Overview

overview

5

Static

static

1

URLScan

urlscan

1

http://yleujsca.fina...

windows10-2004-x64

5

Analysis

  • max time kernel
    149s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/08/2024, 07:20 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://yleujsca.finane.it

Score
5/10
discovery

Malware Config

Signatures

  • Drops file in System32 directory 2 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 5 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://yleujsca.finane.it
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3284
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffdc667cc40,0x7ffdc667cc4c,0x7ffdc667cc58
      2⤵
        PID:2704
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1908,i,13256579850570217034,7178532110039247618,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1904 /prefetch:2
        2⤵
          PID:332
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2128,i,13256579850570217034,7178532110039247618,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2160 /prefetch:3
          2⤵
            PID:1236
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2228,i,13256579850570217034,7178532110039247618,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2428 /prefetch:8
            2⤵
              PID:4596
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3044,i,13256579850570217034,7178532110039247618,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3064 /prefetch:1
              2⤵
                PID:3236
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3048,i,13256579850570217034,7178532110039247618,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3268 /prefetch:1
                2⤵
                  PID:228
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3748,i,13256579850570217034,7178532110039247618,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3652 /prefetch:1
                  2⤵
                    PID:4136
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=3284,i,13256579850570217034,7178532110039247618,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3264 /prefetch:1
                    2⤵
                      PID:3964
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4628,i,13256579850570217034,7178532110039247618,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4384 /prefetch:1
                      2⤵
                        PID:4872
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4536,i,13256579850570217034,7178532110039247618,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4800 /prefetch:8
                        2⤵
                          PID:3908
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5040,i,13256579850570217034,7178532110039247618,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3848 /prefetch:8
                          2⤵
                          • Modifies registry class
                          PID:4524
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4960,i,13256579850570217034,7178532110039247618,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4968 /prefetch:8
                          2⤵
                          • Drops file in System32 directory
                          • Suspicious behavior: EnumeratesProcesses
                          PID:660
                      • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                        "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                        1⤵
                          PID:3152
                        • C:\Windows\system32\svchost.exe
                          C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                          1⤵
                            PID:228

