Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

1

URLScan

urlscan

1

https://r.g.bing.com...

windows11-21h2-x64

5

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    08/08/2024, 13:59 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://r.g.bing.com/bam/ac?!&&u=a1aHR0cHM6Ly9kcnVtY29uZHJhLmNvbS5ydS9jbkhTei8/#UZ2lsLmNvYWRlYmV6QHJ1Yml4LmNvbQ==

Score
5/10
discovery

Malware Config

Signatures

  • Drops file in System32 directory 2 IoCs
  • Drops file in Windows directory 1 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://r.g.bing.com/bam/ac?!&&u=a1aHR0cHM6Ly9kcnVtY29uZHJhLmNvbS5ydS9jbkhTei8/#UZ2lsLmNvYWRlYmV6QHJ1Yml4LmNvbQ==
    1⤵
    • Drops file in Windows directory
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:5900
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffaa90ccc40,0x7ffaa90ccc4c,0x7ffaa90ccc58
      2⤵
        PID:5576
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1744,i,15741050110780390646,16208852674560528409,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1712 /prefetch:2
        2⤵
          PID:4828
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2012,i,15741050110780390646,16208852674560528409,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2068 /prefetch:3
          2⤵
            PID:5220
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2164,i,15741050110780390646,16208852674560528409,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2176 /prefetch:8
            2⤵
              PID:2116
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3052,i,15741050110780390646,16208852674560528409,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3068 /prefetch:1
              2⤵
                PID:5476
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3056,i,15741050110780390646,16208852674560528409,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3116 /prefetch:1
                2⤵
                  PID:1192
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4056,i,15741050110780390646,16208852674560528409,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4332 /prefetch:1
                  2⤵
                    PID:1584
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3244,i,15741050110780390646,16208852674560528409,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3320 /prefetch:1
                    2⤵
                      PID:4656
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4492,i,15741050110780390646,16208852674560528409,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4556 /prefetch:1
                      2⤵
                        PID:1620
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4380,i,15741050110780390646,16208852674560528409,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4880 /prefetch:8
                        2⤵
                          PID:1756
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3256,i,15741050110780390646,16208852674560528409,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=952 /prefetch:8
                          2⤵
                          • Drops file in System32 directory
                          • Suspicious behavior: EnumeratesProcesses
                          PID:3244
                      • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                        "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                        1⤵
                          PID:3564
                        • C:\Windows\system32\svchost.exe
                          C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                          1⤵
                            PID:4592

