  162.125.64.18

                                • 8.8.8.8:53
                                  18.64.125.162.in-addr.arpa
                                  dns
                                  72 B
                                  122 B
                                  1
                                  1

                                  DNS Request

                                  18.64.125.162.in-addr.arpa

                                • 8.8.8.8:53
                                  ucbf8a56fd708e2f3bffe3fe1009.dl.dropboxusercontent.com
                                  dns
                                  javaw.exe
                                  100 B
                                  161 B
                                  1
                                  1

                                  DNS Request

                                  ucbf8a56fd708e2f3bffe3fe1009.dl.dropboxusercontent.com

                                  DNS Response

                                  162.125.64.15

                                • 8.8.8.8:53
                                  15.64.125.162.in-addr.arpa
                                  dns
                                  72 B
                                  122 B
                                  1
                                  1

                                  DNS Request

                                  15.64.125.162.in-addr.arpa

                                • 8.8.8.8:53
                                  uc4ff547442f865456953eebbb60.dl.dropboxusercontent.com
                                  dns
                                  javaw.exe
                                  100 B
                                  161 B
                                  1
                                  1

                                  DNS Request

                                  uc4ff547442f865456953eebbb60.dl.dropboxusercontent.com

                                  DNS Response

                                  162.125.64.15

                                • 8.8.8.8:53
                                  launchermeta.mojang.com
                                  dns
                                  javaw.exe
                                  69 B
                                  282 B
                                  1
                                  1

                                  DNS Request

                                  launchermeta.mojang.com

                                  DNS Response

                                  13.107.246.64

                                • 8.8.8.8:53
                                  iniciolauncherfx.tumblr.com
                                  dns
                                  javaw.exe
                                  73 B
                                  105 B
                                  1
                                  1

                                  DNS Request

                                  iniciolauncherfx.tumblr.com

                                  DNS Response

                                  74.114.154.18
                                  74.114.154.22

                                • 8.8.8.8:53
                                  profile.launcherfenix.com.ar
                                  dns
                                  javaw.exe
                                  74 B
                                  106 B
                                  1
                                  1

                                  DNS Request

                                  profile.launcherfenix.com.ar

                                  DNS Response

                                  104.21.72.175
                                  172.67.153.84

                                • 8.8.8.8:53
                                  mc.launcherfenix.com.ar
                                  dns
                                  javaw.exe
                                  69 B
                                  101 B
                                  1
                                  1

                                  DNS Request

                                  mc.launcherfenix.com.ar

                                  DNS Response

                                  104.21.72.175
                                  172.67.153.84

                                • 8.8.8.8:53
                                  18.154.114.74.in-addr.arpa
                                  dns
                                  72 B
                                  137 B
                                  1
                                  1

                                  DNS Request

                                  18.154.114.74.in-addr.arpa

                                • 8.8.8.8:53
                                  64.246.107.13.in-addr.arpa
                                  dns
                                  72 B
                                  158 B
                                  1
                                  1

                                  DNS Request

                                  64.246.107.13.in-addr.arpa

                                • 8.8.8.8:53
                                  175.72.21.104.in-addr.arpa
                                  dns
                                  72 B
                                  134 B
                                  1
                                  1

                                  DNS Request

                                  175.72.21.104.in-addr.arpa

                                • 8.8.8.8:53
                                  assets.tumblr.com
                                  dns
                                  javaw.exe
                                  63 B
                                  79 B
                                  1
                                  1

                                  DNS Request

                                  assets.tumblr.com

                                  DNS Response

                                  192.0.77.40

                                • 8.8.8.8:53
                                  px.srvcs.tumblr.com
                                  dns
                                  javaw.exe
                                  65 B
                                  81 B
                                  1
                                  1

                                  DNS Request

                                  px.srvcs.tumblr.com

                                  DNS Response

                                  192.0.77.40

                                • 8.8.8.8:53
                                  static.tumblr.com
                                  dns
                                  javaw.exe
                                  63 B
                                  79 B
                                  1
                                  1

                                  DNS Request

                                  static.tumblr.com

                                  DNS Response

                                  192.0.77.40

                                • 8.8.8.8:53
                                  40.77.0.192.in-addr.arpa
                                  dns
                                  70 B
                                  101 B
                                  1
                                  1

                                  DNS Request

                                  40.77.0.192.in-addr.arpa

                                • 8.8.8.8:53
                                  www.google.com
                                  dns
                                  chrome.exe
                                  60 B
                                  76 B
                                  1
                                  1