                          Network

                          • flag-us
                            DNS
                            209.205.72.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            209.205.72.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            yleujsca.finane.it
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            yleujsca.finane.it
                            IN A
                            Response
                            yleujsca.finane.it
                            IN A
                            185.53.178.54
                          • flag-de
                            GET
                            https://yleujsca.finane.it/
                            chrome.exe
                            Remote address:
                            185.53.178.54:443
                            Request
                            GET / HTTP/2.0
                            host: yleujsca.finane.it
                            upgrade-insecure-requests: 1
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            sec-ch-ua-platform: "Windows"
                            sec-fetch-site: none
                            sec-fetch-mode: navigate
                            sec-fetch-user: ?1
                            sec-fetch-dest: document
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            accept-ch: viewport-width
                            accept-ch: dpr
                            accept-ch: device-memory
                            accept-ch: rtt
                            accept-ch: downlink
                            accept-ch: ect
                            accept-ch: ua
                            accept-ch: ua-full-version
                            accept-ch: ua-platform
                            accept-ch: ua-platform-version
                            accept-ch: ua-arch
                            accept-ch: ua-model
                            accept-ch: ua-mobile
                            accept-ch-lifetime: 30
                            alt-svc: h3=":8443"; ma=2592000
                            content-encoding: gzip
                            content-type: text/html; charset=UTF-8
                            date: Mon, 19 Aug 2024 07:20:38 GMT
                            host: {http.reverse_proxy.upstream.hostport}
                            server: Caddy
                            server: nginx
                            vary: Accept-Encoding
                            x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_VJ5oL+1kuLM0if96vEVD5rm/R5gHt/m0yzNrBTDnBIxnFpR73CQFU25vI4fVwB9Tbw0wxr/J2UCF9ix7Bay8gw==
                            x-buckets: bucket011
                            x-domain: finane.it
                            x-forwarded-host: yleujsca.finane.it
                            x-language: english
                            x-ssl-c: v1
                            x-ssl-proxy: v3
                            x-subdomain: yleujsca
                            x-template: tpl_CleanPeppermintBlack_twoclick
                          • flag-de
                            GET
                            https://yleujsca.finane.it/track.php?domain=finane.it&toggle=browserjs&uid=MTcyNDA1MjAzOC4yNjY4OmFmYjExYmI2YTI3NGJlY2FkZGIyZDc5ZmIxZTAwMjQzMmI1MjVkNjJhYmMyYjk1YzI1NjIyMzdlZTEwMTMyMjA6NjZjMmYyNDY0MTIyZg%3D%3D
                            chrome.exe
                            Remote address:
                            185.53.178.54:443
                            Request
                            GET /track.php?domain=finane.it&toggle=browserjs&uid=MTcyNDA1MjAzOC4yNjY4OmFmYjExYmI2YTI3NGJlY2FkZGIyZDc5ZmIxZTAwMjQzMmI1MjVkNjJhYmMyYjk1YzI1NjIyMzdlZTEwMTMyMjA6NjZjMmYyNDY0MTIyZg%3D%3D HTTP/2.0
                            host: yleujsca.finane.it
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            device-memory: 8
                            rtt: 100
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            viewport-width: 1280
                            dpr: 1
                            downlink: 1.35
                            ect: 4g
                            sec-ch-ua-platform: "Windows"
                            accept: */*
                            sec-fetch-site: same-origin
                            sec-fetch-mode: cors
                            sec-fetch-dest: empty
                            referer: https://yleujsca.finane.it/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            accept-ch: viewport-width
                            accept-ch: dpr
                            accept-ch: device-memory
                            accept-ch: rtt
                            accept-ch: downlink
                            accept-ch: ect
                            accept-ch: ua
                            accept-ch: ua-full-version
                            accept-ch: ua-platform
                            accept-ch: ua-platform-version
                            accept-ch: ua-arch
                            accept-ch: ua-model
                            accept-ch: ua-mobile
                            accept-ch-lifetime: 30
                            access-control-allow-origin: *
                            alt-svc: h3=":8443"; ma=2592000
                            content-encoding: gzip
                            content-type: text/html; charset=UTF-8
                            date: Mon, 19 Aug 2024 07:20:38 GMT
                            host: {http.reverse_proxy.upstream.hostport}
                            server: Caddy
                            server: nginx
                            vary: Accept-Encoding
                            x-custom-track: browserjs
                            x-forwarded-host: yleujsca.finane.it
                            x-ssl-c: v1
                            x-ssl-proxy: v3
                          • flag-de
                            GET
                            https://yleujsca.finane.it/ls.php?t=66c2f246&token=9a5fb8217e00afdbba2094293716ecdd2bf4ce60
                            chrome.exe
                            Remote address:
                            185.53.178.54:443
                            Request
                            GET /ls.php?t=66c2f246&token=9a5fb8217e00afdbba2094293716ecdd2bf4ce60 HTTP/2.0
                            host: yleujsca.finane.it
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            device-memory: 8
                            rtt: 100
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            viewport-width: 1280
                            dpr: 1
                            downlink: 1.35
                            ect: 4g
                            sec-ch-ua-platform: "Windows"
                            accept: */*
                            sec-fetch-site: same-origin
                            sec-fetch-mode: cors
                            sec-fetch-dest: empty
                            referer: https://yleujsca.finane.it/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 201
                            accept-ch: viewport-width
                            accept-ch: dpr
                            accept-ch: device-memory
                            accept-ch: rtt
                            accept-ch: downlink
                            accept-ch: ect
                            accept-ch: ua
                            accept-ch: ua-full-version
                            accept-ch: ua-platform
                            accept-ch: ua-platform-version
                            accept-ch: ua-arch
                            accept-ch: ua-model
                            accept-ch: ua-mobile
                            accept-ch-lifetime: 30
                            access-control-allow-methods: POST, OPTIONS
                            access-control-allow-origin:
                            access-control-max-age: 86400
                            alt-svc: h3=":8443"; ma=2592000
                            charset: utf-8
                            content-type: text/javascript;charset=UTF-8
                            date: Mon, 19 Aug 2024 07:20:38 GMT
                            host: {http.reverse_proxy.upstream.hostport}
                            server: Caddy
                            server: nginx
                            x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_WDc6dpOrrZUr59xYlEtuWXVJUsAHHGse49X59yoIuOlWQNnn19jirSOW+Ln1NUFfGjCdCERPTzcyzZWCyz96/A==
                            x-forwarded-host: yleujsca.finane.it
                            x-log-success: 66c2f246df94b6b9a60c2ac8
                            x-ssl-c: v1
                            x-ssl-proxy: v3
                          • flag-de
                            GET
                            https://yleujsca.finane.it/favicon.ico
                            chrome.exe
                            Remote address:
                            185.53.178.54:443
                            Request
                            GET /favicon.ico HTTP/2.0
                            host: yleujsca.finane.it
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            device-memory: 8
                            rtt: 100
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            viewport-width: 1280
                            dpr: 1
                            downlink: 1.35
                            ect: 4g
                            sec-ch-ua-platform: "Windows"
                            accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            sec-fetch-site: same-origin
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: image
                            referer: https://yleujsca.finane.it/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            cookie: __gsas=ID=7c81d6cac3370a07:T=1724052039:RT=1724052039:S=ALNI_MbZ-FEV4h_X7vfNSAAhWA77zB_AfQ
                            Response
                            HTTP/2.0 200
                            accept-ranges: bytes
                            alt-svc: h3=":8443"; ma=2592000
                            content-type: image/x-icon
                            date: Mon, 19 Aug 2024 07:20:40 GMT
                            etag: "66b9fea0-0"
                            host: {http.reverse_proxy.upstream.hostport}
                            last-modified: Mon, 12 Aug 2024 12:22:56 GMT
                            server: Caddy
                            server: nginx
                            x-forwarded-host: yleujsca.finane.it
                            x-ssl-c: v1
                            x-ssl-proxy: v3
                            content-length: 0
                          • flag-us
                            DNS
                            d38psrni17bvxu.cloudfront.net
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            d38psrni17bvxu.cloudfront.net
                            IN A
                            Response
                            d38psrni17bvxu.cloudfront.net
                            IN A
                            99.86.249.190
                            d38psrni17bvxu.cloudfront.net
                            IN A
                            99.86.249.97
                            d38psrni17bvxu.cloudfront.net
                            IN A
                            99.86.249.105
                            d38psrni17bvxu.cloudfront.net
                            IN A
                            99.86.249.202
                          • flag-us
                            DNS
                            www.google.com
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            www.google.com
                            IN A
                            Response
                            www.google.com
                            IN A
                            172.217.20.196
                          • flag-gb
                            GET
                            https://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
                            chrome.exe
                            Remote address:
                            99.86.249.190:443
                            Request
                            GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/2.0
                            host: d38psrni17bvxu.cloudfront.net
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            sec-ch-ua-platform: "Windows"
                            accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: image
                            referer: https://yleujsca.finane.it/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                            Response
                            HTTP/2.0 200
                            content-type: image/png
                            content-length: 11375
                            server: nginx
                            date: Mon, 19 Aug 2024 03:08:26 GMT
                            last-modified: Thu, 21 Mar 2024 11:48:11 GMT
                            accept-ranges: bytes
                            etag: "65fc1e7b-2c6f"
                            x-cache: Hit from cloudfront
                            via: 1.1 1d01c9eafefacaa6322fccd6199f781c.cloudfront.net (CloudFront)
                            x-amz-cf-pop: LHR3-C2
                            x-amz-cf-id: -tgsqTQUC40Vcgz-xbl_zX8gtQ_eXgWCLkwwGvV6fmVMf4hLDBWGKw==
                            age: 15132
                          • flag-fr
                            GET
                            https://www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true
                            chrome.exe
                            Remote address:
                            172.217.20.196:443
                            Request
                            GET /adsense/domains/caf.js?abp=1&adsdeli=true HTTP/2.0
                            host: www.google.com
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            sec-ch-ua-platform: "Windows"
                            accept: */*
                            x-client-data: CJLeygE=
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: script
                            referer: https://yleujsca.finane.it/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                          • flag-us
                            DNS
                            syndicatedsearch.goog
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            syndicatedsearch.goog
                            IN A
                            Response
                            syndicatedsearch.goog
                            IN A
                            142.250.74.238
                          • flag-us
                            DNS
                            21.58.20.217.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            21.58.20.217.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            54.178.53.185.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            54.178.53.185.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            106.179.250.142.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            106.179.250.142.in-addr.arpa
                            IN PTR
                            Response
                            106.179.250.142.in-addr.arpa
                            IN PTR
                            par21s20-in-f101e100net
                          • flag-us
                            DNS
                            190.249.86.99.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            190.249.86.99.in-addr.arpa
                            IN PTR
                            Response
                            190.249.86.99.in-addr.arpa
                            IN PTR
                            server-99-86-249-190lhr3r cloudfrontnet
                          • flag-us
                            DNS
                            196.20.217.172.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            196.20.217.172.in-addr.arpa
                            IN PTR
                            Response
                            196.20.217.172.in-addr.arpa
                            IN PTR
