hxxps://drive[.]google[.]com/drive/u/1/folders/1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf

Analysis

max time kernel
212s
max time network
214s
platform
windows10-ltsc 2021_x64
resource
win10ltsc2021-20241023-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20241023-enlocale:en-usos:windows10-ltsc 2021-x64system
submitted
02/11/2024, 14:26 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://drive.google.com/drive/u/1/folders/1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf

Score

8^/10

discovery

Malware Config

Signatures

Downloads MZ/PE file

Executes dropped EXE 1 IoCs

pid	Process
3312	winrar-x64-701.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 2 IoCs

Web Service

T1102

flow	ioc
3	drive.google.com
7	drive.google.com

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SystemTemp	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133750312188860956"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3600	chrome.exe
3600	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe
1276	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 9 IoCs

pid	Process
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe
Token: SeShutdownPrivilege	3600	chrome.exe
Token: SeCreatePagefilePrivilege	3600	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe

Suspicious use of SendNotifyMessage 32 IoCs

pid	Process
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe
3600	chrome.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
3312	winrar-x64-701.exe
3312	winrar-x64-701.exe
3312	winrar-x64-701.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3600 wrote to memory of 2448	3600	chrome.exe	83
PID 3600 wrote to memory of 2448	3600	chrome.exe	83
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 4336	3600	chrome.exe	84
PID 3600 wrote to memory of 3080	3600	chrome.exe	85
PID 3600 wrote to memory of 3080	3600	chrome.exe	85
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86
PID 3600 wrote to memory of 1124	3600	chrome.exe	86

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012
Uses Volume Shadow Copy WMI provider
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware
Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://drive.google.com/drive/u/1/folders/1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf
1⤵
- Drops file in Windows directory
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:3600
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x21c,0x220,0x224,0x1f8,0x228,0x7ff8ffc0cc40,0x7ff8ffc0cc4c,0x7ff8ffc0cc58
  2⤵
  PID:2448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1900,i,8172277449361942750,993060728549537904,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=1892 /prefetch:2
  2⤵
  PID:4336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2160,i,8172277449361942750,993060728549537904,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2004 /prefetch:3
  2⤵
  PID:3080
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=1764,i,8172277449361942750,993060728549537904,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=2416 /prefetch:8
  2⤵
  PID:1124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3136,i,8172277449361942750,993060728549537904,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3176 /prefetch:1
  2⤵
  PID:3724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3140,i,8172277449361942750,993060728549537904,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=3216 /prefetch:1
  2⤵
  PID:3664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4620,i,8172277449361942750,993060728549537904,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4636 /prefetch:8
  2⤵
  PID:3844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=836,i,8172277449361942750,993060728549537904,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5196 /prefetch:1
  2⤵
  PID:4236
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4632,i,8172277449361942750,993060728549537904,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4924 /prefetch:1
  2⤵
  PID:1676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4720,i,8172277449361942750,993060728549537904,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5132 /prefetch:8
  2⤵
  PID:4424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5300,i,8172277449361942750,993060728549537904,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4836 /prefetch:8
  2⤵
  PID:3804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5388,i,8172277449361942750,993060728549537904,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=4596 /prefetch:1
  2⤵
  PID:4264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5236,i,8172277449361942750,993060728549537904,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5208 /prefetch:1
  2⤵
  PID:3128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5228,i,8172277449361942750,993060728549537904,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5268 /prefetch:1
  2⤵
  PID:4920
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5288,i,8172277449361942750,993060728549537904,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5096 /prefetch:1
  2⤵
  PID:5036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5500,i,8172277449361942750,993060728549537904,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5488 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5452,i,8172277449361942750,993060728549537904,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5516 /prefetch:1
  2⤵
  PID:3332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5716,i,8172277449361942750,993060728549537904,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5696 /prefetch:8
  2⤵
  PID:4784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5688,i,8172277449361942750,993060728549537904,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5872 /prefetch:8
  2⤵
  PID:3744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3252,i,8172277449361942750,993060728549537904,262144 --variations-seed-version=20241022-180310.361000 --mojo-platform-channel-handle=5212 /prefetch:8
  2⤵
  PID:3104
- C:\Users\Admin\Downloads\winrar-x64-701.exe
  "C:\Users\Admin\Downloads\winrar-x64-701.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of SetWindowsHookEx
  PID:3312

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3360

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:5056

Network

DNS

drive.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

drive.google.com

IN A

Response

drive.google.com

IN A

142.250.187.206
GET

https://drive.google.com/drive/u/1/folders/1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf

chrome.exe

Remote address:

142.250.187.206:443

Request

GET /drive/u/1/folders/1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf HTTP/2.0
host: drive.google.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-model: ""
sec-ch-ua-bitness: "64"
sec-ch-ua-wow64: ?0
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
x-client-data: CNr0ygE=
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: __Secure-ENID=23.SE=dS0K0VcYRaR55W_5abNGMuKk7nOsjJymA-OvwO1DxwLfoobjFsSnOZvkuDZA1E4GJsdUculEUyYFcCZdxI5xFC789RNgkFF93HGt-LR-LUvR6-sHftiHFB7DeXAmdo1XDSv7oiliktxHx8OIcf5Ij97t0dHnVmmWDH8rYzHFpJSjitxoy_-_cePncRzTiOkQS7Q
GET

https://drive.google.com/drive/folders/1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf

chrome.exe

Remote address:

142.250.187.206:443

Request

GET /drive/folders/1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf HTTP/2.0
host: drive.google.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-model: ""
sec-ch-ua-bitness: "64"
sec-ch-ua-wow64: ?0
sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
x-client-data: CNr0ygE=
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: __Secure-ENID=23.SE=dS0K0VcYRaR55W_5abNGMuKk7nOsjJymA-OvwO1DxwLfoobjFsSnOZvkuDZA1E4GJsdUculEUyYFcCZdxI5xFC789RNgkFF93HGt-LR-LUvR6-sHftiHFB7DeXAmdo1XDSv7oiliktxHx8OIcf5Ij97t0dHnVmmWDH8rYzHFpJSjitxoy_-_cePncRzTiOkQS7Q
cookie: NID=518=FeBWoB79Ufkixz2DPDaR5VUpdMzw_2p_M3loLfYFUxhUTWJQeLKeNB7QeiYWIurjXU0h3U8kAQ7faqaawPto3vWUrlATCDIXV7r1plITHD0p8lVFADcpuEYyOTzNd1lEK8yO7iiKOdKrc4_39QK9T47BOfHPgIOV5fCM6Pltc9lPP44
DNS

172.214.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.214.232.199.in-addr.arpa

IN PTR

Response
DNS

74.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

74.169.217.172.in-addr.arpa

IN PTR

Response

74.169.217.172.in-addr.arpa

IN PTR

lhr48s09-in-f101e100net
DNS

104.219.191.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

104.219.191.52.in-addr.arpa

IN PTR

Response
DNS

apis.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

apis.google.com

IN A

Response

apis.google.com

IN CNAME

plus.l.google.com

plus.l.google.com

IN A

216.58.201.110
DNS

ssl.gstatic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ssl.gstatic.com

IN A

Response

ssl.gstatic.com

IN A

216.58.204.67
GET

https://apis.google.com/js/api.js

chrome.exe

Remote address:

216.58.201.110:443

Request

GET /js/api.js HTTP/2.0
host: apis.google.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CNr0ygE=
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: __Secure-ENID=23.SE=dS0K0VcYRaR55W_5abNGMuKk7nOsjJymA-OvwO1DxwLfoobjFsSnOZvkuDZA1E4GJsdUculEUyYFcCZdxI5xFC789RNgkFF93HGt-LR-LUvR6-sHftiHFB7DeXAmdo1XDSv7oiliktxHx8OIcf5Ij97t0dHnVmmWDH8rYzHFpJSjitxoy_-_cePncRzTiOkQS7Q
cookie: NID=518=FeBWoB79Ufkixz2DPDaR5VUpdMzw_2p_M3loLfYFUxhUTWJQeLKeNB7QeiYWIurjXU0h3U8kAQ7faqaawPto3vWUrlATCDIXV7r1plITHD0p8lVFADcpuEYyOTzNd1lEK8yO7iiKOdKrc4_39QK9T47BOfHPgIOV5fCM6Pltc9lPP44
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0?le=scs

chrome.exe

Remote address:

216.58.201.110:443

Request

GET /_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0?le=scs HTTP/2.0
host: apis.google.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CNr0ygE=
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: __Secure-ENID=23.SE=dS0K0VcYRaR55W_5abNGMuKk7nOsjJymA-OvwO1DxwLfoobjFsSnOZvkuDZA1E4GJsdUculEUyYFcCZdxI5xFC789RNgkFF93HGt-LR-LUvR6-sHftiHFB7DeXAmdo1XDSv7oiliktxHx8OIcf5Ij97t0dHnVmmWDH8rYzHFpJSjitxoy_-_cePncRzTiOkQS7Q
cookie: NID=518=FeBWoB79Ufkixz2DPDaR5VUpdMzw_2p_M3loLfYFUxhUTWJQeLKeNB7QeiYWIurjXU0h3U8kAQ7faqaawPto3vWUrlATCDIXV7r1plITHD0p8lVFADcpuEYyOTzNd1lEK8yO7iiKOdKrc4_39QK9T47BOfHPgIOV5fCM6Pltc9lPP44
GET

https://ssl.gstatic.com/images/branding/product/1x/drive_2020q4_48dp.png

chrome.exe

Remote address:

216.58.204.67:443

Request

GET /images/branding/product/1x/drive_2020q4_48dp.png HTTP/2.0
host: ssl.gstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
x-client-data: CNr0ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://ssl.gstatic.com/docs/doclist/images/empty_state_empty_folder.svg

chrome.exe

Remote address:

216.58.204.67:443

Request

GET /docs/doclist/images/empty_state_empty_folder.svg HTTP/2.0
host: ssl.gstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
x-client-data: CNr0ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://ssl.gstatic.com/docs/common/cleardot.gif?zx=o08vbva75ldy

chrome.exe

Remote address:

216.58.204.67:443

Request

GET /docs/common/cleardot.gif?zx=o08vbva75ldy HTTP/2.0
host: ssl.gstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
x-client-data: CNr0ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://ssl.gstatic.com/docs/common/cleardot.gif?zx=clmt231rwvcp

chrome.exe

Remote address:

216.58.204.67:443

Request

GET /docs/common/cleardot.gif?zx=clmt231rwvcp HTTP/2.0
host: ssl.gstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
x-client-data: CNr0ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

drivefrontend-pa.clients6.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

drivefrontend-pa.clients6.google.com

IN A

Response

drivefrontend-pa.clients6.google.com

IN A

142.250.187.202
DNS

content-autofill.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

content-autofill.googleapis.com

IN A

Response

content-autofill.googleapis.com

IN A

142.250.200.42

content-autofill.googleapis.com

IN A

216.58.213.10

content-autofill.googleapis.com

IN A

172.217.169.74

content-autofill.googleapis.com

IN A

142.250.180.10

content-autofill.googleapis.com

IN A

172.217.16.234

content-autofill.googleapis.com

IN A

142.250.179.234

content-autofill.googleapis.com

IN A

142.250.178.10

content-autofill.googleapis.com

IN A

216.58.212.202

content-autofill.googleapis.com

IN A

142.250.187.202

content-autofill.googleapis.com

IN A

216.58.204.74

content-autofill.googleapis.com

IN A

216.58.201.106

content-autofill.googleapis.com

IN A

172.217.169.42

content-autofill.googleapis.com

IN A

142.250.200.10

content-autofill.googleapis.com

IN A

142.250.187.234
OPTIONS

https://drivefrontend-pa.clients6.google.com/v1/items:get?ids=1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE

chrome.exe

Remote address:

142.250.187.202:443

Request

OPTIONS /v1/items:get?ids=1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE HTTP/2.0
host: drivefrontend-pa.clients6.google.com
accept: */*
access-control-request-method: GET
access-control-request-headers: content-type,x-goog-drive-client-version,x-goog-ext-472780938-jspb,x-goog-fieldmask
origin: https://drive.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: same-site
sec-fetch-dest: empty
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
OPTIONS

https://drivefrontend-pa.clients6.google.com/v1/items:get?ids=1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE

chrome.exe

Remote address:

142.250.187.202:443

Request

OPTIONS /v1/items:get?ids=1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE HTTP/2.0
host: drivefrontend-pa.clients6.google.com
accept: */*
access-control-request-method: GET
access-control-request-headers: content-type,x-goog-drive-client-version,x-goog-ext-472780938-jspb,x-goog-fieldmask
origin: https://drive.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: same-site
sec-fetch-dest: empty
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
OPTIONS

https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData

chrome.exe

Remote address:

142.250.187.202:443

Request

OPTIONS /$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData HTTP/2.0
host: ogads-pa.googleapis.com
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type,x-goog-api-key,x-user-agent
origin: https://drive.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
OPTIONS

https://drivefrontend-pa.clients6.google.com/v1/items:get?ids=1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE

chrome.exe

Remote address:

142.250.187.202:443

Request

OPTIONS /v1/items:get?ids=1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE HTTP/2.0
host: drivefrontend-pa.clients6.google.com
accept: */*
access-control-request-method: GET
access-control-request-headers: content-type,x-goog-drive-client-version,x-goog-ext-472780938-jspb,x-goog-fieldmask
origin: https://drive.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: same-site
sec-fetch-dest: empty
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
OPTIONS

https://drivefrontend-pa.clients6.google.com/v1/items:get?ids=1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE

chrome.exe

Remote address:

142.250.187.202:443

Request

OPTIONS /v1/items:get?ids=1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE HTTP/2.0
host: drivefrontend-pa.clients6.google.com
accept: */*
access-control-request-method: GET
access-control-request-headers: content-type,x-goog-drive-client-version,x-goog-ext-472780938-jspb,x-goog-fieldmask
origin: https://drive.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: same-site
sec-fetch-dest: empty
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
POST

https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData

chrome.exe

Remote address:

142.250.187.202:443

Request

POST /$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData HTTP/2.0
host: ogads-pa.googleapis.com
content-length: 70
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-user-agent: grpc-web-javascript/0.1
x-goog-api-key: AIzaSyCbsbvGCe7C9mCtdaTycZB2eUFuzsYKG_E
content-type: application/json+protobuf
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://drive.google.com
x-client-data: CNr0ygE=
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
OPTIONS

https://drivefrontend-pa.clients6.google.com/v1/items:list?key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE

chrome.exe

Remote address:

142.250.187.202:443

Request

OPTIONS /v1/items:list?key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE HTTP/2.0
host: drivefrontend-pa.clients6.google.com
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type,x-goog-drive-client-version,x-goog-ext-472780938-jspb,x-goog-fieldmask
origin: https://drive.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: same-site
sec-fetch-dest: empty
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

68.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

68.32.126.40.in-addr.arpa

IN PTR

Response
DNS

10.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.178.250.142.in-addr.arpa

IN PTR

Response

10.178.250.142.in-addr.arpa

IN PTR

lhr48s27-in-f101e100net
DNS

110.201.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

110.201.58.216.in-addr.arpa

IN PTR

Response

110.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f141e100net

110.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f110�I

110.201.58.216.in-addr.arpa

IN PTR

lhr48s48-in-f14�I
DNS

67.204.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

67.204.58.216.in-addr.arpa

IN PTR

Response

67.204.58.216.in-addr.arpa

IN PTR

lhr48s49-in-f31e100net

67.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f67�G

67.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f3�G
DNS

95.221.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

95.221.229.192.in-addr.arpa

IN PTR

Response
DNS

35.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

35.200.250.142.in-addr.arpa

IN PTR

Response

35.200.250.142.in-addr.arpa

IN PTR

lhr48s30-in-f31e100net
DNS

227.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

227.187.250.142.in-addr.arpa

IN PTR

Response

227.187.250.142.in-addr.arpa

IN PTR

lhr25s34-in-f31e100net
GET

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQkknWfFho4pVhIFDct1Jj0hRj-GrNHOsN4=?alt=proto

chrome.exe

Remote address:

142.250.200.42:443

Request

GET /v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQkknWfFho4pVhIFDct1Jj0hRj-GrNHOsN4=?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CNr0ygE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

ogads-pa.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ogads-pa.googleapis.com

IN A

Response

ogads-pa.googleapis.com

IN A

142.250.178.10

ogads-pa.googleapis.com

IN A

142.250.179.234

ogads-pa.googleapis.com

IN A

142.250.180.10

ogads-pa.googleapis.com

IN A

172.217.169.42

ogads-pa.googleapis.com

IN A

172.217.169.10

ogads-pa.googleapis.com

IN A

142.250.187.202

ogads-pa.googleapis.com

IN A

216.58.213.10

ogads-pa.googleapis.com

IN A

216.58.212.202

ogads-pa.googleapis.com

IN A

142.250.187.234

ogads-pa.googleapis.com

IN A

142.250.200.10

ogads-pa.googleapis.com

IN A

216.58.201.106

ogads-pa.googleapis.com

IN A

172.217.169.74

ogads-pa.googleapis.com

IN A

216.58.204.74

ogads-pa.googleapis.com

IN A

172.217.16.234

ogads-pa.googleapis.com

IN A

142.250.200.42
DNS

people-pa.clients6.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

people-pa.clients6.google.com

IN A

Response

people-pa.clients6.google.com

IN A

172.217.169.10
POST

https://people-pa.clients6.google.com/batch?%24ct=multipart%2Fmixed%3B%20boundary%3D%22%3D%3D%3D%3D%3D2kzyscmsrho1%3D%3D%3D%3D%3D%22&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE

chrome.exe

Remote address:

172.217.169.10:443

Request

POST /batch?%24ct=multipart%2Fmixed%3B%20boundary%3D%22%3D%3D%3D%3D%3D2kzyscmsrho1%3D%3D%3D%3D%3D%22&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE HTTP/2.0
host: people-pa.clients6.google.com
content-length: 604
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain; charset=UTF-8
accept: */*
origin: https://drive.google.com
x-client-data: CNr0ygE=
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: __Secure-ENID=23.SE=dS0K0VcYRaR55W_5abNGMuKk7nOsjJymA-OvwO1DxwLfoobjFsSnOZvkuDZA1E4GJsdUculEUyYFcCZdxI5xFC789RNgkFF93HGt-LR-LUvR6-sHftiHFB7DeXAmdo1XDSv7oiliktxHx8OIcf5Ij97t0dHnVmmWDH8rYzHFpJSjitxoy_-_cePncRzTiOkQS7Q
cookie: NID=518=FeBWoB79Ufkixz2DPDaR5VUpdMzw_2p_M3loLfYFUxhUTWJQeLKeNB7QeiYWIurjXU0h3U8kAQ7faqaawPto3vWUrlATCDIXV7r1plITHD0p8lVFADcpuEYyOTzNd1lEK8yO7iiKOdKrc4_39QK9T47BOfHPgIOV5fCM6Pltc9lPP44
DNS

www.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.180.4
DNS

202.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

202.187.250.142.in-addr.arpa

IN PTR

Response

202.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f101e100net
DNS

42.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

42.200.250.142.in-addr.arpa

IN PTR

Response

42.200.250.142.in-addr.arpa

IN PTR

lhr48s30-in-f101e100net
DNS

10.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.169.217.172.in-addr.arpa