                                  DNS Request

                                  www.google.com

                                  DNS Response

                                  142.250.179.196

                                • 142.250.179.196:443
                                  www.google.com
                                  https
                                  chrome.exe
                                  3.3kB
                                  17.6kB
                                  19
                                  23
                                • 8.8.8.8:53
                                  131.179.250.142.in-addr.arpa
                                  dns
                                  74 B
                                  112 B
                                  1
                                  1

                                  DNS Request

                                  131.179.250.142.in-addr.arpa

                                • 8.8.8.8:53
                                  170.179.250.142.in-addr.arpa
                                  dns
                                  74 B
                                  113 B
                                  1
                                  1

                                  DNS Request

                                  170.179.250.142.in-addr.arpa

                                • 8.8.8.8:53
                                  196.179.250.142.in-addr.arpa
                                  dns
                                  74 B
                                  112 B
                                  1
                                  1

                                  DNS Request

                                  196.179.250.142.in-addr.arpa

                                • 224.0.0.251:5353
                                  chrome.exe
                                  204 B
                                  3
                                • 8.8.8.8:53
                                  clients2.google.com
                                  dns
                                  chrome.exe
                                  65 B
                                  105 B
                                  1
                                  1

                                  DNS Request

                                  clients2.google.com

                                  DNS Response

                                  172.217.23.206

                                • 172.217.23.206:443
                                  clients2.google.com
                                  https
                                  chrome.exe
                                  3.9kB
                                  8.3kB
                                  14
                                  13
                                • 8.8.8.8:53
                                  206.23.217.172.in-addr.arpa
                                  dns
                                  73 B
                                  173 B
                                  1
                                  1

                                  DNS Request

                                  206.23.217.172.in-addr.arpa

                                • 8.8.8.8:53
                                  gofile.io
                                  dns
                                  chrome.exe
                                  55 B
                                  87 B
                                  1
                                  1

                                  DNS Request

                                  gofile.io

                                  DNS Response

                                  45.112.123.126
                                  51.38.43.18

                                • 45.112.123.126:443
                                  gofile.io
                                  https
                                  chrome.exe
                                  6.4kB
                                  5
                                • 8.8.8.8:53
                                  126.123.112.45.in-addr.arpa
                                  dns
                                  73 B
                                  127 B
                                  1
                                  1

                                  DNS Request

                                  126.123.112.45.in-addr.arpa

                                • 8.8.8.8:53
                                  api.gofile.io
                                  dns
                                  chrome.exe
                                  59 B
                                  91 B
                                  1
                                  1

                                  DNS Request

                                  api.gofile.io

                                  DNS Response

                                  45.112.123.126
                                  51.38.43.18

                                • 45.112.123.126:443
                                  api.gofile.io
                                  https
                                  chrome.exe
                                  6.4kB
                                  5
                                • 8.8.8.8:53
                                  s.gofile.io
                                  dns
                                  chrome.exe
                                  57 B
                                  73 B
                                  1
                                  1

                                  DNS Request

                                  s.gofile.io

                                  DNS Response

                                  51.75.242.210

                                • 8.8.8.8:53
                                  210.242.75.51.in-addr.arpa
                                  dns
                                  72 B
                                  100 B
                                  1
                                  1

                                  DNS Request

                                  210.242.75.51.in-addr.arpa

                                • 8.8.8.8:53
                                  content-autofill.googleapis.com
                                  dns
                                  chrome.exe
                                  77 B
                                  237 B
                                  1
                                  1

                                  DNS Request

                                  content-autofill.googleapis.com

                                  DNS Response

                                  142.250.179.138
                                  172.217.168.234
                                  216.58.214.10
                                  172.217.23.202
                                  142.251.39.106
                                  142.251.36.42
                                  142.251.36.10
                                  142.250.179.202
                                  142.250.179.170
                                  172.217.168.202

                                • 8.8.8.8:53
                                  138.179.250.142.in-addr.arpa
                                  dns
                                  74 B
                                  113 B
                                  1
                                  1

                                  DNS Request

                                  138.179.250.142.in-addr.arpa

                                • 8.8.8.8:53
                                  183.59.114.20.in-addr.arpa
                                  dns
                                  72 B
                                  158 B
                                  1
                                  1

                                  DNS Request

                                  183.59.114.20.in-addr.arpa

                                • 8.8.8.8:53
                                  171.39.242.20.in-addr.arpa
                                  dns
                                  72 B
                                  158 B
                                  1
                                  1