                            waw02s08-in-f1961e100net
                            196.20.217.172.in-addr.arpa
                            IN PTR
                            waw02s08-in-f4�J
                            196.20.217.172.in-addr.arpa
                            IN PTR
                            par10s50-in-f4�J
                          • flag-us
                            DNS
                            partner.googleadservices.com
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            partner.googleadservices.com
                            IN A
                            Response
                            partner.googleadservices.com
                            IN A
                            142.250.179.98
                          • flag-fr
                            GET
                            https://syndicatedsearch.goog/afs/ads?adtest=off&psid=7840396037&pcsa=false&channel=000001%2Cbucket011&client=dp-teaminternet09_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fyleujsca.finane.it%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NmMyZjI0NjQxMjA0fHx8MTcyNDA1MjAzOC4yOTYyfDE1NDAwM2M5MjBlZWQ1ZmU2YWM4MDg5ZGMyNjZhZGZhYWU0YTlkZjZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5YTVmYjgyMTdlMDBhZmRiYmEyMDk0MjkzNzE2ZWNkZDJiZjRjZTYwfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8fA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2419884812933848&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266&format=r3%7Cs&nocache=2351724052037773&num=0&output=afd_ads&domain_name=yleujsca.finane.it&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1724052037774&u_w=1280&u_h=720&biw=1263&bih=593&psw=1263&psh=754&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=662499046&rurl=https%3A%2F%2Fyleujsca.finane.it%2F
                            chrome.exe
                            Remote address:
                            142.250.74.238:443
                            Request
                            GET /afs/ads?adtest=off&psid=7840396037&pcsa=false&channel=000001%2Cbucket011&client=dp-teaminternet09_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fyleujsca.finane.it%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NmMyZjI0NjQxMjA0fHx8MTcyNDA1MjAzOC4yOTYyfDE1NDAwM2M5MjBlZWQ1ZmU2YWM4MDg5ZGMyNjZhZGZhYWU0YTlkZjZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5YTVmYjgyMTdlMDBhZmRiYmEyMDk0MjkzNzE2ZWNkZDJiZjRjZTYwfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8fA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2419884812933848&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266&format=r3%7Cs&nocache=2351724052037773&num=0&output=afd_ads&domain_name=yleujsca.finane.it&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1724052037774&u_w=1280&u_h=720&biw=1263&bih=593&psw=1263&psh=754&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=662499046&rurl=https%3A%2F%2Fyleujsca.finane.it%2F HTTP/2.0
                            host: syndicatedsearch.goog
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            sec-ch-ua-platform: "Windows"
                            upgrade-insecure-requests: 1
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                            sec-fetch-site: cross-site
                            sec-fetch-mode: navigate
                            sec-fetch-dest: iframe
                            referer: https://yleujsca.finane.it/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                          • flag-fr
                            GET
                            https://partner.googleadservices.com/gampad/cookie.js?domain=yleujsca.finane.it&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2
                            chrome.exe
                            Remote address:
                            142.250.179.98:443
                            Request
                            GET /gampad/cookie.js?domain=yleujsca.finane.it&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2 HTTP/2.0
                            host: partner.googleadservices.com
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            sec-ch-ua-platform: "Windows"
                            accept: */*
                            x-client-data: CJLeygE=
                            sec-fetch-site: cross-site
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: script
                            referer: https://yleujsca.finane.it/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                          • flag-fr
                            GET
                            https://www.google.com/sorry/index?continue=https://syndicatedsearch.goog/afs/ads%3Fadtest%3Doff%26psid%3D7840396037%26pcsa%3Dfalse%26channel%3D000001%252Cbucket011%26client%3Ddp-teaminternet09_3ph%26r%3Dm%26hl%3Den%26ivt%3D0%26rpbu%3Dhttp%253A%252F%252Fyleujsca.finane.it%252F%253Fts%253DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NmMyZjI0NjQxMjA0fHx8MTcyNDA1MjAzOC4yOTYyfDE1NDAwM2M5MjBlZWQ1ZmU2YWM4MDg5ZGMyNjZhZGZhYWU0YTlkZjZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5YTVmYjgyMTdlMDBhZmRiYmEyMDk0MjkzNzE2ZWNkZDJiZjRjZTYwfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8fA%25253D%25253D%26max_radlink_len%3D40%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-2419884812933848%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301437%252C17301439%252C17301442%252C17301511%252C17301516%252C17301266%26format%3Dr3%257Cs%26nocache%3D2351724052037773%26num%3D0%26output%3Dafd_ads%26domain_name%3Dyleujsca.finane.it%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D1%26u_tz%3D0%26dt%3D1724052037774%26u_w%3D1280%26u_h%3D720%26biw%3D1263%26bih%3D593%26psw%3D1263%26psh%3D754%26frm%3D0%26uio%3D--%26cont%3Dtc%26drt%3D0%26jsid%3Dcaf%26jsv%3D662499046%26rurl%3Dhttps%253A%252F%252Fyleujsca.finane.it%252F&hl=en&q=EgTCbg1GGMfki7YGIjBVJvl01ANGa58AtkaV9qZyxcqegvSu60gCEDGg3XBUzE3bnDNVqip-39GmPpX5fYAyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
                            chrome.exe
                            Remote address:
                            172.217.20.196:443
                            Request
                            GET /sorry/index?continue=https://syndicatedsearch.goog/afs/ads%3Fadtest%3Doff%26psid%3D7840396037%26pcsa%3Dfalse%26channel%3D000001%252Cbucket011%26client%3Ddp-teaminternet09_3ph%26r%3Dm%26hl%3Den%26ivt%3D0%26rpbu%3Dhttp%253A%252F%252Fyleujsca.finane.it%252F%253Fts%253DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NmMyZjI0NjQxMjA0fHx8MTcyNDA1MjAzOC4yOTYyfDE1NDAwM2M5MjBlZWQ1ZmU2YWM4MDg5ZGMyNjZhZGZhYWU0YTlkZjZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5YTVmYjgyMTdlMDBhZmRiYmEyMDk0MjkzNzE2ZWNkZDJiZjRjZTYwfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8fA%25253D%25253D%26max_radlink_len%3D40%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-2419884812933848%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301437%252C17301439%252C17301442%252C17301511%252C17301516%252C17301266%26format%3Dr3%257Cs%26nocache%3D2351724052037773%26num%3D0%26output%3Dafd_ads%26domain_name%3Dyleujsca.finane.it%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D1%26u_tz%3D0%26dt%3D1724052037774%26u_w%3D1280%26u_h%3D720%26biw%3D1263%26bih%3D593%26psw%3D1263%26psh%3D754%26frm%3D0%26uio%3D--%26cont%3Dtc%26drt%3D0%26jsid%3Dcaf%26jsv%3D662499046%26rurl%3Dhttps%253A%252F%252Fyleujsca.finane.it%252F&hl=en&q=EgTCbg1GGMfki7YGIjBVJvl01ANGa58AtkaV9qZyxcqegvSu60gCEDGg3XBUzE3bnDNVqip-39GmPpX5fYAyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/2.0
                            host: www.google.com
                            upgrade-insecure-requests: 1
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                            sec-fetch-site: cross-site
                            sec-fetch-mode: navigate
                            sec-fetch-dest: iframe
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            sec-ch-ua-platform: "Windows"
                            referer: https://yleujsca.finane.it/
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                          • flag-fr
                            GET
                            https://www.google.com/recaptcha/api.js
                            chrome.exe
                            Remote address:
                            172.217.20.196:443
                            Request
                            GET /recaptcha/api.js HTTP/2.0
                            host: www.google.com
                            sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                            sec-ch-ua-mobile: ?0
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            sec-ch-ua-platform: "Windows"
                            accept: */*
                            x-client-data: CJLeygE=
                            sec-fetch-site: same-origin
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: script
                            referer: https://www.google.com/sorry/index?continue=https://syndicatedsearch.goog/afs/ads%3Fadtest%3Doff%26psid%3D7840396037%26pcsa%3Dfalse%26channel%3D000001%252Cbucket011%26client%3Ddp-teaminternet09_3ph%26r%3Dm%26hl%3Den%26ivt%3D0%26rpbu%3Dhttp%253A%252F%252Fyleujsca.finane.it%252F%253Fts%253DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NmMyZjI0NjQxMjA0fHx8MTcyNDA1MjAzOC4yOTYyfDE1NDAwM2M5MjBlZWQ1ZmU2YWM4MDg5ZGMyNjZhZGZhYWU0YTlkZjZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5YTVmYjgyMTdlMDBhZmRiYmEyMDk0MjkzNzE2ZWNkZDJiZjRjZTYwfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8fA%25253D%25253D%26max_radlink_len%3D40%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-2419884812933848%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301437%252C17301439%252C17301442%252C17301511%252C17301516%252C17301266%26format%3Dr3%257Cs%26nocache%3D2351724052037773%26num%3D0%26output%3Dafd_ads%26domain_name%3Dyleujsca.finane.it%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D1%26u_tz%3D0%26dt%3D1724052037774%26u_w%3D1280%26u_h%3D720%26biw%3D1263%26bih%3D593%26psw%3D1263%26psh%3D754%26frm%3D0%26uio%3D--%26cont%3Dtc%26drt%3D0%26jsid%3Dcaf%26jsv%3D662499046%26rurl%3Dhttps%253A%252F%252Fyleujsca.finane.it%252F&hl=en&q=EgTCbg1GGMfki7YGIjBVJvl01ANGa58AtkaV9qZyxcqegvSu60gCEDGg3XBUzE3bnDNVqip-39GmPpX5fYAyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                          • flag-us
                            DNS
                            g.bing.com
                            Remote address:
                            8.8.8.8:53
                            Request
                            g.bing.com
                            IN A
                            Response
                            g.bing.com
                            IN CNAME
                            g-bing-com.dual-a-0034.a-msedge.net
                            g-bing-com.dual-a-0034.a-msedge.net
                            IN CNAME
                            dual-a-0034.a-msedge.net
                            dual-a-0034.a-msedge.net
                            IN A
                            204.79.197.237
                            dual-a-0034.a-msedge.net
                            IN A
                            13.107.21.237
                          • flag-us
                            GET
                            https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=5f4fd633aaad42fabc648a8b9bca9b15&localId=w:E1FD06B2-9179-2377-8934-278C10EE140A&deviceId=6896205358121058&anid=
                            Remote address:
                            204.79.197.237:443
                            Request
                            GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=5f4fd633aaad42fabc648a8b9bca9b15&localId=w:E1FD06B2-9179-2377-8934-278C10EE140A&deviceId=6896205358121058&anid= HTTP/2.0
                            host: g.bing.com
                            accept-encoding: gzip, deflate
                            user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                            Response
                            HTTP/2.0 204
                            cache-control: no-cache, must-revalidate
                            pragma: no-cache
                            expires: Fri, 01 Jan 1990 00:00:00 GMT
                            set-cookie: MUID=23D6191AD3DC65B131920DFAD23C64AC; domain=.bing.com; expires=Sat, 13-Sep-2025 07:20:40 GMT; path=/; SameSite=None; Secure; Priority=High;
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            access-control-allow-origin: *
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 3F41007CCE26499C8071FF9A9F72C13F Ref B: LON04EDGE1012 Ref C: 2024-08-19T07:20:40Z
                            date: Mon, 19 Aug 2024 07:20:40 GMT
                          • flag-us
                            GET
                            https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=5f4fd633aaad42fabc648a8b9bca9b15&localId=w:E1FD06B2-9179-2377-8934-278C10EE140A&deviceId=6896205358121058&anid=
                            Remote address:
                            204.79.197.237:443
                            Request
                            GET /neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=5f4fd633aaad42fabc648a8b9bca9b15&localId=w:E1FD06B2-9179-2377-8934-278C10EE140A&deviceId=6896205358121058&anid= HTTP/2.0
                            host: g.bing.com
                            accept-encoding: gzip, deflate
                            user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                            cookie: MUID=23D6191AD3DC65B131920DFAD23C64AC
                            Response
                            HTTP/2.0 204
                            cache-control: no-cache, must-revalidate
                            pragma: no-cache
                            expires: Fri, 01 Jan 1990 00:00:00 GMT
                            set-cookie: MSPTC=kpJe2pweOykH8YabCpJK_9wvfU1yhi9OcjCEuHjJjbc; domain=.bing.com; expires=Sat, 13-Sep-2025 07:20:40 GMT; path=/; Partitioned; secure; SameSite=None
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            access-control-allow-origin: *
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: A228073BAAA64488A1D5B4014A95B8D7 Ref B: LON04EDGE1012 Ref C: 2024-08-19T07:20:40Z
                            date: Mon, 19 Aug 2024 07:20:40 GMT
                          • flag-us
                            GET
                            https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=5f4fd633aaad42fabc648a8b9bca9b15&localId=w:E1FD06B2-9179-2377-8934-278C10EE140A&deviceId=6896205358121058&anid=
                            Remote address:
                            204.79.197.237:443
                            Request
                            GET /neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=5f4fd633aaad42fabc648a8b9bca9b15&localId=w:E1FD06B2-9179-2377-8934-278C10EE140A&deviceId=6896205358121058&anid= HTTP/2.0
                            host: g.bing.com
                            accept-encoding: gzip, deflate
                            user-agent: WindowsShellClient/9.0.40929.0 (Windows)
                            cookie: MUID=23D6191AD3DC65B131920DFAD23C64AC; MSPTC=kpJe2pweOykH8YabCpJK_9wvfU1yhi9OcjCEuHjJjbc
                            Response
                            HTTP/2.0 204
                            cache-control: no-cache, must-revalidate
                            pragma: no-cache
                            expires: Fri, 01 Jan 1990 00:00:00 GMT
                            strict-transport-security: max-age=31536000; includeSubDomains; preload
                            access-control-allow-origin: *
                            x-cache: CONFIG_NOCACHE
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: EED0804DACA942ECAFCC3C882274AA57 Ref B: LON04EDGE1012 Ref C: 2024-08-19T07:20:40Z
                            date: Mon, 19 Aug 2024 07:20:40 GMT
                          • flag-us
                            DNS
                            238.74.250.142.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            238.74.250.142.in-addr.arpa
                            IN PTR
                            Response
                            238.74.250.142.in-addr.arpa