                          Network

                          • flag-us
                            DNS
                            r.g.bing.com
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            r.g.bing.com
                            IN A
                            Response
                            r.g.bing.com
                            IN CNAME
                            g.msn.com
                            g.msn.com
                            IN CNAME
                            g-msn-com-nsatc.trafficmanager.net
                            g-msn-com-nsatc.trafficmanager.net
                            IN A
                            13.74.129.92
                          • flag-us
                            DNS
                            challenges.cloudflare.com
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            challenges.cloudflare.com
                            IN A
                            Response
                            challenges.cloudflare.com
                            IN A
                            104.18.95.41
                            challenges.cloudflare.com
                            IN A
                            104.18.94.41
                          • flag-us
                            DNS
                            202.179.250.142.in-addr.arpa
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            202.179.250.142.in-addr.arpa
                            IN PTR
                            Response
                            202.179.250.142.in-addr.arpa
                            IN PTR
                            ams15s42-in-f101e100net
                          • flag-us
                            DNS
                            202.179.250.142.in-addr.arpa
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            202.179.250.142.in-addr.arpa
                            IN PTR
                          • flag-ie
                            GET
                            https://r.g.bing.com/bam/ac?!&&u=a1aHR0cHM6Ly9kcnVtY29uZHJhLmNvbS5ydS9jbkhTei8/
                            chrome.exe
                            Remote address:
                            13.74.129.92:443
                            Request
                            GET /bam/ac?!&&u=a1aHR0cHM6Ly9kcnVtY29uZHJhLmNvbS5ydS9jbkhTei8/ HTTP/2.0
                            host: r.g.bing.com
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            sec-ch-ua-platform: "Windows"
                            upgrade-insecure-requests: 1
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                            sec-fetch-site: none
                            sec-fetch-mode: navigate
                            sec-fetch-user: ?1
                            sec-fetch-dest: document
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 302
                            cache-control: no-cache, must-revalidate
                            pragma: no-cache
                            expires: Fri, 01 Jan 1990 00:00:00 GMT
                            location: https://drumcondra.com.ru/cnHSz/?
                            server: Microsoft-IIS/10.0
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            access-control-allow-origin: *
                            set-cookie: MUID=3A8BDC67148763911BCAC8B210876078; domain=.bing.com; expires=Tue, 02-Sep-2025 13:59:38 GMT; path=/; SameSite=None; Secure; Priority=High;
                            date: Thu, 08 Aug 2024 13:59:38 GMT
                            content-length: 0
                          • flag-us
                            GET
                            https://drumcondra.com.ru/cnHSz/?
                            chrome.exe
                            Remote address:
                            104.21.68.72:443
                            Request
                            GET /cnHSz/? HTTP/2.0
                            host: drumcondra.com.ru
                            upgrade-insecure-requests: 1
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                            sec-fetch-site: none
                            sec-fetch-mode: navigate
                            sec-fetch-user: ?1
                            sec-fetch-dest: document
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            sec-ch-ua-platform: "Windows"
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            date: Thu, 08 Aug 2024 13:59:38 GMT
                            content-type: text/html; charset=UTF-8
                            access-control-allow-origin: *
                            set-cookie: PHPSESSID=sqj64rh6cri5v5vmlf7ng71s16; path=/
                            expires: Thu, 19 Nov 1981 08:52:00 GMT
                            cache-control: no-store, no-cache, must-revalidate
                            pragma: no-cache
                            vary: Accept-Encoding
                            cf-cache-status: DYNAMIC
                            report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R3E%2BsLWr2jHr6VG2I8jq5SkLTis1tntcc2htf0%2F2%2FpwIFZznQ%2B1ptyA%2F0VCnH%2F%2B1FIyPcD41ZtK0iXxvEVYD4aLQqZv1fFVRuZHlY3vg0t1VDuqKd%2BorsfY8jqHGtLjkvXR9EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                            nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            server: cloudflare
                            cf-ray: 8b0007326d7993f2-LHR
                            content-encoding: br
                            alt-svc: h3=":443"; ma=86400
                          • flag-us
                            GET
                            https://drumcondra.com.ru/favicon.ico
                            chrome.exe
                            Remote address:
                            104.21.68.72:443
                            Request
                            GET /favicon.ico HTTP/2.0
                            host: drumcondra.com.ru
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            sec-ch-ua-platform: "Windows"
                            accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            sec-fetch-site: same-origin
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: image
                            referer: https://drumcondra.com.ru/cnHSz/?
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            cookie: PHPSESSID=sqj64rh6cri5v5vmlf7ng71s16
                            Response
                            HTTP/2.0 404
                            date: Thu, 08 Aug 2024 13:59:39 GMT
                            content-type: text/html
                            cache-control: private, no-cache, max-age=0
                            pragma: no-cache
                            vary: Accept-Encoding
                            cf-cache-status: BYPASS
                            report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sm4qg2V2VLWQ6VUMINMH0f9IFQaCtQLOZAfEjOEv2o1z8qbEM81LZZqqF9cWYdIDcJJy4beMrKzg51EJJgk8I6gBdwDdR34Hsopqkf9NYLn14C1UReO1YPjpBB6vzR1jFivFIw%3D%3D"}],"group":"cf-nel","max_age":604800}
                            nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            server: cloudflare
                            cf-ray: 8b0007382df893f2-LHR
                            content-encoding: br
                            alt-svc: h3=":443"; ma=86400
                          • flag-us
                            POST
                            https://drumcondra.com.ru/cnHSz/?
                            chrome.exe
                            Remote address:
                            104.21.68.72:443
                            Request
                            POST /cnHSz/? HTTP/2.0
                            host: drumcondra.com.ru
                            content-length: 560
                            cache-control: max-age=0
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            sec-ch-ua-platform: "Windows"
                            upgrade-insecure-requests: 1
                            origin: https://drumcondra.com.ru
                            content-type: application/x-www-form-urlencoded
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                            sec-fetch-site: same-origin
                            sec-fetch-mode: navigate
                            sec-fetch-user: ?1
                            sec-fetch-dest: document
                            referer: https://drumcondra.com.ru/cnHSz/?
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            cookie: PHPSESSID=sqj64rh6cri5v5vmlf7ng71s16
                            Response
                            HTTP/2.0 200
                            date: Thu, 08 Aug 2024 14:00:12 GMT
                            content-type: text/html; charset=UTF-8
                            access-control-allow-origin: *
                            expires: Thu, 19 Nov 1981 08:52:00 GMT
                            cache-control: no-store, no-cache, must-revalidate
                            pragma: no-cache
                            vary: Accept-Encoding
                            cf-cache-status: DYNAMIC
                            report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CX%2FKmiQIjDzRlu%2B3N47ekkInXtiMmW3IT2sYMOCAjIT5dnTTiN6c7CNm0LwZ675kZXLUPhUXW5tZM%2BLo%2FdOpOISb0pHbIJ453TtR%2FJPiDUfmfDe9sGRcNxrH5Z95BcRP0utgIw%3D%3D"}],"group":"cf-nel","max_age":604800}
                            nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            server: cloudflare
                            cf-ray: 8b000804392293f2-LHR
                            content-encoding: br
                            alt-svc: h3=":443"; ma=86400
                          • flag-us
                            GET
                            https://challenges.cloudflare.com/turnstile/v0/api.js
                            chrome.exe
                            Remote address:
                            104.18.95.41:443
                            Request
                            GET /turnstile/v0/api.js HTTP/2.0
                            host: challenges.cloudflare.com
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            sec-ch-ua-platform: "Windows"
                            accept: */*
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: script
                            referer: https://drumcondra.com.ru/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 302
                            date: Thu, 08 Aug 2024 13:59:38 GMT
                            content-length: 0
                            access-control-allow-origin: *
                            cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
                            cross-origin-resource-policy: cross-origin
                            location: /turnstile/v0/g/769ce3c24a3b/api.js
                            vary: Accept-Encoding
                            server: cloudflare
                            cf-ray: 8b00073469c0416a-LHR
                            alt-svc: h3=":443"; ma=86400
                          • flag-us
                            GET
                            https://challenges.cloudflare.com/turnstile/v0/g/769ce3c24a3b/api.js
                            chrome.exe
                            Remote address:
                            104.18.95.41:443
                            Request
                            GET /turnstile/v0/g/769ce3c24a3b/api.js HTTP/2.0
                            host: challenges.cloudflare.com
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            sec-ch-ua-platform: "Windows"
                            accept: */*