IN PTR

Response

10.169.217.172.in-addr.arpa

IN PTR

lhr25s26-in-f101e100net
DNS

4.180.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

4.180.250.142.in-addr.arpa

IN PTR

Response

4.180.250.142.in-addr.arpa

IN PTR

lhr25s32-in-f41e100net
DNS

play.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

play.google.com

IN A

Response

play.google.com

IN A

172.217.16.238
POST

https://play.google.com/log?format=json&hasfast=true

chrome.exe

Remote address:

172.217.16.238:443

Request

POST /log?format=json&hasfast=true HTTP/2.0
host: play.google.com
content-length: 1441
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded;charset=UTF-8
accept: */*
origin: https://drive.google.com
x-client-data: CNr0ygE=
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: __Secure-ENID=23.SE=dS0K0VcYRaR55W_5abNGMuKk7nOsjJymA-OvwO1DxwLfoobjFsSnOZvkuDZA1E4GJsdUculEUyYFcCZdxI5xFC789RNgkFF93HGt-LR-LUvR6-sHftiHFB7DeXAmdo1XDSv7oiliktxHx8OIcf5Ij97t0dHnVmmWDH8rYzHFpJSjitxoy_-_cePncRzTiOkQS7Q
cookie: NID=518=FeBWoB79Ufkixz2DPDaR5VUpdMzw_2p_M3loLfYFUxhUTWJQeLKeNB7QeiYWIurjXU0h3U8kAQ7faqaawPto3vWUrlATCDIXV7r1plITHD0p8lVFADcpuEYyOTzNd1lEK8yO7iiKOdKrc4_39QK9T47BOfHPgIOV5fCM6Pltc9lPP44
POST

https://play.google.com/log?format=json&hasfast=true&authuser=0

chrome.exe

Remote address:

172.217.16.238:443

Request

POST /log?format=json&hasfast=true&authuser=0 HTTP/2.0
host: play.google.com
content-length: 5131
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
content-type: text/plain;charset=UTF-8
x-goog-authuser: 0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://drive.google.com
x-client-data: CNr0ygE=
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: NID=518=FeBWoB79Ufkixz2DPDaR5VUpdMzw_2p_M3loLfYFUxhUTWJQeLKeNB7QeiYWIurjXU0h3U8kAQ7faqaawPto3vWUrlATCDIXV7r1plITHD0p8lVFADcpuEYyOTzNd1lEK8yO7iiKOdKrc4_39QK9T47BOfHPgIOV5fCM6Pltc9lPP44
cookie: __Secure-ENID=23.SE=jJvtIaHJOoRmoh93e9_IIkXiawZcAEBi9XB2_DgkrFgjBGG6Hl85KMXWpZFZc4eaVsvB7AEoSuJwFdxDCWKNQoIjqHyqz7Ncs7_EhJZ_MvlKfpOwhz-IJs2d2oSpordsOveIuEslR4BKgEZdHEhifhVoJqq9zU7s0c7Jzxzm9kexBaEGp3gjjdd6IfNj1brY1lQ9co_o
POST

https://play.google.com/log?format=json&hasfast=true&authuser=0

chrome.exe

Remote address:

172.217.16.238:443

Request

POST /log?format=json&hasfast=true&authuser=0 HTTP/2.0
host: play.google.com
content-length: 4305
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
content-type: text/plain;charset=UTF-8
x-goog-authuser: 0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://drive.google.com
x-client-data: CNr0ygE=
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: NID=518=FeBWoB79Ufkixz2DPDaR5VUpdMzw_2p_M3loLfYFUxhUTWJQeLKeNB7QeiYWIurjXU0h3U8kAQ7faqaawPto3vWUrlATCDIXV7r1plITHD0p8lVFADcpuEYyOTzNd1lEK8yO7iiKOdKrc4_39QK9T47BOfHPgIOV5fCM6Pltc9lPP44
cookie: __Secure-ENID=23.SE=jJvtIaHJOoRmoh93e9_IIkXiawZcAEBi9XB2_DgkrFgjBGG6Hl85KMXWpZFZc4eaVsvB7AEoSuJwFdxDCWKNQoIjqHyqz7Ncs7_EhJZ_MvlKfpOwhz-IJs2d2oSpordsOveIuEslR4BKgEZdHEhifhVoJqq9zU7s0c7Jzxzm9kexBaEGp3gjjdd6IfNj1brY1lQ9co_o
POST

https://consent.google.com/save?continue=https://www.google.com/search?q%3Dwinzip%26oq%3Dwinzip%26gs_lcrp%3DEgZjaHJvbWUyBggAEEUYOdIBCDEyMTZqMGo3qAIAsAIA%26sourceid%3Dchrome%26ie%3DUTF-8&gl=UK&m=0&pc=srp&x=5&src=2&hl=en&bl=gws_20241029-0_RC2&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true

chrome.exe

Remote address:

172.217.16.238:443

Request

POST /save?continue=https://www.google.com/search?q%3Dwinzip%26oq%3Dwinzip%26gs_lcrp%3DEgZjaHJvbWUyBggAEEUYOdIBCDEyMTZqMGo3qAIAsAIA%26sourceid%3Dchrome%26ie%3DUTF-8&gl=UK&m=0&pc=srp&x=5&src=2&hl=en&bl=gws_20241029-0_RC2&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true HTTP/2.0
host: consent.google.com
content-length: 0
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.google.com
x-client-data: CNr0ygE=
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: NID=518=wo1ZhZE464VZdVHY--ysBVWHdZR7Sf3Set5qAxpFLSejXXtFZA0zZMyqgtWB4MJuSSU01_lyx8q0Inre2RCmaZJWfZiA-06P-g1E0_2O_0088YIqSDfESrEuPRiDSTGyQspGRGTA7aRDAw1GSBf57__4olq02_2yXhkQaP6MSVYZlatbve9LiF4
cookie: AEC=AVYB7cq9hX-YiT5p5Ou1eLBX2PDyuwqaSu-j2dma_oUfj8WTQVintBG3K7A
cookie: GOOGLE_ABUSE_EXEMPTION=ID=2ae47df7a9220d60:TM=1730557704:C=r:IP=138.199.29.44-:S=y8TxzKCmZmsi36X_H-er7SY
cookie: __Secure-ENID=23.SE=YYO0ZBIxfLCQ5KWZNgYOj4dXov1ZbmVtLVQPdrEw9kjXXRpfubyMjAjIETwLHAI5KivDCe12n8weN7-h17ZMiAbOUlWsq0x9Oy52I_iIcvBYwpWGc1wI0Vxzb2ISNf6Kpkr1v2UiuHAtvKrA4vvUMs-QssAXhbXC-35SV_diW0ItJtm1xz8AA8YrAOgZJGmshqYiE4um3IcRcQVD80IfbE8jXubIrFubQg
cookie: SOCS=CAISHAgCEhJnd3NfMjAyNDEwMjktMF9SQzIaAmVuIAEaBgiA15W5Bg
DNS

238.16.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

238.16.217.172.in-addr.arpa

IN PTR

Response

238.16.217.172.in-addr.arpa

IN PTR

mad08s04-in-f141e100net

238.16.217.172.in-addr.arpa

IN PTR

lhr48s28-in-f14�I
DNS

contacts.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

contacts.google.com

IN A

Response

contacts.google.com

IN CNAME

plus.l.google.com

plus.l.google.com

IN A

216.58.201.110
GET

https://contacts.google.com/widget/hovercard/v/2?origin=https%3A%2F%2Fdrive.google.com&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.SGzW6IeCawI.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw%2Fm%3D__features__

chrome.exe

Remote address:

216.58.201.110:443

Request

GET /widget/hovercard/v/2?origin=https%3A%2F%2Fdrive.google.com&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.SGzW6IeCawI.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw%2Fm%3D__features__ HTTP/2.0
host: contacts.google.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
x-client-data: CNr0ygE=
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: __Secure-ENID=23.SE=jJvtIaHJOoRmoh93e9_IIkXiawZcAEBi9XB2_DgkrFgjBGG6Hl85KMXWpZFZc4eaVsvB7AEoSuJwFdxDCWKNQoIjqHyqz7Ncs7_EhJZ_MvlKfpOwhz-IJs2d2oSpordsOveIuEslR4BKgEZdHEhifhVoJqq9zU7s0c7Jzxzm9kexBaEGp3gjjdd6IfNj1brY1lQ9co_o
cookie: NID=518=wo1ZhZE464VZdVHY--ysBVWHdZR7Sf3Set5qAxpFLSejXXtFZA0zZMyqgtWB4MJuSSU01_lyx8q0Inre2RCmaZJWfZiA-06P-g1E0_2O_0088YIqSDfESrEuPRiDSTGyQspGRGTA7aRDAw1GSBf57__4olq02_2yXhkQaP6MSVYZlatbve9LiF4
DNS

drive-thirdparty.googleusercontent.com

chrome.exe

Remote address:

8.8.8.8:53

Request

drive-thirdparty.googleusercontent.com

IN A

Response

drive-thirdparty.googleusercontent.com

IN CNAME

googlehosted.l.googleusercontent.com

googlehosted.l.googleusercontent.com

IN A

216.58.213.1
GET

https://drive-thirdparty.googleusercontent.com/16/type/application/x-rar

chrome.exe

Remote address:

216.58.213.1:443

Request

GET /16/type/application/x-rar HTTP/2.0
host: drive-thirdparty.googleusercontent.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
x-client-data: CNr0ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://drive-thirdparty.googleusercontent.com/16/type/application/octet-stream

chrome.exe

Remote address:

216.58.213.1:443

Request

GET /16/type/application/octet-stream HTTP/2.0
host: drive-thirdparty.googleusercontent.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
x-client-data: CNr0ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

1.213.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.213.58.216.in-addr.arpa