                                  DNS Request

                                  171.39.242.20.in-addr.arpa

                                • 8.8.8.8:53
                                  store8.gofile.io
                                  dns
                                  chrome.exe
                                  62 B
                                  78 B
                                  1
                                  1

                                  DNS Request

                                  store8.gofile.io

                                  DNS Response

                                  206.168.191.31

                                • 8.8.8.8:53
                                  31.191.168.206.in-addr.arpa
                                  dns
                                  73 B
                                  142 B
                                  1
                                  1

                                  DNS Request

                                  31.191.168.206.in-addr.arpa

                                • 8.8.8.8:53
                                  0.205.248.87.in-addr.arpa
                                  dns
                                  71 B
                                  116 B
                                  1
                                  1

                                  DNS Request

                                  0.205.248.87.in-addr.arpa

                                • 8.8.8.8:53
                                  30.243.111.52.in-addr.arpa
                                  dns
                                  72 B
                                  158 B
                                  1
                                  1

                                  DNS Request

                                  30.243.111.52.in-addr.arpa

                                • 8.8.8.8:53
                                  beacons.gcp.gvt2.com
                                  dns
                                  chrome.exe
                                  66 B
                                  112 B
                                  1
                                  1

                                  DNS Request

                                  beacons.gcp.gvt2.com

                                  DNS Response

                                  142.250.69.3

                                • 8.8.8.8:53
                                  beacons4.gvt2.com
                                  dns
                                  chrome.exe
                                  63 B
                                  79 B
                                  1
                                  1

                                  DNS Request

                                  beacons4.gvt2.com

                                  DNS Response

                                  216.239.32.116

                                • 216.239.32.116:443
                                  beacons4.gvt2.com
                                  https
                                  chrome.exe
                                  2.9kB
                                  6.7kB
                                  5
                                  8
                                • 8.8.8.8:53
                                  3.69.250.142.in-addr.arpa
                                  dns
                                  71 B
                                  139 B
                                  1
                                  1

                                  DNS Request

                                  3.69.250.142.in-addr.arpa

                                • 8.8.8.8:53
                                  116.32.239.216.in-addr.arpa
                                  dns
                                  73 B
                                  101 B
                                  1
                                  1

                                  DNS Request

                                  116.32.239.216.in-addr.arpa

                                • 8.8.8.8:53
                                  11.173.189.20.in-addr.arpa
                                  dns
                                  72 B
                                  158 B
                                  1
                                  1

                                  DNS Request

                                  11.173.189.20.in-addr.arpa

                                • 8.8.8.8:53
                                  beacons.gcp.gvt2.com
                                  dns
                                  chrome.exe
                                  66 B
                                  112 B
                                  1
                                  1

                                  DNS Request

                                  beacons.gcp.gvt2.com

                                  DNS Response

                                  142.250.69.3

                                • 142.250.69.3:443
                                  beacons.gcp.gvt2.com
                                  https
                                  chrome.exe
                                  3.2kB
                                  7.6kB
                                  8
                                  9

                                MITRE ATT&CK Enterprise v15

                                Replay Monitor

                                Loading Replay Monitor...

                                Downloads

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\5d4a71a1-c9ba-4ed9-aaf6-60c6e108b12a.tmp

                                  Filesize

                                  9KB

                                  MD5

                                  114be5c4353a7e03c0c46978abcb8f8b

                                  SHA1

                                  00820885893005a81e81a26be17d92cd196714ec

                                  SHA256

                                  30234a10f7fa05133e4ae4a4529e9776e79881fa83345da353113aee8e6784df

                                  SHA512

                                  f0e8cd94122f232a8dda8cd6aec990db072e839446ed8150bb389844da8725aa848df5db9af11fbab93cde33796ab776c58b65e694eba01ead21dbc648723d8f

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                  Filesize

                                  336B

                                  MD5

                                  7380940b264c9395d1a75da7a7482ee7

                                  SHA1

                                  961a6586e2245089cae72b98bfa1d1454851688b

                                  SHA256

                                  8e99b7012af707b4701cc2efedde68135e138854f6f4b3f6888cdc70bdda107d

                                  SHA512

                                  788785a45a0f0f35eccecec2946d80233b86f51f06a1b58f26e11c08464d967339a413af9ee5312d69c401b25f12e79b467699d981ef2f047d363a8501f9d6dc