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: script
                            referer: https://drumcondra.com.ru/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            date: Thu, 08 Aug 2024 13:59:39 GMT
                            content-type: application/javascript; charset=UTF-8
                            last-modified: Thu, 01 Aug 2024 13:51:06 GMT
                            cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
                            access-control-allow-origin: *
                            cross-origin-resource-policy: cross-origin
                            vary: Accept-Encoding
                            server: cloudflare
                            cf-ray: 8b000735cb99416a-LHR
                            content-encoding: br
                            alt-svc: h3=":443"; ma=86400
                          • flag-us
                            DNS
                            72.68.21.104.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            72.68.21.104.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            a.nel.cloudflare.com
                            Remote address:
                            8.8.8.8:53
                            Request
                            a.nel.cloudflare.com
                            IN A
                            Response
                            a.nel.cloudflare.com
                            IN A
                            35.190.80.1
                          • flag-us
                            DNS
                            a.nel.cloudflare.com
                            Remote address:
                            8.8.8.8:53
                            Request
                            a.nel.cloudflare.com
                            IN A
                          • flag-us
                            DNS
                            a.nel.cloudflare.com
                            Remote address:
                            8.8.8.8:53
                            Request
                            a.nel.cloudflare.com
                            IN A
                          • flag-us
                            GET
                            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tcyvb/0x4AAAAAAAdVpk8D6Pb_9pXH/auto/fbE/normal/auto/
                            chrome.exe
                            Remote address:
                            104.18.95.41:443
                            Request
                            GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tcyvb/0x4AAAAAAAdVpk8D6Pb_9pXH/auto/fbE/normal/auto/ HTTP/2.0
                            host: challenges.cloudflare.com
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            sec-ch-ua-platform: "Windows"
                            upgrade-insecure-requests: 1
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                            sec-fetch-site: cross-site
                            sec-fetch-mode: navigate
                            sec-fetch-dest: iframe
                            referer: https://drumcondra.com.ru/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            date: Thu, 08 Aug 2024 13:59:39 GMT
                            content-type: text/html; charset=UTF-8
                            document-policy: js-profiling
                            cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                            origin-agent-cluster: ?1
                            content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
                            cross-origin-opener-policy: same-origin
                            permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
                            referrer-policy: same-origin
                            critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                            cross-origin-resource-policy: cross-origin
                            cross-origin-embedder-policy: require-corp
                            accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
                            server: cloudflare
                            cf-ray: 8b000736f8ca93e7-LHR
                            content-encoding: br
                            alt-svc: h3=":443"; ma=86400
                          • flag-us
                            GET
                            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/nbsskix%2B8rvzsiTuOH9u%2FM8iwY0%2FCXzUM0bUXyT0s6k%3D
                            chrome.exe
                            Remote address:
                            104.18.95.41:443
                            Request
                            GET /cdn-cgi/challenge-platform/h/g/cmg/1/nbsskix%2B8rvzsiTuOH9u%2FM8iwY0%2FCXzUM0bUXyT0s6k%3D HTTP/2.0
                            host: challenges.cloudflare.com
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            sec-ch-ua-platform: "Windows"
                            accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            sec-fetch-site: same-origin
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: image
                            referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tcyvb/0x4AAAAAAAdVpk8D6Pb_9pXH/auto/fbE/normal/auto/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            date: Thu, 08 Aug 2024 13:59:39 GMT
                            content-type: application/javascript; charset=UTF-8
                            cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                            server: cloudflare
                            cf-ray: 8b000737a9df93e7-LHR
                            content-encoding: br
                            alt-svc: h3=":443"; ma=86400
                          • flag-us
                            GET
                            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8b000736f8ca93e7&lang=auto
                            chrome.exe
                            Remote address:
                            104.18.95.41:443
                            Request
                            GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8b000736f8ca93e7&lang=auto HTTP/2.0
                            host: challenges.cloudflare.com
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            sec-ch-ua-platform: "Windows"
                            accept: */*
                            sec-fetch-site: same-origin
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: script
                            referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tcyvb/0x4AAAAAAAdVpk8D6Pb_9pXH/auto/fbE/normal/auto/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            date: Thu, 08 Aug 2024 13:59:39 GMT
                            content-type: image/png
                            content-length: 61
                            cache-control: max-age=2629800, public
                            server: cloudflare
                            cf-ray: 8b000737a9db93e7-LHR
                            alt-svc: h3=":443"; ma=86400
                          • flag-us
                            DNS
                            41.95.18.104.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            41.95.18.104.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            1.80.190.35.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            1.80.190.35.in-addr.arpa
                            IN PTR
                            Response
                            1.80.190.35.in-addr.arpa
                            IN PTR
                            18019035bcgoogleusercontentcom
                          • flag-us
                            DNS
                            cdnjs.cloudflare.com
                            Remote address:
                            8.8.8.8:53
                            Request
                            cdnjs.cloudflare.com
                            IN A
                            Response
                            cdnjs.cloudflare.com
                            IN A
                            104.17.25.14
                            cdnjs.cloudflare.com
                            IN A
                            104.17.24.14
                          • flag-us
                            DNS
                            amygale.ru
                            Remote address:
                            8.8.8.8:53
                            Request
                            amygale.ru
                            IN A
                            Response
                            amygale.ru
                            IN A
                            104.21.32.167
                            amygale.ru
                            IN A
                            172.67.153.18
                          • flag-us
                            DNS
                            14.25.17.104.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            14.25.17.104.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            167.32.21.104.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            167.32.21.104.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            cdn.jsdelivr.net
                            Remote address:
                            8.8.8.8:53
                            Request
                            cdn.jsdelivr.net
                            IN A
                            Response
                            cdn.jsdelivr.net
                            IN CNAME
                            jsdelivr.map.fastly.net
                            jsdelivr.map.fastly.net
                            IN A
                            151.101.193.229
                            jsdelivr.map.fastly.net
                            IN A
                            151.101.129.229
                            jsdelivr.map.fastly.net
                            IN A
                            151.101.1.229
                            jsdelivr.map.fastly.net
                            IN A
                            151.101.65.229
                          • flag-us
                            DNS
                            229.193.101.151.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            229.193.101.151.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            OPTIONS
                            https://a.nel.cloudflare.com/report/v4?s=sm4qg2V2VLWQ6VUMINMH0f9IFQaCtQLOZAfEjOEv2o1z8qbEM81LZZqqF9cWYdIDcJJy4beMrKzg51EJJgk8I6gBdwDdR34Hsopqkf9NYLn14C1UReO1YPjpBB6vzR1jFivFIw%3D%3D
                            chrome.exe
                            Remote address:
                            35.190.80.1:443
                            Request
                            OPTIONS /report/v4?s=sm4qg2V2VLWQ6VUMINMH0f9IFQaCtQLOZAfEjOEv2o1z8qbEM81LZZqqF9cWYdIDcJJy4beMrKzg51EJJgk8I6gBdwDdR34Hsopqkf9NYLn14C1UReO1YPjpBB6vzR1jFivFIw%3D%3D HTTP/2.0
                            host: a.nel.cloudflare.com
                            origin: https://drumcondra.com.ru
                            access-control-request-method: POST
                            access-control-request-headers: content-type
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                          • flag-us
                            POST
                            https://a.nel.cloudflare.com/report/v4?s=sm4qg2V2VLWQ6VUMINMH0f9IFQaCtQLOZAfEjOEv2o1z8qbEM81LZZqqF9cWYdIDcJJy4beMrKzg51EJJgk8I6gBdwDdR34Hsopqkf9NYLn14C1UReO1YPjpBB6vzR1jFivFIw%3D%3D
                            chrome.exe
                            Remote address:
                            35.190.80.1:443
                            Request