                            IN PTR
                            par10s40-in-f141e100net
                          • flag-us
                            DNS
                            98.179.250.142.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            98.179.250.142.in-addr.arpa
                            IN PTR
                            Response
                            98.179.250.142.in-addr.arpa
                            IN PTR
                            par21s20-in-f21e100net
                          • flag-us
                            DNS
                            73.31.126.40.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            73.31.126.40.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            237.197.79.204.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            237.197.79.204.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            content-autofill.googleapis.com
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            content-autofill.googleapis.com
                            IN A
                            Response
                            content-autofill.googleapis.com
                            IN A
                            142.250.178.138
                            content-autofill.googleapis.com
                            IN A
                            216.58.215.42
                            content-autofill.googleapis.com
                            IN A
                            142.250.75.234
                            content-autofill.googleapis.com
                            IN A
                            142.250.201.170
                            content-autofill.googleapis.com
                            IN A
                            172.217.20.170
                            content-autofill.googleapis.com
                            IN A
                            142.250.179.74
                            content-autofill.googleapis.com
                            IN A
                            172.217.18.202
                            content-autofill.googleapis.com
                            IN A
                            216.58.214.170
                            content-autofill.googleapis.com
                            IN A
                            142.250.179.106
                            content-autofill.googleapis.com
                            IN A
                            172.217.20.202
                            content-autofill.googleapis.com
                            IN A
                            216.58.213.74
                          • flag-fr
                            GET
                            https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQk8dqZYMe7mkRIFDVNaR8UhNPMsUJv-EH0=?alt=proto
                            chrome.exe
                            Remote address:
                            142.250.178.138:443
                            Request
                            GET /v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQk8dqZYMe7mkRIFDVNaR8UhNPMsUJv-EH0=?alt=proto HTTP/2.0
                            host: content-autofill.googleapis.com
                            x-goog-encode-response-if-executable: base64
                            x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                            x-client-data: CJLeygE=
                            sec-fetch-site: none
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: empty
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                          • flag-fr
                            GET
                            https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQnqAG5Yk_Qo8xIFDVNaR8UhTVLcjkH4CyMSGQk8dqZYMe7mkRIFDVNaR8UhTVLcjkH4CyM=?alt=proto
                            chrome.exe
                            Remote address:
                            142.250.178.138:443
                            Request
                            GET /v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQnqAG5Yk_Qo8xIFDVNaR8UhTVLcjkH4CyMSGQk8dqZYMe7mkRIFDVNaR8UhTVLcjkH4CyM=?alt=proto HTTP/2.0
                            host: content-autofill.googleapis.com
                            x-goog-encode-response-if-executable: base64
                            x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                            x-client-data: CJLeygE=
                            sec-fetch-site: none
                            sec-fetch-mode: no-cors
                            sec-fetch-dest: empty
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                          • flag-us
                            DNS
                            67.214.58.216.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            67.214.58.216.in-addr.arpa
                            IN PTR
                            Response
                            67.214.58.216.in-addr.arpa
                            IN PTR
                            fra15s10-in-f671e100net
                            67.214.58.216.in-addr.arpa
                            IN PTR
                            par10s39-in-f3�H
                            67.214.58.216.in-addr.arpa
                            IN PTR
                            fra15s10-in-f3�H
                          • flag-us
                            DNS
                            88.156.103.20.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            88.156.103.20.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            138.178.250.142.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            138.178.250.142.in-addr.arpa
                            IN PTR
                            Response
                            138.178.250.142.in-addr.arpa
                            IN PTR
                            par21s22-in-f101e100net
                          • flag-us
                            DNS
                            67.179.250.142.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            67.179.250.142.in-addr.arpa
                            IN PTR
                            Response
                            67.179.250.142.in-addr.arpa
                            IN PTR
                            par21s19-in-f31e100net
                          • flag-us
                            DNS
                            103.169.127.40.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            103.169.127.40.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            15.164.165.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            15.164.165.52.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            172.210.232.199.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            172.210.232.199.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            tse1.mm.bing.net
                            Remote address:
                            8.8.8.8:53
                            Request
                            tse1.mm.bing.net
                            IN A
                            Response
                            tse1.mm.bing.net
                            IN CNAME
                            mm-mm.bing.net.trafficmanager.net
                            mm-mm.bing.net.trafficmanager.net
                            IN CNAME
                            ax-0001.ax-msedge.net
                            ax-0001.ax-msedge.net
                            IN A
                            150.171.28.10
                            ax-0001.ax-msedge.net
                            IN A
                            150.171.27.10
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239340418545_11VT5XTZM3TEDIRSP&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                            Remote address:
                            150.171.28.10:443
                            Request
                            GET /th?id=OADD2.10239340418545_11VT5XTZM3TEDIRSP&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 751091
                            content-type: image/jpeg
                            x-cache: TCP_HIT
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: FBB8431F56994B0DB58C65C399DE9DC8 Ref B: LON04EDGE0706 Ref C: 2024-08-19T07:21:13Z
                            date: Mon, 19 Aug 2024 07:21:13 GMT
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239317300932_1F3XVYLI2C551DUEM&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                            Remote address:
                            150.171.28.10:443
                            Request
                            GET /th?id=OADD2.10239317300932_1F3XVYLI2C551DUEM&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 581101
                            content-type: image/jpeg
                            x-cache: TCP_HIT
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 5E84B9A2989F4412B4C182DC3627A809 Ref B: LON04EDGE0706 Ref C: 2024-08-19T07:21:13Z
                            date: Mon, 19 Aug 2024 07:21:13 GMT
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239317301365_1T2JA9OXDN9GY4HXW&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                            Remote address:
                            150.171.28.10:443
                            Request
                            GET /th?id=OADD2.10239317301365_1T2JA9OXDN9GY4HXW&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 639396
                            content-type: image/jpeg
                            x-cache: TCP_HIT
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: F69B3181A4C546AAB42CD563427CB6C9 Ref B: LON04EDGE0706 Ref C: 2024-08-19T07:21:13Z
                            date: Mon, 19 Aug 2024 07:21:13 GMT
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239339388113_1UUFKEO9Y9AYGD8YG&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                            Remote address:
                            150.171.28.10:443
                            Request
                            GET /th?id=OADD2.10239339388113_1UUFKEO9Y9AYGD8YG&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 385954
                            content-type: image/jpeg
                            x-cache: TCP_HIT
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 64BFD86DCF5A4B64BE84C7CE4790EF00 Ref B: LON04EDGE0706 Ref C: 2024-08-19T07:21:13Z
                            date: Mon, 19 Aug 2024 07:21:13 GMT
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239339388114_1II63A1BYQ3WIA6DV&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90
                            Remote address:
                            150.171.28.10:443
                            Request
                            GET /th?id=OADD2.10239339388114_1II63A1BYQ3WIA6DV&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 349873
                            content-type: image/jpeg
                            x-cache: TCP_HIT
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 15F8739092134AC0A5E77F3BF41EF79D Ref B: LON04EDGE0706 Ref C: 2024-08-19T07:21:13Z
                            date: Mon, 19 Aug 2024 07:21:13 GMT
                          • flag-us
                            GET
                            https://tse1.mm.bing.net/th?id=OADD2.10239340418546_1PNT9LCA42P8D0DO5&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                            Remote address:
                            150.171.28.10:443
                            Request
                            GET /th?id=OADD2.10239340418546_1PNT9LCA42P8D0DO5&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/2.0
                            host: tse1.mm.bing.net
                            accept: */*
                            accept-encoding: gzip, deflate, br
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19041
                            Response
                            HTTP/2.0 200
                            cache-control: public, max-age=2592000
                            content-length: 635249
                            content-type: image/jpeg
                            x-cache: TCP_HIT
                            access-control-allow-origin: *
                            access-control-allow-headers: *
                            access-control-allow-methods: GET, POST, OPTIONS
                            timing-allow-origin: *
                            report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                            nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                            accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                            x-msedge-ref: Ref A: 9AA86926DFDB431792C391B673563D99 Ref B: LON04EDGE0706 Ref C: 2024-08-19T07:21:14Z
                            date: Mon, 19 Aug 2024 07:21:14 GMT
                          • flag-us
                            DNS
                            10.28.171.150.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            10.28.171.150.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            73.144.22.2.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            73.144.22.2.in-addr.arpa
                            IN PTR
                            Response
                            73.144.22.2.in-addr.arpa
                            IN PTR
                            a2-22-144-73deploystaticakamaitechnologiescom
                          • flag-us
                            DNS
                            240.221.184.93.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            240.221.184.93.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            14.227.111.52.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            14.227.111.52.in-addr.arpa
                            IN PTR
                            Response
                          • flag-us
                            DNS
                            beacons.gcp.gvt2.com
                            chrome.exe
                            Remote address:
                            8.8.8.8:53
                            Request
                            beacons.gcp.gvt2.com
                            IN A
                            Response
                            beacons.gcp.gvt2.com
                            IN CNAME
                            beacons-handoff.gcp.gvt2.com
                            beacons-handoff.gcp.gvt2.com
                            IN A
                            142.250.69.3
                          • flag-us
                            POST
                            https://beacons.gcp.gvt2.com/domainreliability/upload
                            chrome.exe
                            Remote address:
                            142.250.69.3:443
                            Request
                            POST /domainreliability/upload HTTP/2.0
                            host: beacons.gcp.gvt2.com
                            content-length: 276
                            content-type: application/json; charset=utf-8
                            user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                            accept-encoding: gzip, deflate, br, zstd
                            accept-language: en-US,en;q=0.9
                          • flag-us
                            DNS
                            3.69.250.142.in-addr.arpa
                            Remote address:
                            8.8.8.8:53
                            Request
                            3.69.250.142.in-addr.arpa
                            IN PTR
                            Response
                            3.69.250.142.in-addr.arpa
                            IN PTR
                            qro02s18-in-f31e100net
                            3.69.250.142.in-addr.arpa
                            IN PTR
                            lcphxq-aa-in-f3�F
                          • 185.53.178.54:443
                            https://yleujsca.finane.it/favicon.ico
                            tls, http2
                            chrome.exe
                            2.9kB
                             12.1kB
                             24
                            27