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                  Filesize

                                  2KB

                                  MD5

                                  0420b39c782ed5834512ad2901265f7d

                                  SHA1

                                  fec8efcff387e72838c83f07657ac96287059398

                                  SHA256

                                  7f54f2b65c70fc2d3362dbb5be5cadb6ba6642427154a5928dd19eb7ed5a1ea7

                                  SHA512

                                  b216a9d01492b0631452e4f6a1ea34fe55cf0c64e72e0b0d0edda7e382a78d8e85f23e9b727cca1030557bf0042f78cb7671c3340b7f275aba685dd2c33944f3

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                  Filesize

                                  3KB

                                  MD5

                                  9bf110b63ac200b6bff6bd5975d0fb40

                                  SHA1

                                  9a93685b28088cfe0bf60bf8424e0929ee8a1380

                                  SHA256

                                  474008b686ed4ede0f1180d08143579a4b2d6ee66b376b345832c25f5a4b9bd8

                                  SHA512

                                  a276ed608c01bf4b8a67ed0079f5915f6ed133273004ec05e597b5fb0949ed804a718fe926f3bb9ea0d5255530c5c81ea70b53bfe6ed1d109bfac4f6f3a5e435

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                                  Filesize

                                  2B

                                  MD5

                                  d751713988987e9331980363e24189ce

                                  SHA1

                                  97d170e1550eee4afc0af065b78cda302a97674c

                                  SHA256

                                  4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                  SHA512

                                  b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                  Filesize

                                  356B

                                  MD5

                                  796d089773963e765e9a4595c33b9660

                                  SHA1

                                  76e072436cf1dd12552f792783e35129d818f910

                                  SHA256

                                  f3c8bc9062f6b7df66145c35d7cb51e780cde68c36a9d4de954d9c3df0b76480

                                  SHA512

                                  85c6915700cd00dcddaa68ac3faa98eb2da38e99540e81268f6a954338c904b7ca68ea3b6ec13c35d411023eefd42fd77ba2b9d375801a3415bf47b3f4354705

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                  Filesize

                                  690B

                                  MD5

                                  f6ed08c61bd3a371325d8f396c458ac3

                                  SHA1

                                  6aa0c1d0bf01b63585123ea26ee7e0ed75d2a200

                                  SHA256

                                  cae395c1c0c4ce4cd0d4fd007bb76a22611f24c27f924cfd36bf754e00638103

                                  SHA512

                                  a50954e3158c3de04b3cc8f5835cd92e53497e2224d7aeaf2da68d0d2eddcbae79fadd93a1e13f6961fa66dd8c0eaae1e0bd3fcc53af918be47373dc41a2b328

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  46ad7784ccc9bf0ba8902a4f4180a0ad

                                  SHA1

                                  71b963c28acda8e36a751048e171f161281803fc

                                  SHA256

                                  9605bef4e82908c55946dd8bf1dc995ece7e65c729d7b95d3def67b0684acbd1

                                  SHA512

                                  6603a5395c0f581cd2d7cb09593cc64685121c02fa3d9ac4d02b905cbc8fedb1d56602cef564cbd740f8dda293248d1c01e4985aa2b1f96dda005e464ac5fbf8

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  2a1bff4fe7754701426e5397d895c132

                                  SHA1

                                  a16529258cee7d7b554d0f24e0a4b74cfdd2f071

                                  SHA256

                                  823bd3c9eb0917b9f17e856d9b898aa266f6beba0086e6361d6034e419369f59

                                  SHA512

                                  91890b2dc36ee2a4989ecbd8554209a406f5258a076f68c351aaa07f8feb88879e320cd9482ba203fbe217a2df5fc03f05cba49cd4db9713fadef741fcb06171

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  8KB

                                  MD5

                                  6dd8fdd0e37bc602cb0ff6a3618939e1

                                  SHA1

                                  1f447fbdc6d4af91eb891a7ec2e7a059a06dec17

                                  SHA256

                                  128134bd9641ecac0bd08fdfcb8443092597d27380657907507e82924880f2eb

                                  SHA512

                                  64218e993865c6d5bec8acd26e467c6c52251bc60e92ba1153c33a66475cef896cba6af65e0aed7ed3cd09f04d42a8b46da4cd9dde31261c7f38f832db5a47f4