                            POST /report/v4?s=sm4qg2V2VLWQ6VUMINMH0f9IFQaCtQLOZAfEjOEv2o1z8qbEM81LZZqqF9cWYdIDcJJy4beMrKzg51EJJgk8I6gBdwDdR34Hsopqkf9NYLn14C1UReO1YPjpBB6vzR1jFivFIw%3D%3D HTTP/2.0
                            host: a.nel.cloudflare.com
                            content-length: 423
                            content-type: application/reports+json
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                          • flag-us
                            GET
                            https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js
                            chrome.exe
                            Remote address:
                            104.17.25.14:443
                            Request
                            GET /ajax/libs/crypto-js/4.0.0/crypto-js.min.js HTTP/2.0
                            host: cdnjs.cloudflare.com
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            sec-ch-ua-platform: "Windows"
                            accept: */*
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: script
                            referer: https://drumcondra.com.ru/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            date: Thu, 08 Aug 2024 14:00:12 GMT
                            content-type: application/javascript; charset=utf-8
                            content-length: 14107
                            access-control-allow-origin: *
                            cache-control: public, max-age=30672000
                            content-encoding: br
                            etag: "5eb03e2d-bb78"
                            last-modified: Mon, 04 May 2020 16:09:17 GMT
                            cf-cdnjs-via: cfworker/kv
                            cross-origin-resource-policy: cross-origin
                            timing-allow-origin: *
                            x-content-type-options: nosniff
                            vary: Accept-Encoding
                            cf-cache-status: HIT
                            age: 1285755
                            expires: Tue, 29 Jul 2025 14:00:12 GMT
                            accept-ranges: bytes
                            report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OfeGng8yaZ6BAElSY4zpegQLJoOmWQcU1sDphOYlvGqGBrQyNi%2BghWyD5IRvqxuc4mlDHQYvKj7moNkyEeJA6aC5OaRzXcrzzRjmxqs3NEX%2BclGmZJ6b1ICYuUWPOXizG%2BnWKQVs"}],"group":"cf-nel","max_age":604800}
                            nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
                            strict-transport-security: max-age=15780000
                            server: cloudflare
                            cf-ray: 8b0008085e5763df-LHR
                            alt-svc: h3=":443"; ma=86400
                          • flag-us
                            POST
                            https://amygale.ru//
                            chrome.exe
                            Remote address:
                            104.21.32.167:443
                            Request
                            POST // HTTP/2.0
                            host: amygale.ru
                            content-length: 25
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-platform: "Windows"
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            content-type: text/plain;charset=UTF-8
                            accept: */*
                            origin: https://drumcondra.com.ru
                            sec-fetch-site: cross-site
                            sec-fetch-mode: cors
                            sec-fetch-dest: empty
                            referer: https://drumcondra.com.ru/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            date: Thu, 08 Aug 2024 14:00:13 GMT
                            content-type: text/html; charset=UTF-8
                            access-control-allow-origin: *
                            vary: Accept-Encoding
                            cf-cache-status: DYNAMIC
                            report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LUKTOKCpsVpTE4YOUovBuIShYZMrnn7UafLYsWNBHY4KxQMLiy5Rz%2FBCsO4d91T0LfknbTdCGG2CIxYOulvecnZZqsFGOo2C%2FkdOC0pWkgMsVHJk%2BQ%2BW9R186NY8"}],"group":"cf-nel","max_age":604800}
                            nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                            server: cloudflare
                            cf-ray: 8b00080a6f4a71ea-LHR
                            content-encoding: br
                            alt-svc: h3=":443"; ma=86400
                          • flag-us
                            DNS
                            code.jquery.com
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            code.jquery.com
                            IN A
                            Response
                            code.jquery.com
                            IN A
                            151.101.194.137
                            code.jquery.com
                            IN A
                            151.101.130.137
                            code.jquery.com
                            IN A
                            151.101.66.137
                            code.jquery.com
                            IN A
                            151.101.2.137
                          • flag-us
                            DNS
                            137.194.101.151.in-addr.arpa
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            137.194.101.151.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            48.229.111.52.in-addr.arpa
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            48.229.111.52.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            stackpath.bootstrapcdn.com
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            stackpath.bootstrapcdn.com
                            IN A
                            Response
                            stackpath.bootstrapcdn.com
                            IN A
                            104.18.11.207
                            stackpath.bootstrapcdn.com
                            IN A
                            104.18.10.207
                          • flag-us
                            DNS
                            207.11.18.104.in-addr.arpa
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            207.11.18.104.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            self.events.data.microsoft.com
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            self.events.data.microsoft.com
                            IN A
                            Response
                            self.events.data.microsoft.com
                            IN CNAME
                            self-events-data.trafficmanager.net
                            self-events-data.trafficmanager.net
                            IN CNAME
                            onedscolprdjpe03.japaneast.cloudapp.azure.com
                            onedscolprdjpe03.japaneast.cloudapp.azure.com
                            IN A
                            13.78.111.199
                          • flag-us
                            DNS
                            self.events.data.microsoft.com
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            self.events.data.microsoft.com
                            IN A
                          • flag-us
                            DNS
                            th.bing.com
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            th.bing.com
                            IN A
                            Response
                            th.bing.com
                            IN CNAME
                            p-th.bing.com.trafficmanager.net
                            p-th.bing.com.trafficmanager.net
                            IN CNAME
                            th.bing.com.edgekey.net
                            th.bing.com.edgekey.net
                            IN CNAME
                            e86303.dscx.akamaiedge.net
                            e86303.dscx.akamaiedge.net
                            IN A
                            184.28.176.113
                            e86303.dscx.akamaiedge.net
                            IN A
                            184.28.176.35
                            e86303.dscx.akamaiedge.net
                            IN A
                            184.28.176.43
                            e86303.dscx.akamaiedge.net
                            IN A
                            184.28.176.24
                            e86303.dscx.akamaiedge.net
                            IN A
                            184.28.176.112
                            e86303.dscx.akamaiedge.net
                            IN A
                            184.28.176.26
                            e86303.dscx.akamaiedge.net
                            IN A
                            184.28.176.114
                            e86303.dscx.akamaiedge.net
                            IN A
                            184.28.176.42
                            e86303.dscx.akamaiedge.net
                            IN A
                            184.28.176.32
                          • flag-us
                            DNS
                            113.176.28.184.in-addr.arpa
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            113.176.28.184.in-addr.arpa
                            IN PTR
                            Response
                            113.176.28.184.in-addr.arpa
                            IN PTR
                            a184-28-176-113deploystaticakamaitechnologiescom
                          • flag-us
                            DNS
                            nexusrules.officeapps.live.com
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            nexusrules.officeapps.live.com
                            IN A
                            Response
                            nexusrules.officeapps.live.com
                            IN CNAME
                            prod.nexusrules.live.com.akadns.net
                            prod.nexusrules.live.com.akadns.net
                            IN A
                            52.111.229.48
                          • flag-us
                            GET
                            https://code.jquery.com/jquery-3.5.1.slim.min.js
                            chrome.exe
                            Remote address:
                            151.101.194.137:443
                            Request
                            GET /jquery-3.5.1.slim.min.js HTTP/2.0
                            host: code.jquery.com
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
                            sec-ch-ua-platform: "Windows"
                            accept: */*
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: script
                            referer: https://drumcondra.com.ru/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            server: nginx
                            content-type: application/javascript; charset=utf-8
                            last-modified: Fri, 18 Oct 1991 12:00:00 GMT
                            etag: W/"28feccc0-11abc"
                            cache-control: public, max-age=31536000, stale-while-revalidate=604800
                            access-control-allow-origin: *
                            content-encoding: gzip
                            via: 1.1 varnish, 1.1 varnish
                            accept-ranges: bytes
                            date: Thu, 08 Aug 2024 14:00:14 GMT
                            age: 15044109