                            HTTP Request

                            GET https://yleujsca.finane.it/

                            HTTP Response

                            200

                            HTTP Request

                            GET https://yleujsca.finane.it/track.php?domain=finane.it&toggle=browserjs&uid=MTcyNDA1MjAzOC4yNjY4OmFmYjExYmI2YTI3NGJlY2FkZGIyZDc5ZmIxZTAwMjQzMmI1MjVkNjJhYmMyYjk1YzI1NjIyMzdlZTEwMTMyMjA6NjZjMmYyNDY0MTIyZg%3D%3D

                            HTTP Response

                            200

                            HTTP Request

                            GET https://yleujsca.finane.it/ls.php?t=66c2f246&token=9a5fb8217e00afdbba2094293716ecdd2bf4ce60

                            HTTP Response

                            201

                            HTTP Request

                            GET https://yleujsca.finane.it/favicon.ico

                            HTTP Response

                            200
                          • 185.53.178.54:80
                            yleujsca.finane.it
                            chrome.exe
                            190 B
                             164 B
                             4
                            4
                          • 185.53.178.54:80
                            yleujsca.finane.it
                            chrome.exe
                            190 B
                             164 B
                             4
                            4
                          • 99.86.249.190:443
                            https://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
                            tls, http2
                            chrome.exe
                            2.2kB
                             18.9kB
                             22
                            23

                            HTTP Request

                            GET https://d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png

                            HTTP Response

                            200
                          • 172.217.20.196:443
                            https://www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true
                            tls, http2
                            chrome.exe
                            3.2kB
                             65.9kB
                             44
                            57

                            HTTP Request

                            GET https://www.google.com/adsense/domains/caf.js?abp=1&adsdeli=true
                          • 142.250.74.238:443
                            syndicatedsearch.goog
                            tls, http2
                            chrome.exe
                            1.1kB
                             5.7kB
                             11
                            10
                          • 142.250.74.238:443
                            https://syndicatedsearch.goog/afs/ads?adtest=off&psid=7840396037&pcsa=false&channel=000001%2Cbucket011&client=dp-teaminternet09_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fyleujsca.finane.it%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NmMyZjI0NjQxMjA0fHx8MTcyNDA1MjAzOC4yOTYyfDE1NDAwM2M5MjBlZWQ1ZmU2YWM4MDg5ZGMyNjZhZGZhYWU0YTlkZjZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5YTVmYjgyMTdlMDBhZmRiYmEyMDk0MjkzNzE2ZWNkZDJiZjRjZTYwfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8fA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2419884812933848&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266&format=r3%7Cs&nocache=2351724052037773&num=0&output=afd_ads&domain_name=yleujsca.finane.it&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1724052037774&u_w=1280&u_h=720&biw=1263&bih=593&psw=1263&psh=754&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=662499046&rurl=https%3A%2F%2Fyleujsca.finane.it%2F
                            tls, http2
                            chrome.exe
                            2.8kB
                             9.4kB
                             16
                            19