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  8KB

                                  MD5

                                  a77d79c0278d398670623ba8b2a25c56

                                  SHA1

                                  989ece18932604fec36e6ae39f66cf3abc997961

                                  SHA256

                                  f6a9e992d6f8e989e848756bf5a064cbd4e7e995a05fba4b8dacac2496a1eb83

                                  SHA512

                                  e0c36f5d0e31c7a87dffcad24379a20ed80cf10f86249494e20df442fdbd02e3b4855a07d63fa9c8b46547bdbfdaf030bb826b2a6ff78e6bdbd96f9b6ba7ea36

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  0dd7da55269f594c9c5b8d9c1610cfa0

                                  SHA1

                                  3b18ef1563bc9083a98a0ee6a92901f6e61942bd

                                  SHA256

                                  337f7e644b4890f351b94bf9c0a922594ea23021651cc5e2eddf49a5bce7f3bf

                                  SHA512

                                  9d1c9a98691e82d34b2f94fde19561e2d66397f6cce9aa5c855acea7e3cc0f231dd3d843ae6f4198d81300ca1ab8bb1221f61894cd323f6f17807790efeaf5f3

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  e6db83455cd43d64d48c69915cdecfdc

                                  SHA1

                                  9f8c8e377afe553ca4f50d6b439a1a7fa9d716bf

                                  SHA256

                                  96dddf850bdc3b05f428455f32f690646943d4426000afc756aaffc42cef89b6

                                  SHA512

                                  34c19cbea61be59a1d051d509b36c3f7e2755d5378f86be8170cd85f297c27b9853f9871e9b008933e6a2e6134b6e72f31a9c3297565a95a0b20e27f188e5423

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  0a320dc61d6011222380a917bc087281

                                  SHA1

                                  e9334a792a06e6d1b84e8776a5add86683d3d8b5

                                  SHA256

                                  8d66ea4d8078c4e5ea600c717b6b8ce508f2578364d55b2e4a3fbe532eec5edd

                                  SHA512

                                  2a7881f08ca11de7df3abeac7f7db671cdb58bcf33905a414de281ea58e795e6bad5935c57c3515e332e20667a88505c490a069d94c377d58455a8291c72fab3

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  0e8ffe0a75be605c4e0cc205e4170203

                                  SHA1

                                  954a3288fc87ae2a42b5408d453c5b2ad6090992

                                  SHA256

                                  a1696114c04d35d37a393cdc181843622a7a4bd6a76e72f937cdb9ef96421969

                                  SHA512

                                  d8eec8be966c0e2584080bc416f1721634cadd81075d90d284088bad465f1871519639090b3cf266d1fc1ed5f42c225ba140c654b7bcde1e49c2845e4c963ea5

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  aa3d4be8df9f6aaa826638a3e6d13eb6

                                  SHA1

                                  624722a85a9be78916b511c9fe547a1d36e79b10

                                  SHA256

                                  b74074bc4ef29fb8554088495eb5c2697b3d3023904e190763e55d698c63b76a

                                  SHA512

                                  ec9cc4debc07756a829641fbc72566385e65661beaa4607b9d695461475dc8286f61b228cf9bba7318d440dd7f196e570a5256b1b03cbfeb1e2902d1b3b9d792

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  64627c5223f84db3765ed021a1d5d6f5

                                  SHA1

                                  a0dd5a59f03012334b1d9e1a425e54bb64a138ce

                                  SHA256

                                  670ef111dc5c3571b50aea86e20a88e52197716dc60bb5b2ff59652bf0309439

                                  SHA512

                                  a0b0fc673ee4407fa7f11eb5aca05ce5336416666d0b30f5825a4c54b5b3013c7bb157cb3fcd78bfcbc5919d921a44c208a7991aa56033247a7c1ed093557029

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  db5cb90f4ab6eaa976e5484a099a9dd2

                                  SHA1

                                  67aee10b9f39edf9b38c7aca22f8db6e712eff93

                                  SHA256

                                  5f7ec9652fde4a67abe3e318038c42147ed6f5beaa9b028586d192d4ac546293

                                  SHA512

                                  67d9b264e80e6a1b3d93a8fd197d30dcd6a478beeac65f7b77f26557412d37cc1cdd3a1f1e0c2157f3274bae669b9882860e66ac00468b4ab659a081134ada49

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  3cca59822df36f0d7af3aacc65883680

                                  SHA1

                                  6ab4a1c961850068bdf6a93d7d18a5b1330bb745

                                  SHA256

                                  fb8a984836dc56a684dca641cab8cf95b090675c41c0b076194f6bb8575b73b5

                                  SHA512

                                  77bc4f85f06aea04aa81c1bccc14b1ce5f4e24b72e75d8c6eb466fb29278ab6bdff1926ffdd4c24730a37dc532979dda6e77fe665399c8565125c57f75207710