                            x-served-by: cache-lga21954-LGA, cache-lon4243-LON
                            x-cache: HIT, HIT
                            x-cache-hits: 142851, 7915
                            x-timer: S1723125615.512913,VS0,VE0
                            vary: Accept-Encoding
                            content-length: 24606
                          • flag-us
                            GET
                            https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
                            chrome.exe
                            Remote address:
                            151.101.193.229:443
                            Request
                            GET /npm/bootstrap@5.0.2/dist/css/bootstrap.min.css HTTP/2.0
                            host: cdn.jsdelivr.net
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            origin: https://drumcondra.com.ru
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            sec-ch-ua-platform: "Windows"
                            accept: text/css,*/*;q=0.1
                            sec-fetch-site: cross-site
                            sec-fetch-mode: cors
                            sec-fetch-dest: style
                            referer: https://drumcondra.com.ru/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            access-control-allow-origin: *
                            access-control-expose-headers: *
                            timing-allow-origin: *
                            cache-control: public, max-age=31536000, s-maxage=31536000, immutable
                            cross-origin-resource-policy: cross-origin
                            x-content-type-options: nosniff
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            content-type: text/css; charset=utf-8
                            x-jsd-version: 5.0.2
                            x-jsd-version-type: version
                            etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
                            content-encoding: br
                            accept-ranges: bytes
                            date: Thu, 08 Aug 2024 14:00:14 GMT
                            age: 3067814
                            x-served-by: cache-fra-eddf8230097-FRA, cache-lon420096-LON
                            x-cache: HIT, HIT
                            vary: Accept-Encoding
                            alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
                            content-length: 25360
                          • flag-us
                            GET
                            https://cdn.jsdelivr.net/npm/@popperjs/core@2.5.2/dist/umd/popper.min.js
                            chrome.exe
                            Remote address:
                            151.101.193.229:443
                            Request
                            GET /npm/@popperjs/core@2.5.2/dist/umd/popper.min.js HTTP/2.0
                            host: cdn.jsdelivr.net
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
                            sec-ch-ua-platform: "Windows"
                            accept: */*
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: script
                            referer: https://drumcondra.com.ru/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            access-control-allow-origin: *
                            access-control-expose-headers: *
                            timing-allow-origin: *
                            cache-control: public, max-age=31536000, s-maxage=31536000, immutable
                            cross-origin-resource-policy: cross-origin
                            x-content-type-options: nosniff
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            content-type: application/javascript; charset=utf-8
                            x-jsd-version: 2.5.2
                            x-jsd-version-type: version
                            etag: W/"4785-1nNOLfRgVlbAQdjbsczfWaJjx/0"
                            content-encoding: br
                            accept-ranges: bytes
                            age: 1001628
                            date: Thu, 08 Aug 2024 14:00:14 GMT
                            x-served-by: cache-fra-eddf8230131-FRA, cache-lcy-eglc8600097-LCY
                            x-cache: HIT, HIT
                            vary: Accept-Encoding
                            alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
                            content-length: 6661
                          • flag-us
                            GET
                            https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
                            chrome.exe
                            Remote address:
                            104.18.11.207:443
                            Request
                            GET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/2.0
                            host: stackpath.bootstrapcdn.com
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
                            sec-ch-ua-platform: "Windows"
                            accept: */*
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: script
                            referer: https://drumcondra.com.ru/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            date: Thu, 08 Aug 2024 14:00:14 GMT
                            content-type: application/javascript; charset=utf-8
                            vary: Accept-Encoding
                            cdn-pullzone: 252412
                            cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
                            cdn-requestcountrycode: FR
                            access-control-allow-origin: *
                            cache-control: public, max-age=31919000
                            content-encoding: gzip
                            etag: W/"02d223393e00c273efdcb1ade8f4f8b1"
                            last-modified: Mon, 25 Jan 2021 22:04:11 GMT
                            cdn-cachedat: 10/31/2023 19:31:53
                            cdn-proxyver: 1.04
                            cdn-requestpullcode: 200
                            cdn-requestpullsuccess: True
                            cdn-edgestorageid: 947
                            timing-allow-origin: *
                            cross-origin-resource-policy: cross-origin
                            x-content-type-options: nosniff
                            cdn-status: 200
                            cdn-requestid: 8b127cc899012611a2abadfd14a30bb1
                            cdn-cache: HIT
                            cf-cache-status: HIT
                            age: 21985714
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            server: cloudflare
                            cf-ray: 8b000812c9586346-LHR
                            alt-svc: h3=":443"; ma=86400
                          • flag-gb
                            GET
                            https://th.bing.com/th/id/OIP.UZKUf3XAqRUwcnZT5apyYAHaEK
                            chrome.exe
                            Remote address:
                            184.28.176.113:443
                            Request
                            GET /th/id/OIP.UZKUf3XAqRUwcnZT5apyYAHaEK HTTP/2.0
                            host: th.bing.com
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            sec-ch-ua-platform: "Windows"
                            accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: image
                            referer: https://drumcondra.com.ru/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            cookie: MUID=3A8BDC67148763911BCAC8B210876078
                            Response
                            HTTP/2.0 200
                            content-type: image/jpeg
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            content-length: 28296
                            cache-control: public, max-age=1209555
                            date: Thu, 08 Aug 2024 14:00:14 GMT
                            x-cache: TCP_MISS from a184-28-176-109.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
                            alt-svc: h3=":443"; ma=93600
                            akamai-grn: 0.6db01cb8.1723125614.48901b
                            x-check-cacheable: YES
                          • flag-gb
                            GET
                            https://th.bing.com/th/id/OIP.YgHpuYP_XjAR5Ss6whIrmgHaHa
                            chrome.exe
                            Remote address:
                            184.28.176.113:443
                            Request
                            GET /th/id/OIP.YgHpuYP_XjAR5Ss6whIrmgHaHa HTTP/2.0
                            host: th.bing.com
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            sec-ch-ua-platform: "Windows"
                            accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: image
                            referer: https://drumcondra.com.ru/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            cookie: MUID=3A8BDC67148763911BCAC8B210876078
                            Response
                            HTTP/2.0 200
                            content-type: image/jpeg
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            content-length: 10433
                            cache-control: public, max-age=1209590
                            date: Thu, 08 Aug 2024 14:00:14 GMT
                            x-cache: TCP_MISS from a184-28-176-109.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
                            alt-svc: h3=":443"; ma=93600
                            akamai-grn: 0.6db01cb8.1723125614.48901c
                            x-check-cacheable: YES
                          • flag-gb
                            GET
                            https://th.bing.com/th/id/OIP.BHKcafs_tz7AT6uZwIOG5AHaHa
                            chrome.exe
                            Remote address:
                            184.28.176.113:443
                            Request
                            GET /th/id/OIP.BHKcafs_tz7AT6uZwIOG5AHaHa HTTP/2.0
                            host: th.bing.com
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            sec-ch-ua-platform: "Windows"
                            accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: image
                            referer: https://drumcondra.com.ru/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            cookie: MUID=3A8BDC67148763911BCAC8B210876078
                            Response
                            HTTP/2.0 200
                            content-type: image/jpeg
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            content-length: 7821
                            cache-control: public, max-age=1209580
                            date: Thu, 08 Aug 2024 14:00:14 GMT
                            x-cache: TCP_MISS from a184-28-176-109.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1-8b2dfe3939b99771c02ec6eca94739cd) (-)
                            alt-svc: h3=":443"; ma=93600
                            akamai-grn: 0.6db01cb8.1723125614.48901d
                            x-check-cacheable: YES
                          • 13.74.129.92:443
                            https://r.g.bing.com/bam/ac?!&&u=a1aHR0cHM6Ly9kcnVtY29uZHJhLmNvbS5ydS9jbkhTei8/
                            tls, http2
                            chrome.exe
                            1.8kB
                             7.3kB
                             12
                            14