                            HTTP Request

                            GET https://syndicatedsearch.goog/afs/ads?adtest=off&psid=7840396037&pcsa=false&channel=000001%2Cbucket011&client=dp-teaminternet09_3ph&r=m&hl=en&ivt=0&rpbu=http%3A%2F%2Fyleujsca.finane.it%2F%3Fts%3DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NmMyZjI0NjQxMjA0fHx8MTcyNDA1MjAzOC4yOTYyfDE1NDAwM2M5MjBlZWQ1ZmU2YWM4MDg5ZGMyNjZhZGZhYWU0YTlkZjZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5YTVmYjgyMTdlMDBhZmRiYmEyMDk0MjkzNzE2ZWNkZDJiZjRjZTYwfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8fA%253D%253D&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2419884812933848&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301437%2C17301439%2C17301442%2C17301511%2C17301516%2C17301266&format=r3%7Cs&nocache=2351724052037773&num=0&output=afd_ads&domain_name=yleujsca.finane.it&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1724052037774&u_w=1280&u_h=720&biw=1263&bih=593&psw=1263&psh=754&frm=0&uio=--&cont=tc&drt=0&jsid=caf&jsv=662499046&rurl=https%3A%2F%2Fyleujsca.finane.it%2F
                          • 142.250.179.98:443
                            https://partner.googleadservices.com/gampad/cookie.js?domain=yleujsca.finane.it&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2
                            tls, http2
                            chrome.exe
                            2.0kB
                             7.1kB
                             15
                            18

                            HTTP Request

                            GET https://partner.googleadservices.com/gampad/cookie.js?domain=yleujsca.finane.it&client=dp-teaminternet09_3ph&product=SAS&callback=__sasCookie&cookie_types=v1%2Cv2
                          • 172.217.20.196:443
                            https://www.google.com/recaptcha/api.js
                            tls, http2
                            chrome.exe
                            4.6kB
                             15.1kB
                             24
                            29

                            HTTP Request

                            GET https://www.google.com/sorry/index?continue=https://syndicatedsearch.goog/afs/ads%3Fadtest%3Doff%26psid%3D7840396037%26pcsa%3Dfalse%26channel%3D000001%252Cbucket011%26client%3Ddp-teaminternet09_3ph%26r%3Dm%26hl%3Den%26ivt%3D0%26rpbu%3Dhttp%253A%252F%252Fyleujsca.finane.it%252F%253Fts%253DfENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NmMyZjI0NjQxMjA0fHx8MTcyNDA1MjAzOC4yOTYyfDE1NDAwM2M5MjBlZWQ1ZmU2YWM4MDg5ZGMyNjZhZGZhYWU0YTlkZjZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5YTVmYjgyMTdlMDBhZmRiYmEyMDk0MjkzNzE2ZWNkZDJiZjRjZTYwfDB8ZHAtdGVhbWludGVybmV0MDlfM3BofDB8MHx8fA%25253D%25253D%26max_radlink_len%3D40%26type%3D3%26uiopt%3Dtrue%26swp%3Das-drid-2419884812933848%26oe%3DUTF-8%26ie%3DUTF-8%26fexp%3D21404%252C17300003%252C17301437%252C17301439%252C17301442%252C17301511%252C17301516%252C17301266%26format%3Dr3%257Cs%26nocache%3D2351724052037773%26num%3D0%26output%3Dafd_ads%26domain_name%3Dyleujsca.finane.it%26v%3D3%26bsl%3D8%26pac%3D0%26u_his%3D1%26u_tz%3D0%26dt%3D1724052037774%26u_w%3D1280%26u_h%3D720%26biw%3D1263%26bih%3D593%26psw%3D1263%26psh%3D754%26frm%3D0%26uio%3D--%26cont%3Dtc%26drt%3D0%26jsid%3Dcaf%26jsv%3D662499046%26rurl%3Dhttps%253A%252F%252Fyleujsca.finane.it%252F&hl=en&q=EgTCbg1GGMfki7YGIjBVJvl01ANGa58AtkaV9qZyxcqegvSu60gCEDGg3XBUzE3bnDNVqip-39GmPpX5fYAyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

                            HTTP Request

                            GET https://www.google.com/recaptcha/api.js
                          • 204.79.197.237:443
                            https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=5f4fd633aaad42fabc648a8b9bca9b15&localId=w:E1FD06B2-9179-2377-8934-278C10EE140A&deviceId=6896205358121058&anid=
                            tls, http2
                            2.0kB
                             9.3kB
                             22
                            19

                            HTTP Request

                            GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=5f4fd633aaad42fabc648a8b9bca9b15&localId=w:E1FD06B2-9179-2377-8934-278C10EE140A&deviceId=6896205358121058&anid=

                            HTTP Response

                            204

                            HTTP Request

                            GET https://g.bing.com/neg/0?action=emptycreative&adUnitId=11730597&publisherId=251978541&rid=5f4fd633aaad42fabc648a8b9bca9b15&localId=w:E1FD06B2-9179-2377-8934-278C10EE140A&deviceId=6896205358121058&anid=

                            HTTP Response

                            204

                            HTTP Request

                            GET https://g.bing.com/neg/0?action=emptycreativeimpression&adUnitId=11730597&publisherId=251978541&rid=5f4fd633aaad42fabc648a8b9bca9b15&localId=w:E1FD06B2-9179-2377-8934-278C10EE140A&deviceId=6896205358121058&anid=

                            HTTP Response

                            204
                          • 142.250.178.138:443
                            https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQk8dqZYMe7mkRIFDVNaR8UhNPMsUJv-EH0=?alt=proto
                            tls, http2
                            chrome.exe
                            2.0kB
                             6.9kB
                             16
                            18

                            HTTP Request

                            GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQk8dqZYMe7mkRIFDVNaR8UhNPMsUJv-EH0=?alt=proto
                          • 142.250.178.138:443
                            https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQnqAG5Yk_Qo8xIFDVNaR8UhTVLcjkH4CyMSGQk8dqZYMe7mkRIFDVNaR8UhTVLcjkH4CyM=?alt=proto
                            tls, http2
                            chrome.exe
                            1.9kB
                             6.8kB
                             15
                            16

                            HTTP Request

                            GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQnqAG5Yk_Qo8xIFDVNaR8UhTVLcjkH4CyMSGQk8dqZYMe7mkRIFDVNaR8UhTVLcjkH4CyM=?alt=proto
                          • 150.171.28.10:443
                            tse1.mm.bing.net
                            tls, http2
                            1.2kB
                             6.9kB
                             15
                            13
                          • 150.171.28.10:443
                            tse1.mm.bing.net
                            tls, http2
                            1.2kB
                             6.9kB
                             15
                            13
                          • 150.171.28.10:443
                            tse1.mm.bing.net
                            tls, http2
                            1.2kB
                             6.9kB
                             15
                            13
                          • 150.171.28.10:443
                            tse1.mm.bing.net
                            tls, http2
                            1.2kB
                             6.9kB
                             15
                            13
                          • 150.171.28.10:443
                            https://tse1.mm.bing.net/th?id=OADD2.10239340418546_1PNT9LCA42P8D0DO5&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90
                            tls, http2
                            121.4kB
                             3.5MB
                             2514
                            2506

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239340418545_11VT5XTZM3TEDIRSP&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239317300932_1F3XVYLI2C551DUEM&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239317301365_1T2JA9OXDN9GY4HXW&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239339388113_1UUFKEO9Y9AYGD8YG&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239339388114_1II63A1BYQ3WIA6DV&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90

                            HTTP Response

                            200

                            HTTP Response

                            200

                            HTTP Response

                            200

                            HTTP Response

                            200

                            HTTP Response

                            200

                            HTTP Request

                            GET https://tse1.mm.bing.net/th?id=OADD2.10239340418546_1PNT9LCA42P8D0DO5&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90

                            HTTP Response

                            200
                          • 52.111.227.13:443
                            322 B
                             7
                          • 142.250.69.3:443
                            https://beacons.gcp.gvt2.com/domainreliability/upload
                            tls, http2
                            chrome.exe
                            2.0kB
                             6.9kB
                             14
                            15

                            HTTP Request

                            POST https://beacons.gcp.gvt2.com/domainreliability/upload
                          • 8.8.8.8:53
                            209.205.72.20.in-addr.arpa
                            dns
                            72 B
                             158 B
                             1
                            1