IN PTR

Response

1.213.58.216.in-addr.arpa

IN PTR

lhr25s25-in-f11e100net

1.213.58.216.in-addr.arpa

IN PTR

ber01s14-in-f1�F
DNS

18.31.95.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.31.95.13.in-addr.arpa

IN PTR

Response
DNS

197.87.175.4.in-addr.arpa

Remote address:

8.8.8.8:53

Request

197.87.175.4.in-addr.arpa

IN PTR

Response
DNS

beacons.gcp.gvt2.com

chrome.exe

Remote address:

8.8.8.8:53

Request

beacons.gcp.gvt2.com

IN A

Response

beacons.gcp.gvt2.com

IN CNAME

beacons-handoff.gcp.gvt2.com

beacons-handoff.gcp.gvt2.com

IN A

216.58.213.3
POST

https://beacons.gcp.gvt2.com/domainreliability/upload

chrome.exe

Remote address:

216.58.213.3:443

Request

POST /domainreliability/upload HTTP/2.0
host: beacons.gcp.gvt2.com
content-length: 1827
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
POST

https://beacons.gcp.gvt2.com/domainreliability/upload

chrome.exe

Remote address:

216.58.213.3:443

Request

POST /domainreliability/upload HTTP/2.0
host: beacons.gcp.gvt2.com
content-length: 273
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
POST

https://beacons.gcp.gvt2.com/domainreliability/upload

chrome.exe

Remote address:

216.58.213.3:443

Request

POST /domainreliability/upload HTTP/2.0
host: beacons.gcp.gvt2.com
content-length: 291
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

3.213.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.213.58.216.in-addr.arpa

IN PTR

Response

3.213.58.216.in-addr.arpa

IN PTR

ber01s14-in-f31e100net

3.213.58.216.in-addr.arpa

IN PTR

lhr25s25-in-f3�F
DNS

clients6.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

clients6.google.com

IN A

Response

clients6.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

142.250.178.14
DNS

blobcomments-pa.clients6.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

blobcomments-pa.clients6.google.com

IN A

Response

blobcomments-pa.clients6.google.com

IN A

142.250.187.234
GET

https://clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.SGzW6IeCawI.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw%2Fm%3D__features__

chrome.exe

Remote address:

142.250.178.14:443

Request

GET /static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.SGzW6IeCawI.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw%2Fm%3D__features__ HTTP/2.0
host: clients6.google.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
x-client-data: CNr0ygE=
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: iframe
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: __Secure-ENID=23.SE=jJvtIaHJOoRmoh93e9_IIkXiawZcAEBi9XB2_DgkrFgjBGG6Hl85KMXWpZFZc4eaVsvB7AEoSuJwFdxDCWKNQoIjqHyqz7Ncs7_EhJZ_MvlKfpOwhz-IJs2d2oSpordsOveIuEslR4BKgEZdHEhifhVoJqq9zU7s0c7Jzxzm9kexBaEGp3gjjdd6IfNj1brY1lQ9co_o
cookie: NID=518=wo1ZhZE464VZdVHY--ysBVWHdZR7Sf3Set5qAxpFLSejXXtFZA0zZMyqgtWB4MJuSSU01_lyx8q0Inre2RCmaZJWfZiA-06P-g1E0_2O_0088YIqSDfESrEuPRiDSTGyQspGRGTA7aRDAw1GSBf57__4olq02_2yXhkQaP6MSVYZlatbve9LiF4
GET

https://clients6.google.com/drive/v2beta/files/1fKKzbwkdZ1NgzVKVzAzaYKLxkdhkedsP?fields=alternateLink%2CcopyRequiresWriterPermission%2CcreatedDate%2Cdescription%2CdriveId%2CfileSize%2CiconLink%2Cid%2Clabels(starred%2C%20trashed)%2ClastViewedByMeDate%2CmodifiedDate%2Cshared%2CteamDriveId%2CabuseNoticeReason%2CrestrictionVisualizationCallouts%2ClabelInfo%2CuserPermission(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cpermissions(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cparents(id)%2Ccapabilities(canMoveItemWithinDrive%2CcanMoveItemOutOfDrive%2CcanMoveItemOutOfTeamDrive%2CcanAddChildren%2CcanDownload%2CcanComment%2CcanEdit%2CcanInitiateEsignature%2CcanMoveChildrenWithinDrive%2CcanMoveItemIntoTeamDrive%2CcanRename%2CcanRemoveChildren)%2Ckind&supportsTeamDrives=true&includeBadgedLabels=true&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE

chrome.exe

Remote address:

142.250.178.14:443

Request

GET /drive/v2beta/files/1fKKzbwkdZ1NgzVKVzAzaYKLxkdhkedsP?fields=alternateLink%2CcopyRequiresWriterPermission%2CcreatedDate%2Cdescription%2CdriveId%2CfileSize%2CiconLink%2Cid%2Clabels(starred%2C%20trashed)%2ClastViewedByMeDate%2CmodifiedDate%2Cshared%2CteamDriveId%2CabuseNoticeReason%2CrestrictionVisualizationCallouts%2ClabelInfo%2CuserPermission(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cpermissions(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cparents(id)%2Ccapabilities(canMoveItemWithinDrive%2CcanMoveItemOutOfDrive%2CcanMoveItemOutOfTeamDrive%2CcanAddChildren%2CcanDownload%2CcanComment%2CcanEdit%2CcanInitiateEsignature%2CcanMoveChildrenWithinDrive%2CcanMoveItemIntoTeamDrive%2CcanRename%2CcanRemoveChildren)%2Ckind&supportsTeamDrives=true&includeBadgedLabels=true&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE HTTP/2.0
host: clients6.google.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-goog-encode-response-if-executable: base64
x-origin: https://drive.google.com
x-clientdetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
x-requested-with: XMLHttpRequest
x-javascript-user-agent: google-api-javascript-client/1.1.0
x-goog-authuser: 0
x-referer: https://drive.google.com
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CNr0ygE=
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.SGzW6IeCawI.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw%2Fm%3D__features__
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: __Secure-ENID=23.SE=jJvtIaHJOoRmoh93e9_IIkXiawZcAEBi9XB2_DgkrFgjBGG6Hl85KMXWpZFZc4eaVsvB7AEoSuJwFdxDCWKNQoIjqHyqz7Ncs7_EhJZ_MvlKfpOwhz-IJs2d2oSpordsOveIuEslR4BKgEZdHEhifhVoJqq9zU7s0c7Jzxzm9kexBaEGp3gjjdd6IfNj1brY1lQ9co_o
cookie: NID=518=wo1ZhZE464VZdVHY--ysBVWHdZR7Sf3Set5qAxpFLSejXXtFZA0zZMyqgtWB4MJuSSU01_lyx8q0Inre2RCmaZJWfZiA-06P-g1E0_2O_0088YIqSDfESrEuPRiDSTGyQspGRGTA7aRDAw1GSBf57__4olq02_2yXhkQaP6MSVYZlatbve9LiF4
GET

https://clients6.google.com/drive/v2beta/files/1fKKzbwkdZ1NgzVKVzAzaYKLxkdhkedsP?fields=preview%2Ckind&supportsTeamDrives=true&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE

chrome.exe

Remote address:

142.250.178.14:443

Request

GET /drive/v2beta/files/1fKKzbwkdZ1NgzVKVzAzaYKLxkdhkedsP?fields=preview%2Ckind&supportsTeamDrives=true&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE HTTP/2.0
host: clients6.google.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-goog-encode-response-if-executable: base64
x-origin: https://drive.google.com
x-clientdetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
x-requested-with: XMLHttpRequest
x-javascript-user-agent: google-api-javascript-client/1.1.0
x-goog-authuser: 0
x-referer: https://drive.google.com
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CNr0ygE=
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.SGzW6IeCawI.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw%2Fm%3D__features__
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: __Secure-ENID=23.SE=jJvtIaHJOoRmoh93e9_IIkXiawZcAEBi9XB2_DgkrFgjBGG6Hl85KMXWpZFZc4eaVsvB7AEoSuJwFdxDCWKNQoIjqHyqz7Ncs7_EhJZ_MvlKfpOwhz-IJs2d2oSpordsOveIuEslR4BKgEZdHEhifhVoJqq9zU7s0c7Jzxzm9kexBaEGp3gjjdd6IfNj1brY1lQ9co_o
cookie: NID=518=wo1ZhZE464VZdVHY--ysBVWHdZR7Sf3Set5qAxpFLSejXXtFZA0zZMyqgtWB4MJuSSU01_lyx8q0Inre2RCmaZJWfZiA-06P-g1E0_2O_0088YIqSDfESrEuPRiDSTGyQspGRGTA7aRDAw1GSBf57__4olq02_2yXhkQaP6MSVYZlatbve9LiF4
OPTIONS

https://blobcomments-pa.clients6.google.com/v1/metadata?docId=1fKKzbwkdZ1NgzVKVzAzaYKLxkdhkedsP&revisionId&userLocale=en-GB&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&populateExperimentConfig=true&key=AIzaSyD_InbmSFufIEps5UAt2NmB_3LvBH3Sz_8&%24unique=gc797

chrome.exe

Remote address:

142.250.187.234:443

Request

OPTIONS /v1/metadata?docId=1fKKzbwkdZ1NgzVKVzAzaYKLxkdhkedsP&revisionId&userLocale=en-GB&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&populateExperimentConfig=true&key=AIzaSyD_InbmSFufIEps5UAt2NmB_3LvBH3Sz_8&%24unique=gc797 HTTP/2.0
host: blobcomments-pa.clients6.google.com
accept: */*
access-control-request-method: GET
access-control-request-headers: x-clientdetails,x-goog-authuser,x-goog-encode-response-if-executable,x-javascript-user-agent,x-requested-with
origin: https://drive.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: same-site
sec-fetch-dest: empty
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://blobcomments-pa.clients6.google.com/v1/metadata?docId=1fKKzbwkdZ1NgzVKVzAzaYKLxkdhkedsP&revisionId&userLocale=en-GB&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&populateExperimentConfig=true&key=AIzaSyD_InbmSFufIEps5UAt2NmB_3LvBH3Sz_8&%24unique=gc797

chrome.exe

Remote address:

142.250.187.234:443

Request

GET /v1/metadata?docId=1fKKzbwkdZ1NgzVKVzAzaYKLxkdhkedsP&revisionId&userLocale=en-GB&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&populateExperimentConfig=true&key=AIzaSyD_InbmSFufIEps5UAt2NmB_3LvBH3Sz_8&%24unique=gc797 HTTP/2.0
host: blobcomments-pa.clients6.google.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
x-goog-encode-response-if-executable: base64
x-clientdetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
x-requested-with: XMLHttpRequest
x-javascript-user-agent: google-api-javascript-client/1.1.0
x-goog-authuser: 0
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://drive.google.com
x-client-data: CNr0ygE=
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

accounts.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

108.177.15.84
DNS

234.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.187.250.142.in-addr.arpa

IN PTR

Response

234.187.250.142.in-addr.arpa

IN PTR

lhr25s34-in-f101e100net
DNS

14.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.178.250.142.in-addr.arpa

IN PTR

Response

14.178.250.142.in-addr.arpa

IN PTR

lhr48s27-in-f141e100net
DNS

84.15.177.108.in-addr.arpa

Remote address:

8.8.8.8:53

Request

84.15.177.108.in-addr.arpa

IN PTR

Response

84.15.177.108.in-addr.arpa

IN PTR

wr-in-f841e100net
DNS

peoplestackwebexperiments-pa.clients6.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

peoplestackwebexperiments-pa.clients6.google.com

IN A

Response

peoplestackwebexperiments-pa.clients6.google.com

IN A

142.250.178.10
DNS

13.227.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.227.111.52.in-addr.arpa

IN PTR

Response
DNS

dns-tunnel-check.googlezip.net

chrome.exe

Remote address:

8.8.8.8:53

Request

dns-tunnel-check.googlezip.net

IN A

Response

dns-tunnel-check.googlezip.net

IN A

216.239.34.159
DNS

tunnel.googlezip.net

chrome.exe

Remote address:

8.8.8.8:53

Request

tunnel.googlezip.net

IN A

Response

tunnel.googlezip.net

IN A

216.239.34.157
CONNECT

chrome.exe

Remote address:

216.239.34.157:443

Request

CONNECT HTTP/2.0
host: www.winzip.com:443
chrome-tunnel: key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response

HTTP/2.0 200

content-type: text/plain; charset=utf-8
date: Sat, 02 Nov 2024 14:28:37 GMT
DNS

194.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.187.250.142.in-addr.arpa

IN PTR

Response

194.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f21e100net
CONNECT

chrome.exe

Remote address:

216.239.34.157:443

Request

CONNECT HTTP/2.0
host: apps.apple.com:443
chrome-tunnel: key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response

HTTP/2.0 200

content-type: text/plain; charset=utf-8
date: Sat, 02 Nov 2024 14:28:37 GMT
DNS

157.34.239.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

157.34.239.216.in-addr.arpa

IN PTR

Response
DNS

consent.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

consent.google.com

IN A

Response

consent.google.com

IN A

172.217.16.238
DNS

www.winzip.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.winzip.com

IN A

Response

www.winzip.com

IN CNAME

www.winzip.com.edgekey.net

www.winzip.com.edgekey.net

IN CNAME

e834.d.akamaiedge.net

e834.d.akamaiedge.net

IN A

72.246.149.172
GET

https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE HTTP/2.0
host: www.winzip.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://www.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html; charset=utf-8
server: Apache
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-length: 10234
expires: Sat, 02 Nov 2024 14:28:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:43 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/common/fonts/nbinternationalproreg-webfont.woff2

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/common/fonts/nbinternationalproreg-webfont.woff2 HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.winzip.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: font/woff2
content-length: 21712
server: Apache
last-modified: Tue, 29 Nov 2022 23:31:26 GMT
etag: "54d0-5eea462f83cb2"
accept-ranges: bytes
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
date: Sat, 02 Nov 2024 14:28:43 GMT
GET

https://www.winzip.com/static/common/fonts/nbinternationalpromed-webfont.woff2

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/common/fonts/nbinternationalpromed-webfont.woff2 HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.winzip.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/css
content-length: 21838
server: Apache
last-modified: Wed, 16 Mar 2022 15:30:32 GMT
etag: "24be3-5da57981b3faa-gzip"
accept-ranges: bytes
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: IE
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p11
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:43 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/common/css/bootstrap-5/bootstrap.defer.min.css

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/common/css/bootstrap-5/bootstrap.defer.min.css HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/css
content-length: 8872
server: Apache
last-modified: Thu, 27 Jun 2024 13:19:16 GMT
etag: "ae7c-61bdefa56586d-gzip"
accept-ranges: bytes
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:43 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/wz/css/global.defer.css?v=1

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/css/global.defer.css?v=1 HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/css
content-length: 1284
server: Apache
last-modified: Mon, 05 Jun 2023 12:57:34 GMT
etag: "f90-5fd617240d259-gzip"
accept-ranges: bytes
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:43 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/wz/css/pages/download/winzip-v1/styles.css

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/css/pages/download/winzip-v1/styles.css HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 1316
server: Apache
last-modified: Tue, 04 Jun 2024 14:13:31 GMT
etag: "1f03-61a110df805e7-gzip"
accept-ranges: bytes
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p11
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:43 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/common/scripts/gtm/gtm-container.min.js

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/common/scripts/gtm/gtm-container.min.js HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 30902
server: Apache
last-modified: Wed, 16 Mar 2022 15:30:32 GMT
etag: "15d9d-5da57981fa471-gzip"
accept-ranges: bytes
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: BR
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p11
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:43 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/common/scripts/jquery-3.6.0.min.js

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/common/scripts/jquery-3.6.0.min.js HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: font/woff2
content-length: 22392
server: Apache
last-modified: Tue, 29 Nov 2022 23:31:26 GMT
etag: "5778-5eea462fb0b75"
accept-ranges: bytes
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
date: Sat, 02 Nov 2024 14:28:43 GMT
GET

https://www.winzip.com/static/common/scripts/dynamic-pricing/dynamic-pricing-promotions.min.js

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/common/scripts/dynamic-pricing/dynamic-pricing-promotions.min.js HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 10427
server: Apache
last-modified: Tue, 13 Feb 2024 16:04:53 GMT
etag: "7fb1-611458e032a70-gzip"
accept-ranges: bytes
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: CM
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p11
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:43 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/wz/images/logo-winzip.png

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/images/logo-winzip.png HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

etag: "2be7-5fd6172dd6108"
access-control-allow-origin: http://www.winzip.com
last-modified: Mon, 16 Sep 2024 16:10:26 GMT
server: Akamai Image Manager
x-serial: 324
content-length: 3383
content-type: image/avif
cache-control: private, no-transform, max-age=43200
expires: Sun, 03 Nov 2024 02:28:43 GMT
date: Sat, 02 Nov 2024 14:28:43 GMT
GET

https://www.winzip.com/static/wz/images/pages/download/boxshots/boxshot-standard-download-en.png

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/images/pages/download/boxshots/boxshot-standard-download-en.png HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

etag: "150a2-5db33d13891f7"
access-control-allow-origin: http://www.winzip.com
last-modified: Wed, 10 Apr 2024 21:41:49 GMT
server: Akamai Image Manager
content-length: 7135
content-type: image/avif
cache-control: private, no-transform, max-age=43200
expires: Sun, 03 Nov 2024 02:28:43 GMT
date: Sat, 02 Nov 2024 14:28:43 GMT
GET

https://www.winzip.com/static/wz/css/global.defer.css?v=1

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/css/global.defer.css?v=1 HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/css
content-length: 8872
server: Apache
last-modified: Thu, 27 Jun 2024 13:19:16 GMT
etag: "ae7c-61bdefa56586d-gzip"
accept-ranges: bytes
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:43 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/wz/images/pages/cnet-rating.png

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/images/pages/cnet-rating.png HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
server: Apache
last-modified: Tue, 22 Oct 2024 14:08:52 GMT
etag: "13c39-625114f2046b9"
accept-ranges: bytes
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-encoding: gzip
content-length: 4812
expires: Sat, 02 Nov 2024 14:28:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:43 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/common/scripts/_common-footer-scripts.min.js

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/common/scripts/_common-footer-scripts.min.js HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
server: Apache
last-modified: Thu, 10 Oct 2024 13:58:47 GMT
etag: "2ac-6241fc4f20437"
accept-ranges: bytes
strict-transport-security: max-age=31536000
true-client-country-4js: IE
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p11
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-encoding: gzip
content-length: 296
expires: Sat, 02 Nov 2024 14:28:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:43 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/wz/data/price_data.json?callback=price_data

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/data/price_data.json?callback=price_data HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
content-type: application/json
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

etag: "1668-5db33d1373a49"
access-control-allow-origin: http://www.winzip.com
last-modified: Thu, 15 Aug 2024 03:29:24 GMT
server: Akamai Image Manager
x-serial: 237
content-length: 3145
content-type: image/avif
cache-control: private, no-transform, max-age=43200
expires: Sun, 03 Nov 2024 02:28:43 GMT
date: Sat, 02 Nov 2024 14:28:43 GMT
GET

https://www.winzip.com/static/wz/data/promo_data.json?callback=promo_data

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/data/promo_data.json?callback=promo_data HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
content-type: application/json
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 4030
server: Apache
last-modified: Mon, 20 Nov 2023 13:42:56 GMT
etag: "3ac5-60a95a9db56b7-gzip"
accept-ranges: bytes
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p11
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:43 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/common/scripts/jquery.lazyloadxt.extra.min.js