                            HTTP Request

                            GET https://r.g.bing.com/bam/ac?!&&u=a1aHR0cHM6Ly9kcnVtY29uZHJhLmNvbS5ydS9jbkhTei8/

                            HTTP Response

                            302
                          • 13.74.129.92:443
                            r.g.bing.com
                            tls, http2
                            chrome.exe
                            1.8kB
                             6.8kB
                             11
                            11
                          • 104.21.68.72:443
                            https://drumcondra.com.ru/cnHSz/?
                            tls, http2
                            chrome.exe
                            3.2kB
                             9.5kB
                             24
                            24

                            HTTP Request

                            GET https://drumcondra.com.ru/cnHSz/?

                            HTTP Response

                            200

                            HTTP Request

                            GET https://drumcondra.com.ru/favicon.ico

                            HTTP Response

                            404

                            HTTP Request

                            POST https://drumcondra.com.ru/cnHSz/?

                            HTTP Response

                            200
                          • 104.18.95.41:443
                            https://challenges.cloudflare.com/turnstile/v0/g/769ce3c24a3b/api.js
                            tls, http2
                            chrome.exe
                            2.1kB
                             20.6kB
                             21
                            25

                            HTTP Request

                            GET https://challenges.cloudflare.com/turnstile/v0/api.js

                            HTTP Response

                            302

                            HTTP Request

                            GET https://challenges.cloudflare.com/turnstile/v0/g/769ce3c24a3b/api.js

                            HTTP Response

                            200
                          • 104.18.95.41:443
                            https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8b000736f8ca93e7&lang=auto
                            tls, http2
                            chrome.exe
                            4.2kB
                             70.1kB
                             54
                            83

                            HTTP Request

                            GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/tcyvb/0x4AAAAAAAdVpk8D6Pb_9pXH/auto/fbE/normal/auto/

                            HTTP Response

                            200

                            HTTP Request

                            GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/nbsskix%2B8rvzsiTuOH9u%2FM8iwY0%2FCXzUM0bUXyT0s6k%3D

                            HTTP Request

                            GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=8b000736f8ca93e7&lang=auto

                            HTTP Response

                            200

                            HTTP Response

                            200
                          • 35.190.80.1:443
                            a.nel.cloudflare.com
                            tls, http2
                            chrome.exe
                            2.3kB
                             1.2kB
                             14
                            8
                          • 35.190.80.1:443
                            https://a.nel.cloudflare.com/report/v4?s=sm4qg2V2VLWQ6VUMINMH0f9IFQaCtQLOZAfEjOEv2o1z8qbEM81LZZqqF9cWYdIDcJJy4beMrKzg51EJJgk8I6gBdwDdR34Hsopqkf9NYLn14C1UReO1YPjpBB6vzR1jFivFIw%3D%3D
                            tls, http2
                            chrome.exe
                            2.7kB
                             4.6kB
                             18
                            14

                            HTTP Request

                            OPTIONS https://a.nel.cloudflare.com/report/v4?s=sm4qg2V2VLWQ6VUMINMH0f9IFQaCtQLOZAfEjOEv2o1z8qbEM81LZZqqF9cWYdIDcJJy4beMrKzg51EJJgk8I6gBdwDdR34Hsopqkf9NYLn14C1UReO1YPjpBB6vzR1jFivFIw%3D%3D

                            HTTP Request

                            POST https://a.nel.cloudflare.com/report/v4?s=sm4qg2V2VLWQ6VUMINMH0f9IFQaCtQLOZAfEjOEv2o1z8qbEM81LZZqqF9cWYdIDcJJy4beMrKzg51EJJgk8I6gBdwDdR34Hsopqkf9NYLn14C1UReO1YPjpBB6vzR1jFivFIw%3D%3D
                          • 104.17.25.14:443
                            https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js
                            tls, http2
                            chrome.exe
                            2.1kB
                             19.2kB
                             23
                            28

                            HTTP Request

                            GET https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js

                            HTTP Response

                            200
                          • 104.21.32.167:443
                            https://amygale.ru//
                            tls, http2
                            chrome.exe
                            1.9kB
                             11.0kB
                             16
                            19

                            HTTP Request

                            POST https://amygale.ru//

                            HTTP Response

                            200
                          • 151.101.194.137:443
                            https://code.jquery.com/jquery-3.5.1.slim.min.js
                            tls, http2
                            chrome.exe
                            2.5kB
                             30.7kB
                             30
                            32

                            HTTP Request

                            GET https://code.jquery.com/jquery-3.5.1.slim.min.js

                            HTTP Response

                            200
                          • 151.101.193.229:443
                            https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
                            tls, http2
                            chrome.exe
                            2.5kB
                             32.8kB
                             30
                            34

                            HTTP Request

                            GET https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

                            HTTP Response

                            200
                          • 151.101.193.229:443
                            https://cdn.jsdelivr.net/npm/@popperjs/core@2.5.2/dist/umd/popper.min.js
                            tls, http2
                            chrome.exe
                            2.0kB
                             13.2kB
                             17
                            19

                            HTTP Request

                            GET https://cdn.jsdelivr.net/npm/@popperjs/core@2.5.2/dist/umd/popper.min.js

                            HTTP Response

                            200
                          • 104.18.11.207:443
                            https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
                            tls, http2
                            chrome.exe
                            2.3kB
                             22.6kB
                             24
                            26

                            HTTP Request

                            GET https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js

                            HTTP Response

                            200
                          • 184.28.176.113:443
                            th.bing.com
                            tls
                            chrome.exe
                            1.1kB
                             5.0kB
                             11
                            11
                          • 184.28.176.113:443
                            https://th.bing.com/th/id/OIP.BHKcafs_tz7AT6uZwIOG5AHaHa
                            tls, http2
                            chrome.exe
                            3.0kB
                             55.3kB
                             36
                            56

                            HTTP Request

                            GET https://th.bing.com/th/id/OIP.UZKUf3XAqRUwcnZT5apyYAHaEK

                            HTTP Request

                            GET https://th.bing.com/th/id/OIP.YgHpuYP_XjAR5Ss6whIrmgHaHa

                            HTTP Request

                            GET https://th.bing.com/th/id/OIP.BHKcafs_tz7AT6uZwIOG5AHaHa

                            HTTP Response

                            200

                            HTTP Response

                            200

                            HTTP Response

                            200
                          • 184.28.176.113:443
                            th.bing.com
                            tls
                            chrome.exe
                            1.1kB
                             5.0kB
                             11
                            11
                          • 52.111.229.19:443
                            322 B
                             7
                          • 8.8.8.8:53
                            r.g.bing.com
                            dns
                            chrome.exe
                            277 B
                             358 B
                             4
                            3

                            DNS Request

                            r.g.bing.com

                            DNS Response

                            13.74.129.92

                            DNS Request

                            challenges.cloudflare.com

                            DNS Response

                            104.18.95.41
                            104.18.94.41

                            DNS Request

                            202.179.250.142.in-addr.arpa

                            DNS Request

                            202.179.250.142.in-addr.arpa

                          • 8.8.8.8:53
                            72.68.21.104.in-addr.arpa
                            dns
                            269 B
                             215 B
                             4
                            2