                            DNS Request

                            209.205.72.20.in-addr.arpa

                          • 8.8.8.8:53
                            yleujsca.finane.it
                            dns
                            chrome.exe
                            64 B
                             80 B
                             1
                            1

                            DNS Request

                            yleujsca.finane.it

                            DNS Response

                            185.53.178.54

                          • 8.8.8.8:53
                            d38psrni17bvxu.cloudfront.net
                            dns
                            chrome.exe
                            75 B
                             139 B
                             1
                            1

                            DNS Request

                            d38psrni17bvxu.cloudfront.net

                            DNS Response

                            99.86.249.190
                            99.86.249.97
                            99.86.249.105
                            99.86.249.202

                          • 8.8.8.8:53
                            www.google.com
                            dns
                            chrome.exe
                            60 B
                             76 B
                             1
                            1

                            DNS Request

                            www.google.com

                            DNS Response

                            172.217.20.196

                          • 8.8.8.8:53
                            syndicatedsearch.goog
                            dns
                            chrome.exe
                            67 B
                             83 B
                             1
                            1

                            DNS Request

                            syndicatedsearch.goog

                            DNS Response

                            142.250.74.238

                          • 8.8.8.8:53
                            21.58.20.217.in-addr.arpa
                            dns
                            71 B
                             131 B
                             1
                            1

                            DNS Request

                            21.58.20.217.in-addr.arpa

                          • 8.8.8.8:53
                            54.178.53.185.in-addr.arpa
                            dns
                            72 B
                             150 B
                             1
                            1

                            DNS Request

                            54.178.53.185.in-addr.arpa

                          • 8.8.8.8:53
                            106.179.250.142.in-addr.arpa
                            dns
                            74 B
                             113 B
                             1
                            1

                            DNS Request

                            106.179.250.142.in-addr.arpa

                          • 8.8.8.8:53
                            190.249.86.99.in-addr.arpa
                            dns
                            72 B
                             128 B
                             1
                            1

                            DNS Request

                            190.249.86.99.in-addr.arpa

                          • 8.8.8.8:53
                            196.20.217.172.in-addr.arpa
                            dns
                            73 B
                             171 B
                             1
                            1

                            DNS Request

                            196.20.217.172.in-addr.arpa

                          • 8.8.8.8:53
                            partner.googleadservices.com
                            dns
                            chrome.exe
                            74 B
                             90 B
                             1
                            1

                            DNS Request

                            partner.googleadservices.com

                            DNS Response

                            142.250.179.98

                          • 8.8.8.8:53
                            g.bing.com
                            dns
                            56 B
                             151 B
                             1
                            1

                            DNS Request

                            g.bing.com

                            DNS Response

                            204.79.197.237
                            13.107.21.237

                          • 172.217.20.196:443
                            www.google.com
                            https
                            chrome.exe
                            7.3kB
                             51.0kB
                             37
                            56
                          • 8.8.8.8:53
                            238.74.250.142.in-addr.arpa
                            dns
                            73 B
                             112 B
                             1
                            1

                            DNS Request

                            238.74.250.142.in-addr.arpa

                          • 8.8.8.8:53
                            98.179.250.142.in-addr.arpa
                            dns
                            73 B
                             111 B
                             1
                            1

                            DNS Request

                            98.179.250.142.in-addr.arpa

                          • 8.8.8.8:53
                            73.31.126.40.in-addr.arpa
                            dns
                            71 B
                             157 B
                             1
                            1

                            DNS Request

                            73.31.126.40.in-addr.arpa

                          • 8.8.8.8:53
                            237.197.79.204.in-addr.arpa
                            dns
                            73 B
                             143 B
                             1
                            1

                            DNS Request

                            237.197.79.204.in-addr.arpa

                          • 8.8.8.8:53
                            content-autofill.googleapis.com
                            dns
                            chrome.exe
                            77 B
                             253 B
                             1
                            1

                            DNS Request

                            content-autofill.googleapis.com

                            DNS Response

                            142.250.178.138
                            216.58.215.42
                            142.250.75.234
                            142.250.201.170
                            172.217.20.170
                            142.250.179.74
                            172.217.18.202
                            216.58.214.170
                            142.250.179.106
                            172.217.20.202
                            216.58.213.74

                          • 8.8.8.8:53
                            67.214.58.216.in-addr.arpa
                            dns
                            72 B
                             169 B
                             1
                            1

                            DNS Request

                            67.214.58.216.in-addr.arpa

                          • 8.8.8.8:53
                            88.156.103.20.in-addr.arpa
                            dns
                            72 B
                             158 B
                             1
                            1

                            DNS Request

                            88.156.103.20.in-addr.arpa

                          • 8.8.8.8:53
                            138.178.250.142.in-addr.arpa
                            dns
                            74 B
                             113 B
                             1
                            1

                            DNS Request

                            138.178.250.142.in-addr.arpa

                          • 8.8.8.8:53
                            67.179.250.142.in-addr.arpa
                            dns
                            73 B
                             111 B
                             1
                            1

                            DNS Request

                            67.179.250.142.in-addr.arpa

                          • 224.0.0.251:5353
                            chrome.exe
                            204 B
                             3
                          • 8.8.8.8:53
                            103.169.127.40.in-addr.arpa
                            dns
                            73 B
                             147 B
                             1
                            1

                            DNS Request

                            103.169.127.40.in-addr.arpa

                          • 8.8.8.8:53
                            15.164.165.52.in-addr.arpa
                            dns
                            72 B
                             146 B
                             1
                            1

                            DNS Request

                            15.164.165.52.in-addr.arpa

                          • 8.8.8.8:53
                            172.210.232.199.in-addr.arpa
                            dns
                            74 B
                             128 B
                             1
                            1

                            DNS Request

                            172.210.232.199.in-addr.arpa

                          • 8.8.8.8:53
                            tse1.mm.bing.net
                            dns
                            62 B
                             170 B
                             1
                            1

                            DNS Request

                            tse1.mm.bing.net

                            DNS Response

                            150.171.28.10
                            150.171.27.10

                          • 8.8.8.8:53
                            10.28.171.150.in-addr.arpa
                            dns
                            72 B
                             158 B
                             1
                            1

                            DNS Request

                            10.28.171.150.in-addr.arpa

                          • 8.8.8.8:53
                            73.144.22.2.in-addr.arpa
                            dns
                            70 B
                             133 B
                             1
                            1

                            DNS Request

                            73.144.22.2.in-addr.arpa

                          • 8.8.8.8:53
                            240.221.184.93.in-addr.arpa
                            dns
                            73 B
                             144 B
                             1
                            1

                            DNS Request

                            240.221.184.93.in-addr.arpa

                          • 8.8.8.8:53
                            14.227.111.52.in-addr.arpa
                            dns
                            72 B
                             158 B
                             1
                            1

                            DNS Request

                            14.227.111.52.in-addr.arpa

                          • 8.8.8.8:53
                            beacons.gcp.gvt2.com
                            dns
                            chrome.exe
                            66 B
                             112 B
                             1
                            1

                            DNS Request

                            beacons.gcp.gvt2.com

                            DNS Response

                            142.250.69.3

                          • 8.8.8.8:53
                            3.69.250.142.in-addr.arpa
                            dns
                            71 B
                             139 B
                             1
                            1

                            DNS Request

                            3.69.250.142.in-addr.arpa

                          MITRE ATT&CK Enterprise v15

                          Replay Monitor

                          Loading Replay Monitor...