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  2df3763551e7c05a757b16ec43e1533c

                                  SHA1

                                  79b11a68e8a4e69534adaa72917a12d5ca9918fc

                                  SHA256

                                  6ec2a7adec1bc204e13110a66ef501e1ecf7e09c83254f41dc0b454fbcf20760

                                  SHA512

                                  d3022c8bb8233b30b29a1cc54e6c6cc573b538f98e731cb63c6613b353bb01f8fc64df6f3e88b42441937a0a5d86dbd36740db8986432985cf4478cbfe5905ca

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  0204bd6f881126137515fcec89286b19

                                  SHA1

                                  3ce8a8d6a2cbe9f0ee8c56666fb86ff300e0dcac

                                  SHA256

                                  26236a2a182979a261407878ad897d0c8652bd437f4d29938ef3ce53ac34a866

                                  SHA512

                                  ba7432722b1be9f2244a7106d28cb52cfff93e21f41ea1b2798b8622a7f00124d25bb28212597b9ffbed46b77dbf77591c4c6c0b4daa6b5742c79e9273ab2680

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  86a0a5ca89740024cd1616cd5b5fc644

                                  SHA1

                                  5ef8875c8f6bdaf66936d3f8466f83558e56b984

                                  SHA256

                                  cbe1d8d4330e295197af7076ca8ae8580b1779b1c559425d8de0917e55fac988

                                  SHA512

                                  363fc42d76334dcbaf3255497635dacfe67ec044e72e82cd52433038adfd2a56df7c86657437f19ebbf033f0a7161b36b53af37c81a1e99f5ee9fe981e3028b8

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  dd0411db7c893e4d110e686a4a054e9b

                                  SHA1

                                  1298455b326317b90ee1638470dbfdf8696156f7

                                  SHA256

                                  12f31c80cdbfb59bf4878826d119540099e7690a8a402f6a7f914ec9f02c4c0e

                                  SHA512

                                  7d6d00ef5cafe5750ac62dac9dee2b1885c3a989467298d2a2bca584436c235d7bf507bc855c93d7ef37d395b1357b202356398bc23e4b54194ee69a8c01b17e

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  55a755ea9c8fa773fb0d5e34949d5135

                                  SHA1

                                  553ee82f92b7aaa6e46277c59a829ec165242e83

                                  SHA256

                                  b1ac47aa0afcdbb4a7ff04062bdd628cce02b85565931def7656971f4bd32910

                                  SHA512

                                  322a8a5442609d140d6a090818ac12f200ba38a8460a0697f3ed95073b35d2b74290ce06deb45e145fb07365e73740edb96d11dbc8a91beccb6072f85f36318f

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  773fb78824ce644df00427dd4970e4f4

                                  SHA1

                                  6d679294161750732d414a95ed541ff52aebd6d6

                                  SHA256

                                  619221ae706065176ec8216cab3bd561b5b838b8170058ed445095a40fd23c76

                                  SHA512

                                  fda0a9eb79243df6c59b1d801e433b0b5eef6f64fe7250a59e9c1b48f9d146ad3e059fd72fa290b2b07c2d190af7d3ca7e428d2cbe442b2fbc3014c35715784e

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  ba8aeb292c3fec4d5ecf7d30779923c4

                                  SHA1

                                  61eab7d6ae3d512870baa39f416b34238e7cf42e

                                  SHA256

                                  5d7a6dbb93a3c48ae5879fcbec968af5bc990d9d57aeaa22e9e23185449914c2

                                  SHA512

                                  5d2708dc4264bbb5a600d27e74efd77a7c3ae047f2b6b9d169140758a2473509e3e550f5e8f5ff18df21e7b62d5d29977062a56a1f5cb2f889e243042adc0118

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  bf81008e1558e89a695c35f5b9739c4a

                                  SHA1

                                  5b2eca2d2e94ee749f6f4175525a2c314bb18645

                                  SHA256

                                  744c20805e6a7bfff83c36b3afd5132683a0a2a3d19134558f9fb3fdd6aa0787

                                  SHA512

                                  d033161e7ff9ac9532afc6a1e184996156cad792316f50b7ef11dde7dbf9965317d3fbe6c95edfc2cad8326879d3618fce85dfa842f20023253d51552da16c1d

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  72949d8330253e0c3dcfa9f5c86f7db8