                            DNS Request

                            72.68.21.104.in-addr.arpa

                            DNS Request

                            a.nel.cloudflare.com

                            DNS Request

                            a.nel.cloudflare.com

                            DNS Request

                            a.nel.cloudflare.com

                            DNS Response

                            35.190.80.1

                          • 104.18.95.41:443
                            challenges.cloudflare.com
                            https
                            chrome.exe
                            3.2kB
                             5.4kB
                             9
                            9
                          • 104.18.95.41:443
                            challenges.cloudflare.com
                            https
                            chrome.exe
                            54.7kB
                             131.7kB
                             96
                            140
                          • 104.21.68.72:443
                            drumcondra.com.ru
                            https
                            chrome.exe
                            1.9kB
                             6.0kB
                             9
                            10
                          • 8.8.8.8:53
                            41.95.18.104.in-addr.arpa
                            dns
                            542 B
                             1.0kB
                             8
                            8

                            DNS Request

                            41.95.18.104.in-addr.arpa

                            DNS Request

                            1.80.190.35.in-addr.arpa

                            DNS Request

                            cdnjs.cloudflare.com

                            DNS Response

                            104.17.25.14
                            104.17.24.14

                            DNS Request

                            amygale.ru

                            DNS Response

                            104.21.32.167
                            172.67.153.18

                            DNS Request

                            14.25.17.104.in-addr.arpa

                            DNS Request

                            167.32.21.104.in-addr.arpa

                            DNS Request

                            cdn.jsdelivr.net

                            DNS Response

                            151.101.193.229
                            151.101.129.229
                            151.101.1.229
                            151.101.65.229

                            DNS Request

                            229.193.101.151.in-addr.arpa

                          • 224.0.0.251:5353
                            chrome.exe
                            204 B
                             3
                          • 35.190.80.1:443
                            a.nel.cloudflare.com
                            https
                            chrome.exe
                            1.6kB
                             3.9kB
                             4
                            6
                          • 104.18.95.41:443
                            challenges.cloudflare.com
                            https
                            chrome.exe
                            41.9kB
                             5.8kB
                             40
                            15
                          • 104.21.68.72:443
                            drumcondra.com.ru
                            https
                            chrome.exe
                            1.7kB
                             3.2kB
                             5
                            7
                          • 8.8.8.8:53
                            code.jquery.com
                            dns
                            chrome.exe
                            207 B
                             417 B
                             3
                            3

                            DNS Request

                            code.jquery.com

                            DNS Response

                            151.101.194.137
                            151.101.130.137
                            151.101.66.137
                            151.101.2.137

                            DNS Request

                            137.194.101.151.in-addr.arpa

                            DNS Request

                            48.229.111.52.in-addr.arpa

                          • 8.8.8.8:53
                            stackpath.bootstrapcdn.com
                            dns
                            chrome.exe
                            296 B
                             435 B
                             4
                            3

                            DNS Request

                            stackpath.bootstrapcdn.com

                            DNS Response

                            104.18.11.207
                            104.18.10.207

                            DNS Request

                            207.11.18.104.in-addr.arpa

                            DNS Request

                            self.events.data.microsoft.com

                            DNS Request

                            self.events.data.microsoft.com

                            DNS Response

                            13.78.111.199

                          • 8.8.8.8:53
                            th.bing.com
                            dns
                            chrome.exe
                            206 B
                             598 B
                             3
                            3

                            DNS Request

                            th.bing.com

                            DNS Response

                            184.28.176.113
                            184.28.176.35
                            184.28.176.43
                            184.28.176.24
                            184.28.176.112
                            184.28.176.26
                            184.28.176.114
                            184.28.176.42
                            184.28.176.32

                            DNS Request

                            113.176.28.184.in-addr.arpa

                            DNS Request

                            nexusrules.officeapps.live.com

                            DNS Response

                            52.111.229.48

                          MITRE ATT&CK Enterprise v15

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx
                            Filesize

                            64KB

                            MD5

                            b5ad5caaaee00cb8cf445427975ae66c

                            SHA1

                            dcde6527290a326e048f9c3a85280d3fa71e1e22

                            SHA256

                            b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

                            SHA512

                            92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

                            Download Submit

                          • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock
                            Filesize

                            4B

                            MD5

                            f49655f856acb8884cc0ace29216f511

                            SHA1

                            cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

                            SHA256

                            7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

                            SHA512

                            599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

                            Download Submit

                          • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val
                            Filesize

                            1008B

                            MD5

                            d222b77a61527f2c177b0869e7babc24

                            SHA1

                            3f23acb984307a4aeba41ebbb70439c97ad1f268

                            SHA256

                            80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

                            SHA512

                            d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
                            Filesize

                            144B

                            MD5

                            e83d1f69627be7a3ee7b421b9a65c8fd

                            SHA1

                            f013c7fb8c1bab0746572e3143c3c9551e87c84d

                            SHA256

                            76e1b221b30b7eae958fddc3b0d68b26ca152d5a807ad8587cb41c7b848feb62

                            SHA512

                            bf4aa402d13bf14c86fce03fa17c9c1289abe47e3b05c49731650130e21ef7a925fd9eab08c2935022f591d9794f83ea8657c6e77e8d325360e2bc24452f2184

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
                            Filesize

                            240B

                            MD5

                            908719a74b7f4acdd297822bf6afd53d

                            SHA1

                            8fe1e5d333cec7c7db1c8f30247bad95e7b57de9

                            SHA256

                            812027569f0c19221757c71f37fa9dab2736be4e982a4afa7e9c449ee58572c1

                            SHA512

                            d6756909ce602ad4feb5a971c6c7932f17d7929156ab93903f3575a32b1cab2833a345a585c0205b0c5ebf38fe3f2391a7165ccf229daba0897dd8a9fd9b9760

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                            Filesize

                            4KB

                            MD5

                            cfa4dc96d83ac79d5a478bd82de610f0

                            SHA1

                            d47ace8020f763774b0e5287fb9f69ce2ce9c036

                            SHA256

                            0c07cf2c8945d22eade2e2cad73624416d13fe3a84fa10d2be0425f1331080af

                            SHA512

                            3facc069518272f9acdd2a891f913ba7ab56ae84694761cbf965032f8add67cf9da5bda45b721acea524b2513b6606d420c1928c00c25fe3827accc578a8cf2d

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                            Filesize

                            4KB

                            MD5

                            fbfcdbb774b35f969ddd34490bfa6bc1

                            SHA1

                            acaa2df0ec23dba338920ce43f16cba328038e0a

                            SHA256

                            eb89506782728bb3b5aca2d7aa65b2527c3c838bbf1d2330b978e146152bb66c

                            SHA512

                            dd82bfb6177ac0fe13bab90c5c49fd504f82a1ef4d846df45ab23909df3a31b6d7b4d2c5bccee1c6c30497381b381360a6aced9a95c60c54be6f882af7e72ceb