                          Downloads

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\8e07cc3f-5e4e-47a8-b4cd-04983053fa34.tmp
                            Filesize

                            99KB

                            MD5

                            b94f95f03d50fd4632a87f8a2fd32c02

                            SHA1

                            4a1230fa3535b8e326d754f00471754628a0c384

                            SHA256

                            94dff7a3690ea3d6d445f26b4ec77ee2a4cc418792540b63545dc83da634fe45

                            SHA512

                            505aaf460421d31bddaed7ef0a1e631dd81b417d90030705abd73eb7f51d874f640d2a4257983336c33b955ed8e86cd06e096b1bdd731d60e6d6402003cddf93

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
                            Filesize

                            649B

                            MD5

                            736f181d50c1bdaea2b9261b45bbb8ed

                            SHA1

                            56d28aef44c136aa74183b9c02ed2d363627ba7c

                            SHA256

                            e83c04ab2528de265dd70a8f9527e2309b823472f7493f7d30d93051c39000dd

                            SHA512

                            6efcb5dcb9cb795e62145ec1d6cb4dadc2e1362d0584fcdc1dd7329a0e30a0928b6ec9d3f6e340f02408651689f3897fe43cd707aa43fcf2153fcc24ddd8fe44

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002
                            Filesize

                            209KB

                            MD5

                            3e552d017d45f8fd93b94cfc86f842f2

                            SHA1

                            dbeebe83854328e2575ff67259e3fb6704b17a47

                            SHA256

                            27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6

                            SHA512

                            e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
                            Filesize

                            216B

                            MD5

                            4fb06be07d8b27a1485a125bd02b5b01

                            SHA1

                            f2def4c6ce825e3d6c9790e12168b5daf52d1f55

                            SHA256

                            77d941e30efc684fb558e5e8c6c150952ad693f7baa2ffc34ec581d6bf19f52a

                            SHA512

                            9436c38ea59a8cc9ebd82ff78973c716754e91435f984948e7f7aa2ead741eb3fba2175d59a80ceeda395c4dc8d1898c594434ae57eba7ab5e94c538e444a31a

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                            Filesize

                            3KB

                            MD5

                            2a575bfbe3ec59c47839c421d9e8b793

                            SHA1

                            0d521528df8a4d4c842b38c125f8b208889efbf2

                            SHA256

                            647e1468e6798716e6ab2febd38c1bc36436bd68e1d471ff6d5dccf432ad01fc

                            SHA512

                            decec040e00f39b8f84767e4beaa6bc04548e1ef611e8b126c3b50768e5d605d42d4e920dda0fb094bc1276b6015d597a08c31659e276dc986909f6d3f525858

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
                            Filesize

                            2B

                            MD5

                            d751713988987e9331980363e24189ce

                            SHA1

                            97d170e1550eee4afc0af065b78cda302a97674c

                            SHA256

                            4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                            SHA512

                            b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            9KB

                            MD5

                            85f167b675ab727b984dbd8d5f217f55

                            SHA1

                            82008f11c3c98be6538a4c210ade91bf31b0162a

                            SHA256

                            f0bec39cfe9e13fb5b6873ff6cb80d62e94d9543908d6043b8ecc4123b0103cf

                            SHA512

                            6fbd04c95aa016ffa51139a05b231d6f8c3c762a4ecb3c79e0225413f370b064e842e934ead573c5c7e3e86cff2978145042ea295efd9c564053d61ff107fa66

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            9KB

                            MD5

                            5fc0e2ffbc64928e4c8ea15d0fbe50a9

                            SHA1

                            14b52026d565922b63bf300cbbe8e909ad81d41e

                            SHA256

                            fd6f51df5477a1fb657076e9d86013cd5991880e8593aeb74d310df6ecd0e329

                            SHA512

                            5b51c8e233870c635a2608a6f64c316836e3aa098a8f20d9d4e2ba112c17e4b77d25b4a09d042e0a01a0a1b3deb1abb19d52cfb1d427d12d8da1368004a5d70f

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            9KB

                            MD5

                            8815b6519ae10894ebe04e096bc7cbe0

                            SHA1

                            c82cbb80040c7ac6c52349a7c634d77e06ab4146

                            SHA256

                            fdc309d626a1dff6ab59d0e6f420a4e562d3811be983dd3dc6ba5e5f619aaa31

                            SHA512

                            aaa61ddcf78108a1af632b6d21cb2b578dd2ee383791b723bd864a990328818731a402f9b4008fa444150e26785a7f5a2ba5649843536d9572c870344256c939

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            9KB

                            MD5

                            471f955620277789e2ba77bfac85e64f

                            SHA1

                            a131bc78bcf0a8c5da7e9c1fc32acc5c52bd5c9c

                            SHA256

                            fa394cdf4e7808c458625df04cd3b7b23b052f77b527dfa4ff1f4c14f2538872

                            SHA512

                            2a7ce02dcba05fb6bd22a00d20ee124f52ff8f17d9e282bec28136919ef647aa9198a78eb2661621700ae6ab9307b7e083d0e8fa99b3c0fc79a3fceda4182a1e

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            9KB

                            MD5

                            38296f97c4525cf9fb301d7462ccde5f

                            SHA1

                            1252a7b784aab0bb7f543333ec495198356d27e4

                            SHA256

                            72762016855586f740d716bf38263e6bfd0a8b2fdbf8a9df33604d9a10aae595

                            SHA512

                            69e297b617c36b828f3532c400c8f62c9d67e16b47a8449b251544a591aa90f74bc9b21484268cea12775b6d4cda81a69e1926c9f5e64fa8654b06deb6482733

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            9KB

                            MD5

                            c2196636ee34736aed348d3754863580

                            SHA1

                            f3f58c5ed76d2287dbe923621a8e21fa15d28383

                            SHA256

                            d4cb1f7c891e15795b503d067fd3d6f6a75edffbbe5e19480b6e707f7b28b17e

                            SHA512

                            43995838ac2d32b31cf5b6da8c16e071198278ede03fb860b32eb6d6f9c62bfe630bba2f6e241fe968d48f65afb986ec52a154c2b8d2f0cf8dcf752e7770e85d

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            9KB

                            MD5

                            0977c88dfc1d779836798a2589052360

                            SHA1

                            e4a64f57ee9ec3b4b262b39e6aa15b6a1ab99827

                            SHA256

                            a18bd40b40c6d8abe593da5c576e46e3247cddcbeb70fa8a34856e4820e7beea

                            SHA512

                            5fdb959632634ef12e7c3cc1b3c9479fed15b0efd9e5325e5124ac5c9549f6bbf9be7dbffb9acb60dbfb0aa044acf4c57dfdb08061b8a9ec947eaf8c9e1460d9

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            9KB

                            MD5

                            dd5cd98578f8caaa1d43c185f4b05655

                            SHA1

                            b2f5bfb04d0d65bb76fd54f738dff5fe563ca8b6

                            SHA256

                            8fbdbf1916de02b83e38d2f2bc54871265b2db16768732b60fbb887018b5b617

                            SHA512

                            556b18dc08f3b6a1abee899a7177660ef0203576e4eb3f6f2ee481748413cf612f585d7ea045b1af31fa2dcb2ff7fd4aa65ec4e594a98955b2c28eea9e134799

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            9KB

                            MD5

                            c7458ea0a436c89adb4150ae020500e9

                            SHA1

                            1863a1e6b2c9576d81a1507c88d03f63468dfbbe

                            SHA256

                            70f2f20fb635fca912721fe9c80749802ad1a12b29d9e9d289e86b7cc6675a81

                            SHA512

                            05281b95e9e217728ae96cad3749543ab7f37c56422bed7f810673ec70fb31436a1191f220a9c160d5b1ecbf48c27d4a6a4585ca3bd4cc732e4c24be12398be2

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                            Filesize

                            9KB

                            MD5

                            73abfd5fa2f6b705d2951d1d17a6859e

                            SHA1

                            87ec806ce06d7fc1e9b903d83d83a5a570c94939

                            SHA256

                            a4808499fcb0e8c3a6c88e34f7515b81b7c3da08e413a0b4410758a72402fb4b

                            SHA512

                            1113b5379b54b82ffc7abedc251415408f89afbaa2e48d54c4f49c7c95d7210d7a3b17f7685a876a4d9f49bb580af5cd0004646238dc0464c63243dac77a7d87

                            Download Submit

                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                            Filesize

                            99KB

                            MD5

                            961dedf6745fb5d11e563176e9cfa709

                            SHA1

                            28c988f05af3e20b367a5b2e642c00a297052ea0

                            SHA256

                            8df850d92f988433d67a00a7635b1d4296d83078a90b2a1b147ecb9955b87426

                            SHA512

                            17260b4e46f485094b890d264b5368251b204b96b1e09a47dbcd18c0ecb7c359deca7a74600102ed641ef1404f129cae42ea2360c89a9351aa225837205b3b99

                            Download Submit

                          We care about your privacy.

                          This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.