                                  SHA1

                                  493ccb62f4e6171f345c50e434553366baf1a743

                                  SHA256

                                  aa1cc4b4b76dee2718c03c1dfa97318ab39e71047c9990a4a7cf8e433f6aff89

                                  SHA512

                                  e9eec50c1273e41314139933b3b1772357ef6bd7f555674f3b113dc37b90bd6be7b46637aaaa978f9af4776418afb5e2058d4cbb45b4125e4a8af1753bbad30f

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  26655b010358cb1700c356d787fad199

                                  SHA1

                                  88fbab7046bdbe84cde82df47efc3344afcb4294

                                  SHA256

                                  9041310b2f0641d0620021a2210947e26defd5081206e709b89b02cf3e340e81

                                  SHA512

                                  27e562e54ffe4a47a8fe0b97e8c4253388ca96d36fca756c3cc5460127c8543b02e5b90b74530a0b52ab3006097f81ca0c8a72cf8be0ab04a20cd9ad80c15162

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  ff1334248c53d4151fb24305d52b5f9c

                                  SHA1

                                  e2fcb1d8c751736b5c806607d507d187691307ce

                                  SHA256

                                  21d1e4cc4aa41d0d2d6b6c02de5158e45ff46b71398ed77c1092a74c78058a6a

                                  SHA512

                                  c86212debb1567996acdd2013cfa197d84f7be0ff2222cd0e22dfc71b1e3240cf43dab7cc4a99f3ea57f6e341b661011e7c82eeed1246f54ebc5a84d6baed705

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  b63d6fd6c3c970eafd34ab55cfad4307

                                  SHA1

                                  122e0dc8f0139ce7786ee34a37f39aa9c2b3d87e

                                  SHA256

                                  5823c9112b80fd514a1f947bf12cf950075e34e6b64cd776e76a67f72e29e433

                                  SHA512

                                  af06bedc224a94ef330024e6958488201236d071b5fc7c5c95d9345facd52ebfb947fa4c65bc4735a347b6c5b5e9b834e26ca146db14416cefca6b18c298362a

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  5fa86a6eb3eae96c3d0b5bde35b50f88

                                  SHA1

                                  dca34fe8d63c9cb08aa172afaaac819aaf202f04

                                  SHA256

                                  064a4d307674c5704b7ffa3c38b0f56a476bcbcd6dd28697cf3da4d820bcaf4e

                                  SHA512

                                  75b6b1d0ee02383ee391688c6a48e7f42fe83d9005376b2da4c2e0dcce577b0f51632a79277d7d63a512abbc0a2b6c3e84caee1e9445b5aa014a54775a5f6fe4

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  a5c43068166701b35630accd6945a141

                                  SHA1

                                  39bbb7cb2cd1992202a59563d55a9e7945fcfd9f

                                  SHA256

                                  041627c00a48dbea00e86b9f273cb3c34ca231327023892d3eed585b51fe20d1

                                  SHA512

                                  b764baf3f00f9dcb17f48a1b66c5ef2ad3a3911256c524a4a378ef2b46e942981f42e368f176b878f5ccd0deb82185ae7fb89cbacc2c50eed6aeaf93b7cefff3

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  aafe4b5ef6e141ef4282bf777859b2c9

                                  SHA1

                                  9e6b38af9a0ddb3a2082828037dae7e349fd264a

                                  SHA256

                                  23475e0e567f1c2b6263335497a54586cce691001e98d75c1b5fac6655376e98

                                  SHA512

                                  6b87ae0aeb8a05b8ee5c96b27c477d59a7bff93e30ddc286a736298b0258506e4338c3e71df00a04a20396f798be1e68aca10c84027b56c952900e88c4f22daf

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                  Filesize

                                  9KB

                                  MD5

                                  6bbad9164d418fc24557b869c36edd53

                                  SHA1

                                  8d2581a3636273fe2d3413fcc4957bd0504db5b4

                                  SHA256

                                  9a831aa6d7030e569bbe757cba5540f53a77031b1687af301197b0f5433063eb

                                  SHA512

                                  969b548fb0459e395e0b836f39e315e8c15247c4697af56d9e617d6cd8bca5755beaaf292b57772f12715a4217230ec6d361f6162c61efc02dd1967d2688ffe4