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
                            Filesize

                            2B

                            MD5

                            d751713988987e9331980363e24189ce

                            SHA1

                            97d170e1550eee4afc0af065b78cda302a97674c

                            SHA256

                            4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                            SHA512

                            b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                            Filesize

                            519B

                            MD5

                            ddae5bc9863e4bd4718c5c508e42d2dd

                            SHA1

                            f45281c68294aaa3d1cbb5f02e2c960d3dc7b4f7

                            SHA256

                            675dedb2fffac5f35cd60706ad3ca75580f8d62ceb7fdddbebbba11e64741d5a

                            SHA512

                            52d87b17d6a9a53bbb59668350202408c68b30d5231c87be16d984ed847f8e9e38977a333efdea77ad26dee6d882fbda8c42aceafac17204c7c35d0c1cb5e123

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                            Filesize

                            1009B

                            MD5

                            c4771402702c081948ddff42a50ddc25

                            SHA1

                            36eb266181978a86e3a146929cb5d7883a1eadcb

                            SHA256

                            8aa2b25ec06e2b3b610da39022c58ab301e65118815d6c50e792a0d3f5702fa4

                            SHA512

                            9d97bfdcad46810602ed5a1e578928e28e2e8c0803be53b9183c9dc58fc346d41e090007b457e02e5a766e83c0c097d8d758b3b90dcacbbc8bc98b73d1714672

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            8KB

                            MD5

                            d2b9c78dd1bc183e05751f8ec3850451

                            SHA1

                            d33b99b8d86d1377981cb0c774af581bd1ceb117

                            SHA256

                            b69196009355cfb3e09312021e5e5c79cdf6cf3b05bb352e5ceac434b9084b32

                            SHA512

                            2b4c10315589325b32426e2cfde8c6992ca28eaef0a662b85d24ce1620e8ed46460629374ce9b7d9afe27784524bbbbf3d42541d4ecda2972f03d30c9e2de146

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            8KB

                            MD5

                            f20f743e0ef3025d9deabe16e2c158f6

                            SHA1

                            12a38d989255e65ef4c10a9323dc873f34c7838d

                            SHA256

                            cf42660792db1a86a85731b35b4a4f538f9ce273109eb0ff0c50609c64d23752

                            SHA512

                            56b7ea598a3d4b6e015e1bf905705e5ffc3e344cafcd63166641b92a59765ad4bbe227e8d827f27c380df0ac1ecd118d923dff41f77e3a14542524f211fdda3a

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            9KB

                            MD5

                            8abb9a070cbf1d2c3c8798676f8c9bf2

                            SHA1

                            a080b770dec5612916b230fc7866ed2435d419a6

                            SHA256

                            48bc04016f13ad380f87d3349c0bcca885e0a303e47182e8e6962ef4fac5396c

                            SHA512

                            acdd5fc17536fb39500d4fdbea3d42c374def484b677c39b594fbe98cc01c93d8e093c9843a4d0fd91ba2465a7a11f710c8a431082c67063d0ec9bcdb9d9adec

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            8KB

                            MD5

                            401e5b1e0cac400117921e350051d429

                            SHA1

                            e18413973306444789c4d7c919efd222d3f8c5d5

                            SHA256

                            28df4e5375a0b307e955e245df518f472982e57958353969e7bee8a7442b88c2

                            SHA512

                            b564cc7b2f6fc2d417a0258b636ce57dde728a54d2894f18bc8f41b8a9e4c66352e65962516e4598552dae0f6bd83ddba1b5b3cea51a66bb92043afe043313cd

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            9KB

                            MD5

                            45ece4ae6434b70d0ce507a4b95b8aca

                            SHA1

                            d40fa1fddd548979a285f943b427612a6a8f378b

                            SHA256

                            0ec997f5769b4f6741aa6c066c1f6f695bb2643d92c72c4251a6a912de384ce9

                            SHA512

                            ab4df072b6529466f8a20a946d5af8799eb9ba0c56b111307df8842430f643c0b091cd60970e942f61ef6901da60157fcce2ec84dedfbcc9a284cb6bc357c235

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            8KB

                            MD5

                            28714fbf533ec3d144406cad7d5b15e3

                            SHA1

                            310b25ac54dd30f7df135184ba0d98297d3ddedf

                            SHA256

                            bf24df878706fb11ffc19fa3a0d7c4a6493756f16d5cf667f80e92b1ebc5533c

                            SHA512

                            40560c063d326a2a8740851752a0c9f8c142dd0895170c3fc0a6b05b1623f53cbbfd18844f40765d745ebb7858f0cd103b9507904e6c40479a9a9660ab15fe7e

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            9KB

                            MD5

                            550b6c58f69f7f077e0d19f162d19b9b

                            SHA1

                            7ec57d963cd8baaac4173536fabaae5184d346d2

                            SHA256

                            b4b1c069f96f07f264d2595150e746321f272fe740a952826e3c08d2a976d5af

                            SHA512

                            a5208640449c51a7d21d25d7a412041fbe15247f624625c81aa535db6b31e994dd5d45f1b7d70f3bab9a328dbabc5479d68965f8a7788baf4014e7a8c189d85b

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            9KB

                            MD5

                            b170e9e9af30ad550b39080a7f181255

                            SHA1

                            5ef1fd1e511871d6c2f8438766cd6d14efa0ad0c

                            SHA256

                            52306918d29e8e26f2dd3e003711d7d2dcf595e79895ea25e455da070eaf5a71

                            SHA512

                            177e28b1afd18ac934b4bdac9fd0e3fb33d116c23cf80083734fbee7743a26f819f020ac9d18b59b46d57345690c6dd715c40610b78bc7c0a8b26b2e8f09962f

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                            Filesize

                            195KB

                            MD5

                            07eda21d3442be2aa9f69f71b3a1a282

                            SHA1

                            c841c9f00cd7d4a7a3fdc84ffe626b7931553f72

                            SHA256

                            6c9be8b4dacbb92259c053baf4d5a20dc5bb923438128d4897eb62591bbe5b93

                            SHA512

                            f5a8847861b6298893c664623b9ef51b082ba44e5f77795c55669026baf06afe1403b0363388f336f1b5f4b2473d8e3b80acc2c04f077917e7849122f569cc6d

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                            Filesize

                            195KB

                            MD5

                            536a11c114b6f5f4fab17d1a58b14619

                            SHA1

                            60c7e12bd663f7f518bfb80e8d322ab28a476a35

                            SHA256

                            91ca1a6b4a88e166bd91e48d5683a027fcfb0b14e642a3b9d94863ede245686d

                            SHA512

                            615ba248a0655f43db3fd952c0efe7f3e3621c11e783391db7cfa9ccce5077b417397f03baa049d2fbb72972ff9c2c766f8c51d362dc0dadd12c8a8cbcef5e16

                            Download Submit

                          We care about your privacy.

                          This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.