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/common/scripts/jquery.lazyloadxt.extra.min.js HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 1666
server: Apache
last-modified: Wed, 16 Mar 2022 15:30:32 GMT
etag: "cbe-5da57981fc3b0-gzip"
accept-ranges: bytes
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: IE
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p11
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:43 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/common/scripts/jquery.magnific-popup.min.js

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/common/scripts/jquery.magnific-popup.min.js HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 7638
server: Apache
last-modified: Wed, 16 Mar 2022 15:30:32 GMT
etag: "5278-5da57981fc3b0-gzip"
accept-ranges: bytes
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: PK
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:43 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/wz/images/downloadhelper/test/chrome.png

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/images/downloadhelper/test/chrome.png HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

etag: "1ea7-606456b117c2e"
access-control-allow-origin: http://www.winzip.com
last-modified: Sat, 27 Apr 2024 19:53:37 GMT
server: Akamai Image Manager
content-length: 979
content-type: image/avif
cache-control: private, no-transform, max-age=43200
expires: Sun, 03 Nov 2024 02:28:43 GMT
date: Sat, 02 Nov 2024 14:28:43 GMT
GET

https://www.winzip.com/static/wz/images/downloadhelper/test/step2.jpg

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/images/downloadhelper/test/step2.jpg HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

etag: "13996-5f4202af29ef0"
access-control-allow-origin: http://www.winzip.com
last-modified: Fri, 31 May 2024 23:58:26 GMT
server: Akamai Image Manager
x-serial: 782
content-length: 13445
content-type: image/avif
cache-control: private, no-transform, max-age=43200
expires: Sun, 03 Nov 2024 02:28:43 GMT
date: Sat, 02 Nov 2024 14:28:43 GMT
GET

https://www.winzip.com/static/wz/scripts/downloadtrial.js

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/scripts/downloadtrial.js HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 1710
server: Apache
last-modified: Wed, 08 Mar 2023 20:55:10 GMT
etag: "1dae-5f669be71d799-gzip"
accept-ranges: bytes
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: UG
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p11
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:43 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/wz/scripts/trial-installer.js

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/scripts/trial-installer.js HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 1001
server: Apache
last-modified: Wed, 16 Mar 2022 17:54:23 GMT
etag: "1207-5da599a8dba4d-gzip"
accept-ranges: bytes
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: ZA
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:43 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/wz/scripts/x-target.js

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/scripts/x-target.js HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 1093
server: Apache
last-modified: Wed, 16 Mar 2022 17:54:23 GMT
etag: "c41-5da599a8dba4d-gzip"
accept-ranges: bytes
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: BR
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:43 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/wz/scripts/ua-parser.min.js

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/scripts/ua-parser.min.js HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 3676
server: Apache
last-modified: Wed, 16 Mar 2022 17:54:23 GMT
etag: "25a8-5da599a8dba4d-gzip"
accept-ranges: bytes
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: IE
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:43 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/wz/images/pages/check-mark.png

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/images/pages/check-mark.png HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

etag: "4a0-5db33d1373a49"
access-control-allow-origin: http://www.winzip.com
last-modified: Sat, 27 Apr 2024 05:55:18 GMT
server: Akamai Image Manager
x-serial: 751
content-length: 424
content-type: image/webp
cache-control: private, no-transform, max-age=43200
expires: Sun, 03 Nov 2024 02:28:43 GMT
date: Sat, 02 Nov 2024 14:28:43 GMT
GET

https://www.winzip.com/static/wz/images/winzip-logo-white.svg

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/images/winzip-logo-white.svg HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 1642
server: Apache
last-modified: Tue, 09 Jan 2024 14:02:59 GMT
etag: "13f9-60e83c5a1d642-gzip"
accept-ranges: bytes
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:43 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/common/images/logo/logo-alludo-fw.svg

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/common/images/logo/logo-alludo-fw.svg HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

content-type: font/woff2
content-length: 23512
server: Apache
last-modified: Tue, 29 Nov 2022 23:31:25 GMT
etag: "5bd8-5eea462f62970"
accept-ranges: bytes
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
date: Sat, 02 Nov 2024 14:28:44 GMT
GET

https://www.winzip.com/static/common/scripts/_common-footer-scripts-async.min.js

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/common/scripts/_common-footer-scripts-async.min.js HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

content-type: font/woff2
content-length: 21356
server: Apache
last-modified: Tue, 29 Nov 2022 23:31:26 GMT
etag: "536c-5eea462f87b32"
accept-ranges: bytes
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p11
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
content-type: application/font-woff2
date: Sat, 02 Nov 2024 14:28:44 GMT
GET

https://www.winzip.com/static/common/scripts/dynamic-pricing/dynamic-pricing.optinmonster.min.js

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/common/scripts/dynamic-pricing/dynamic-pricing.optinmonster.min.js HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 404

content-type: text/html; charset=iso-8859-1
content-length: 196
server: Apache
expires: Sat, 02 Nov 2024 14:28:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:44 GMT
GET

https://www.winzip.com/static/wz/images/downloadhelper/test/step3.jpg

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/images/downloadhelper/test/step3.jpg HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

content-type: image/svg+xml
content-length: 495
server: Apache
last-modified: Mon, 05 Jun 2023 12:57:34 GMT
etag: "1ef-5fd617242e59b"
accept-ranges: bytes
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p11
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:44 GMT
GET

https://www.winzip.com/static/common/css/bootstrap-5/bootstrap.min.css

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/common/css/bootstrap-5/bootstrap.min.css HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

content-type: image/svg+xml
server: Apache
last-modified: Mon, 05 Jun 2023 12:57:34 GMT
etag: "23087-5fd6172440e7c"
accept-ranges: bytes
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Encoding
content-encoding: gzip
expires: Sat, 02 Nov 2024 14:28:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:44 GMT
GET

https://www.winzip.com/static/common/css/bootstrap-5/bootstrap-ie11.min.css

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/common/css/bootstrap-5/bootstrap-ie11.min.css HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

content-type: image/svg+xml
server: Apache
last-modified: Tue, 18 Apr 2023 12:57:36 GMT
etag: "730-5f99bda0255d3"
accept-ranges: bytes
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p11
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Encoding
content-encoding: gzip
expires: Sat, 02 Nov 2024 14:28:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:44 GMT
content-length: 959
GET

https://www.winzip.com/static/wz/images/icons/download-01.svg

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/images/icons/download-01.svg HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/static/wz/css/global.defer.css?v=1
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 10388
server: Apache
last-modified: Tue, 13 Feb 2024 16:04:53 GMT
etag: "7ef5-611458e0349b0-gzip"
accept-ranges: bytes
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: CM
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:44 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/wz/css/pages/download/images/win-fastest-bg.jpg

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/css/pages/download/images/win-fastest-bg.jpg HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/static/wz/css/pages/download/winzip-v1/styles.css
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

etag: "f58f-5f4202af50042"
access-control-allow-origin: http://www.winzip.com
last-modified: Wed, 08 May 2024 13:48:50 GMT
server: Akamai Image Manager
content-length: 7618
content-type: image/avif
cache-control: private, no-transform, max-age=43200
expires: Sun, 03 Nov 2024 02:28:44 GMT
date: Sat, 02 Nov 2024 14:28:44 GMT
GET

https://www.winzip.com/static/common/icons/bootstrap-5/globe2.svg

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/common/icons/bootstrap-5/globe2.svg HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/static/wz/css/global.defer.css?v=1
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

content-type: image/svg+xml
server: Apache
last-modified: Wed, 16 Mar 2022 15:30:32 GMT
etag: "71e-5da57981cf514"
accept-ranges: bytes
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p11
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
vary: Accept-Encoding
content-encoding: gzip
expires: Sat, 02 Nov 2024 14:28:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:44 GMT
content-length: 919
GET

https://www.winzip.com/static/common/icons/bootstrap-5/chevron-up.svg

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/common/icons/bootstrap-5/chevron-up.svg HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/static/wz/css/global.defer.css?v=1
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

content-type: image/svg+xml
content-length: 285
server: Apache
last-modified: Wed, 16 Mar 2022 15:30:32 GMT
etag: "11d-5da57981c9759"
accept-ranges: bytes
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:44 GMT
GET

https://www.winzip.com/static/common/fonts/nbinternationalproita-webfont.woff2

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/common/fonts/nbinternationalproita-webfont.woff2 HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.winzip.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

content-type: text/css
content-length: 22933
server: Apache
last-modified: Mon, 02 May 2022 21:34:10 GMT
etag: "25fed-5de0e271f6f97-gzip"
accept-ranges: bytes
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:44 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/common/fonts/nbinternationalprobol-webfont.woff2

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/common/fonts/nbinternationalprobol-webfont.woff2 HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
origin: https://www.winzip.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

content-type: text/css
content-length: 2059
server: Apache
last-modified: Wed, 16 Mar 2022 15:30:32 GMT
etag: "19dc-5da57981b3faa-gzip"
accept-ranges: bytes
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: ZA
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p11
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:44 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/common/scripts/bootstrap-5/bootstrap.bundle.min.js

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/common/scripts/bootstrap-5/bootstrap.bundle.min.js HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 22447
server: Apache
last-modified: Wed, 16 Mar 2022 15:30:32 GMT
etag: "13397-5da57981f3717-gzip"
accept-ranges: bytes
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
expires: Sat, 02 Nov 2024 14:28:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:44 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/geolookup.html?_=1730557722275

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /geolookup.html?_=1730557722275 HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept: */*
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092
cookie: blang_cookie=en-US