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

                                  Filesize

                                  15KB

                                  MD5

                                  1c086566545064b274de21c9a4503997

                                  SHA1

                                  56985acc6276285cdf7a667f416826fbc6519c6e

                                  SHA256

                                  1c5148defb5114efe398bc394469fc4a2aca8b7f0e86aa4d637469781a24516a

                                  SHA512

                                  c90250ea19e709250ef15fa895a1d8c115dfe80c1d182328d528848c45c91c326dad8ea8f76b1da5e37352e11b18c0c222846ac2591fe9c38420a1cebb60d503

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                  Filesize

                                  193KB

                                  MD5

                                  63d760c602d4408c4a13df38736cb65a

                                  SHA1

                                  31641167254fdf5f4c4defc75a60b2d041bbe8a5

                                  SHA256

                                  78d51d65cd3a9cb0a219c0d6c8f03a68278a1f3dcb4269f6f2469109127354e9

                                  SHA512

                                  dd4b964696dd44712e645a8feb8fce50cb7a2dc6cdbbc4c9e3db59ca404739a8a93d3c0ada4c22148cf4cc5e61a38bbf5b92d61ecf0e8544bd2d7be67494dcd7

                                • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                  Filesize

                                  194KB

                                  MD5

                                  be8b266f43cad6fe0d022e758addcd55

                                  SHA1

                                  541b1ae956c2729e5979ee916e7624b48f0d4477

                                  SHA256

                                  f0247d08ca77f2ce6ff6d37bd0b4aa6b89cc166c64a109d484d8b6cfd0d5c8be

                                  SHA512

                                  f9f6c43b74f5578f169e9351ddb734a68ca42b16ca42c253c691eeaf0da080a804f8257bfe9cf9dae66023ee94247252e0401dc4d6681dc3825a58057d147bb7

                                • C:\Users\Admin\AppData\Roaming\.minecraft\launcherfenix.jar

                                  Filesize

                                  500KB

                                  MD5

                                  84591cf8bbe4b94d5a83b2cdd605d4b5

                                  SHA1

                                  85f1dbf03d2b4c52e067849b93c3f4c7ec284886

                                  SHA256

                                  b8c2bf47cb70a77582c302284554ecd4a29f9ee55c09fc2193b3ba942d5884ae

                                  SHA512

                                  31ff3523bedc87efd5040c46fdaff325c29fa109a912b729c81660c0737505e9dbd2f9bc0a443bfce12ede2569d023cc1f56f6bea0943a669f4f85e0f420830d

                                • C:\Users\Admin\Videos\Captures\desktop.ini

                                  Filesize

                                  190B

                                  MD5

                                  b0d27eaec71f1cd73b015f5ceeb15f9d

                                  SHA1

                                  62264f8b5c2f5034a1e4143df6e8c787165fbc2f

                                  SHA256

                                  86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2

                                  SHA512

                                  7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c

                                • memory/400-17-0x0000000000400000-0x0000000000462000-memory.dmp

                                  Filesize

                                  392KB

                                • memory/3144-116-0x000001CE49E10000-0x000001CE49E11000-memory.dmp

                                  Filesize

                                  4KB

                                • memory/3144-2-0x000001CE4B620000-0x000001CE4B890000-memory.dmp

                                  Filesize

                                  2.4MB

                                • memory/3144-16-0x000001CE49E10000-0x000001CE49E11000-memory.dmp

                                  Filesize

                                  4KB

                                • memory/3144-54-0x000001CE49E10000-0x000001CE49E11000-memory.dmp

                                  Filesize

                                  4KB

                                • memory/3144-59-0x000001CE49E10000-0x000001CE49E11000-memory.dmp

                                  Filesize

                                  4KB

                                • memory/3144-61-0x000001CE49E10000-0x000001CE49E11000-memory.dmp

                                  Filesize

                                  4KB

                                • memory/3144-67-0x000001CE49E10000-0x000001CE49E11000-memory.dmp

                                  Filesize

                                  4KB

                                • memory/3144-70-0x000001CE49E10000-0x000001CE49E11000-memory.dmp

                                  Filesize

                                  4KB

                                • memory/3144-76-0x000001CE49E10000-0x000001CE49E11000-memory.dmp

                                  Filesize

                                  4KB

                                • memory/3144-86-0x000001CE49E10000-0x000001CE49E11000-memory.dmp

                                  Filesize

                                  4KB

                                • memory/3144-139-0x000001CE49E10000-0x000001CE49E11000-memory.dmp

                                  Filesize

                                  4KB

                                • memory/3144-710-0x000001CE4B620000-0x000001CE4B890000-memory.dmp

                                  Filesize

                                  2.4MB

                                We care about your privacy.

                                This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.