Response

HTTP/2.0 200

content-type: text/html; charset=utf-8
server: Apache
content-encoding: gzip
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: *
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-expose-headers: True-Client-Country-4JS
content-length: 66
expires: Sat, 02 Nov 2024 14:28:45 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:45 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/wz/data/x-target_data.json?_=1730557722276

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/data/x-target_data.json?_=1730557722276 HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept: application/json, text/javascript, */*; q=0.01
x-requested-with: XMLHttpRequest
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092
cookie: blang_cookie=en-US
cookie: dynPrice_CurrencyRegion=en-GB
cookie: regionCookie=gb

Response

HTTP/2.0 200

etag: "b0-5da599a884bf3"
access-control-allow-origin: http://www.winzip.com
last-modified: Tue, 23 Jul 2024 12:50:25 GMT
server: Akamai Image Manager
x-serial: 917
content-length: 144
content-type: image/webp
cache-control: private, no-transform, max-age=43200
expires: Sun, 03 Nov 2024 02:28:45 GMT
date: Sat, 02 Nov 2024 14:28:45 GMT
GET

https://www.winzip.com/static/wz/images/pages/download/ico_comma_up.png

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/images/pages/download/ico_comma_up.png HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092
cookie: blang_cookie=en-US
cookie: dynPrice_CurrencyRegion=en-GB
cookie: regionCookie=gb
cookie: dynPrice_promoCookie=ppc
cookie: dynPrice_xparamCookie=x-target=ppc

Response

HTTP/2.0 200

etag: "b1-5da599a884bf3"
access-control-allow-origin: http://www.winzip.com
last-modified: Tue, 13 Aug 2024 09:31:28 GMT
server: Akamai Image Manager
x-serial: 1086
content-length: 148
content-type: image/webp
cache-control: private, no-transform, max-age=43200
expires: Sun, 03 Nov 2024 02:28:45 GMT
date: Sat, 02 Nov 2024 14:28:45 GMT
GET

https://www.winzip.com/static/wz/images/pages/download/ico_comma_dwn.png

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/images/pages/download/ico_comma_dwn.png HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092
cookie: blang_cookie=en-US
cookie: dynPrice_CurrencyRegion=en-GB
cookie: regionCookie=gb
cookie: dynPrice_promoCookie=ppc
cookie: dynPrice_xparamCookie=x-target=ppc

Response

HTTP/2.0 200

etag: "166d9-5db33d138631a"
access-control-allow-origin: http://www.winzip.com
last-modified: Thu, 28 Mar 2024 18:52:03 GMT
server: Akamai Image Manager
x-serial: 719
content-length: 10802
content-type: image/avif
cache-control: private, no-transform, max-age=43200
expires: Sun, 03 Nov 2024 02:28:45 GMT
date: Sat, 02 Nov 2024 14:28:45 GMT
GET

https://www.winzip.com/static/wz/images/pages/convert-to-pdf/ppc-compression.png

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/images/pages/convert-to-pdf/ppc-compression.png HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092
cookie: blang_cookie=en-US
cookie: dynPrice_CurrencyRegion=en-GB
cookie: regionCookie=gb
cookie: dynPrice_promoCookie=ppc
cookie: dynPrice_xparamCookie=x-target=ppc

Response

HTTP/2.0 200

content-type: image/vnd.microsoft.icon
server: Apache
last-modified: Sun, 27 Mar 2022 14:14:41 GMT
etag: "3c2e-5db33d12086ee"
accept-ranges: bytes
strict-transport-security: max-age=31536000
true-client-country-4js: CN
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p11
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-encoding: gzip
content-length: 3125
expires: Sat, 02 Nov 2024 14:28:45 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:45 GMT
vary: Accept-Encoding
GET

https://www.winzip.com/static/wz/images/favicon.ico

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /static/wz/images/favicon.ico HTTP/2.0
host: www.winzip.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: optimizelyEndUserId=oeu1730557722449r0.5241868694782092
cookie: blang_cookie=en-US
cookie: dynPrice_CurrencyRegion=en-GB
cookie: regionCookie=gb
cookie: dynPrice_promoCookie=ppc
cookie: dynPrice_xparamCookie=x-target=ppc

Response

HTTP/2.0 200

content-type: application/json
server: Apache
last-modified: Tue, 08 Oct 2024 13:03:28 GMT
etag: "1cf0-623f6c37aa890"
accept-ranges: bytes
strict-transport-security: max-age=31536000
true-client-country-4js: GB
access-control-allow-origin: http://www.winzip.com
xserver: winzip-p12
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
content-encoding: gzip
content-length: 795
expires: Sat, 02 Nov 2024 14:28:46 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 02 Nov 2024 14:28:46 GMT
vary: Accept-Encoding
DNS

cdn.optimizely.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.optimizely.com

IN A

Response

cdn.optimizely.com

IN A

104.18.65.57

cdn.optimizely.com

IN A

104.18.66.57
GET

https://cdn.optimizely.com/js/26811070246.js

chrome.exe

Remote address:

104.18.65.57:443

Request

GET /js/26811070246.js HTTP/2.0
host: cdn.optimizely.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:28:43 GMT
content-type: text/javascript; charset=utf-8
content-length: 85736
x-amz-id-2: kAABS+QyNi7NkmZJe8Q552wk3PnUKcFzxGeeuRSBmbzAykSKK6UE6N/Wc1SPASmRs9N+ciD0aL0=
x-amz-request-id: ERY0FSXPVAFHW2MV
x-amz-replication-status: PENDING
last-modified: Wed, 28 Aug 2024 21:26:08 GMT
etag: "bbf7e3b88969be57d9e56c36119443b4"
x-amz-server-side-encryption: AES256
cache-control: max-age=120
x-amz-meta-revision: 227
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: iIAForvayvJs2Hzj7GzAHCDXWj2acK0n
cf-cache-status: HIT
age: 526
accept-ranges: bytes
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-headers: *
access-control-expose-headers: x-amz-meta-revision
access-control-allow-credentials: false
access-control-max-age: 86400
server: cloudflare
cf-ray: 8dc4d00d3b6a93f2-LHR
DNS

a25968344087.cdn.optimizely.com

chrome.exe

Remote address:

8.8.8.8:53

Request

a25968344087.cdn.optimizely.com

IN A

Response

a25968344087.cdn.optimizely.com

IN A

104.18.65.57

a25968344087.cdn.optimizely.com

IN A

104.18.66.57
GET

https://a25968344087.cdn.optimizely.com/client_storage/a25968344087.html

chrome.exe

Remote address:

104.18.65.57:443

Request

GET /client_storage/a25968344087.html HTTP/2.0
host: a25968344087.cdn.optimizely.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:28:44 GMT
content-type: text/html; charset=utf-8
content-length: 842
cf-ray: 8dc4d00fe97f94ae-LHR
cf-cache-status: HIT
accept-ranges: bytes
age: 87
cache-control: max-age=120
content-encoding: gzip
etag: "6a1019392cbdc86b175a3c4229a81e87"
last-modified: Thu, 24 Oct 2024 18:30:17 GMT
vary: Accept-Encoding
x-amz-id-2: U/+FaRcjca837X36Giz10JScJVI1wgUJNxkBUScdvn11opDZe8QvP9rnrpimGnsdzrLs3cGhRAA=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: MA9BMNVYRGJ2EA7B
x-amz-server-side-encryption: AES256
x-amz-version-id: Th4vi1hq19SjdRTf0odpStm5AgqPikx1
server-timing: cfCacheStatus;desc="HIT"
server: cloudflare
DNS

unpkg.com

chrome.exe

Remote address:

8.8.8.8:53

Request

unpkg.com

IN A

Response

unpkg.com

IN A

104.17.249.203

unpkg.com

IN A

104.17.246.203

unpkg.com

IN A

104.17.245.203

unpkg.com

IN A

104.17.247.203

unpkg.com

IN A

104.17.248.203
GET

https://unpkg.com/web-vitals/dist/web-vitals.iife.js

chrome.exe

Remote address:

104.17.249.203:443

Request

GET /web-vitals/dist/web-vitals.iife.js HTTP/2.0
host: unpkg.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Sat, 02 Nov 2024 14:28:44 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /web-vitals@4.2.4/dist/web-vitals.iife.js
vary: Accept, Accept-Encoding
content-encoding: br
via: 1.1 fly.io
fly-request-id: 01JBPMA7NEAP8RFRGJ9FANS1VZ-lhr
cf-cache-status: HIT
age: 141
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8dc4d0117d1960e8-LHR
GET

https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

chrome.exe

Remote address:

104.17.249.203:443

Request

GET /web-vitals@4.2.4/dist/web-vitals.iife.js HTTP/2.0
host: unpkg.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:28:44 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1c3a-LeUC6s/Gcko0wscq5NFJGfOy9Yg"
via: 1.1 fly.io
fly-request-id: 01JAXA23RMWSTX7RQ8S99EDW4Y-lhr
cf-cache-status: HIT
age: 849753
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8dc4d0120daa60e8-LHR
DNS

172.149.246.72.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.149.246.72.in-addr.arpa

IN PTR

Response

172.149.246.72.in-addr.arpa

IN PTR

a72-246-149-172deploystaticakamaitechnologiescom
DNS

200.187.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.187.250.142.in-addr.arpa

IN PTR

Response

200.187.250.142.in-addr.arpa

IN PTR

lhr25s33-in-f81e100net
DNS

57.65.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

57.65.18.104.in-addr.arpa

IN PTR

Response
DNS

57.65.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

57.65.18.104.in-addr.arpa

IN PTR
DNS

region1.google-analytics.com

chrome.exe

Remote address:

8.8.8.8:53

Request

region1.google-analytics.com

IN A

Response

region1.google-analytics.com

IN A

216.239.34.36

region1.google-analytics.com

IN A

216.239.32.36
POST

https://region1.google-analytics.com/g/collect?v=2&tid=G-73J027E48R&gtm=45je4au0v894478962z8892103069za200zb892103069&_p=1730557722246&gcs=G100&gcd=13p3p3p3p5l1&npa=1&dma_cps=-&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=60364287.1730557723&ul=en-us&sr=1280x720&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&_s=1&sid=1730557722&sct=1&seg=0&dl=https%3A%2F%2Fwww.winzip.com%2Fen%2Fpages%2Fdownload%2Fwinzip-v1%2F%3Fx-target%3Dppc%26promo%3Dppc%26utm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Dwz-dd-all-adwordsppc%26utm_content%3D153948320389%26utm_term%3Dwinzip%26utm_id%3D20624671898%26gad_source%3D1%26gclid%3DEAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE&dr=https%3A%2F%2Fwww.google.com%2F&dt=Download%20WinZip&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_container_env=GTM-565KQNW%20-%20&ep.url_gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE&ep.url_utm_source=google&ep.url_utm_medium=cpc&ep.url_utm_campaign=wz-dd-all-adwordsppc&ep.url_utm_term=winzip&ep.url_utm_content=153948320389&ep.url_utm_id=20624671898&ep.alludo_id=alid.585797545.1730557722&tfd=1566

chrome.exe

Remote address:

216.239.34.36:443

Request

POST /g/collect?v=2&tid=G-73J027E48R&gtm=45je4au0v894478962z8892103069za200zb892103069&_p=1730557722246&gcs=G100&gcd=13p3p3p3p5l1&npa=1&dma_cps=-&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=60364287.1730557723&ul=en-us&sr=1280x720&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&_s=1&sid=1730557722&sct=1&seg=0&dl=https%3A%2F%2Fwww.winzip.com%2Fen%2Fpages%2Fdownload%2Fwinzip-v1%2F%3Fx-target%3Dppc%26promo%3Dppc%26utm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Dwz-dd-all-adwordsppc%26utm_content%3D153948320389%26utm_term%3Dwinzip%26utm_id%3D20624671898%26gad_source%3D1%26gclid%3DEAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE&dr=https%3A%2F%2Fwww.google.com%2F&dt=Download%20WinZip&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_container_env=GTM-565KQNW%20-%20&ep.url_gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE&ep.url_utm_source=google&ep.url_utm_medium=cpc&ep.url_utm_campaign=wz-dd-all-adwordsppc&ep.url_utm_term=winzip&ep.url_utm_content=153948320389&ep.url_utm_id=20624671898&ep.alludo_id=alid.585797545.1730557722&tfd=1566 HTTP/2.0
host: region1.google-analytics.com
content-length: 0
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.winzip.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
POST

https://region1.google-analytics.com/g/collect?v=2&tid=G-73J027E48R&gtm=45je4au0v894478962z8892103069za200zb892103069&_p=1730557722246&gcs=G100&gcd=13p3p3p3p5l1&npa=1&dma_cps=-&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=60364287.1730557723&ul=en-us&sr=1280x720&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&_s=2&sid=1730557722&sct=1&seg=0&dl=https%3A%2F%2Fwww.winzip.com%2Fen%2Fpages%2Fdownload%2Fwinzip-v1%2F%3Fx-target%3Dppc%26promo%3Dppc%26utm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Dwz-dd-all-adwordsppc%26utm_content%3D153948320389%26utm_term%3Dwinzip%26utm_id%3D20624671898%26gad_source%3D1%26gclid%3DEAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE&dr=https%3A%2F%2Fwww.google.com%2F&dt=Download%20WinZip&en=exception&ep.gtm_container_env=GTM-565KQNW%20-%20&ep.url_gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE&ep.url_utm_source=google&ep.url_utm_medium=cpc&ep.url_utm_campaign=wz-dd-all-adwordsppc&ep.url_utm_term=winzip&ep.url_utm_content=153948320389&ep.url_utm_id=20624671898&ep.alludo_id=alid.585797545.1730557722&ep.description=37%20%7C%20Message%3AUncaught%20TypeError%3A%20Cannot%20read%20properties%20of%20undefined%20(reading%20%27search%27)%20%7C%20URL%3Ahttps%3A%2F%2Fwww.winzip.com%2Fstatic%2Fwz%2Fscripts%2Ftrial-installer.js&_et=93&tfd=3442

chrome.exe

Remote address:

216.239.34.36:443

Request

POST /g/collect?v=2&tid=G-73J027E48R&gtm=45je4au0v894478962z8892103069za200zb892103069&_p=1730557722246&gcs=G100&gcd=13p3p3p3p5l1&npa=1&dma_cps=-&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=60364287.1730557723&ul=en-us&sr=1280x720&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&_s=2&sid=1730557722&sct=1&seg=0&dl=https%3A%2F%2Fwww.winzip.com%2Fen%2Fpages%2Fdownload%2Fwinzip-v1%2F%3Fx-target%3Dppc%26promo%3Dppc%26utm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Dwz-dd-all-adwordsppc%26utm_content%3D153948320389%26utm_term%3Dwinzip%26utm_id%3D20624671898%26gad_source%3D1%26gclid%3DEAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE&dr=https%3A%2F%2Fwww.google.com%2F&dt=Download%20WinZip&en=exception&ep.gtm_container_env=GTM-565KQNW%20-%20&ep.url_gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE&ep.url_utm_source=google&ep.url_utm_medium=cpc&ep.url_utm_campaign=wz-dd-all-adwordsppc&ep.url_utm_term=winzip&ep.url_utm_content=153948320389&ep.url_utm_id=20624671898&ep.alludo_id=alid.585797545.1730557722&ep.description=37%20%7C%20Message%3AUncaught%20TypeError%3A%20Cannot%20read%20properties%20of%20undefined%20(reading%20%27search%27)%20%7C%20URL%3Ahttps%3A%2F%2Fwww.winzip.com%2Fstatic%2Fwz%2Fscripts%2Ftrial-installer.js&_et=93&tfd=3442 HTTP/2.0
host: region1.google-analytics.com
content-length: 0
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.winzip.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

203.249.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

203.249.17.104.in-addr.arpa

IN PTR

Response
DNS

203.249.17.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

203.249.17.104.in-addr.arpa

IN PTR
DNS

34.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

34.200.250.142.in-addr.arpa

IN PTR

Response

34.200.250.142.in-addr.arpa

IN PTR

lhr48s30-in-f21e100net
DNS

34.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

34.200.250.142.in-addr.arpa

IN PTR
DNS

36.34.239.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

36.34.239.216.in-addr.arpa

IN PTR

Response
DNS

36.34.239.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

36.34.239.216.in-addr.arpa

IN PTR
DNS

www.corel.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.corel.com

IN A

Response

www.corel.com

IN CNAME

www-san.corel.com.edgekey.net

www-san.corel.com.edgekey.net

IN CNAME

e834.d.akamaiedge.net

e834.d.akamaiedge.net

IN A

72.246.149.172
GET

https://www.corel.com/geolookup.html

chrome.exe

Remote address:

72.246.149.172:443

Request

GET /geolookup.html HTTP/2.0
host: www.corel.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.winzip.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 40
server: Apache
last-modified: Tue, 26 Apr 2016 19:57:40 GMT
etag: "28-53168b49b7500"
accept-ranges: bytes
strict-transport-security: max-age=63072000; preload
true-client-country-4js: GB
access-control-allow-origin: *
xserver: corel-p11
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-expose-headers: True-Client-Country-4JS
date: Sat, 02 Nov 2024 14:28:45 GMT
DNS

cdn.cookielaw.org

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.cookielaw.org

IN A

Response

cdn.cookielaw.org

IN A

104.18.87.42

cdn.cookielaw.org

IN A

104.18.86.42
GET

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

chrome.exe

Remote address:

104.18.87.42:443

Request

GET /scripttemplates/otSDKStub.js HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:28:45 GMT
content-type: application/javascript
content-length: 7212
content-encoding: gzip
content-md5: qVqAwzZMp5y69q24H0KNhg==
last-modified: Thu, 31 Oct 2024 19:22:01 GMT
etag: 0x8DCF9E14B983B5E
x-ms-request-id: 6717472a-101e-0057-2a7a-2c7a07000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 79601
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 8dc4d01a5d0a9445-LHR
GET

https://cdn.cookielaw.org/scripttemplates/202402.1.0/otBannerSdk.js

chrome.exe

Remote address:

104.18.87.42:443

Request

GET /scripttemplates/202402.1.0/otBannerSdk.js HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:28:46 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cf-bgj: minify
cf-polished: origSize=440693
content-md5: XwXx/WxMZ+UJJ5CmkZRGfQ==
last-modified: Tue, 16 Jul 2024 21:32:03 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 0dcfd11e-c01e-00b0-107e-256a0a000000
x-ms-version: 2009-09-19
cache-control: max-age=86400
cf-cache-status: HIT
age: 69924
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 8dc4d01d29369445-LHR
content-encoding: gzip
GET

https://cdn.cookielaw.org/logos/static/ot_close.svg

chrome.exe

Remote address:

104.18.87.42:443

Request

GET /logos/static/ot_close.svg HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:28:46 GMT
content-type: image/svg+xml
content-md5: pcXWFGpuVeSg/jVnYCseRg==
last-modified: Thu, 31 Oct 2024 19:22:07 GMT
x-ms-request-id: cb7194b4-201e-007d-768d-2c0f42000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 71119
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 8dc4d01eebcd9445-LHR
content-encoding: gzip
GET

https://cdn.cookielaw.org/logos/7439b2e3-651f-4211-a0ed-68c232ec3332/96ef4ee5-50d8-4ced-8132-812f1e8a1270/e864d848-1fa5-4d51-81fc-a91c6faa9dab/314132f6-8524-4d25-8270-fa5d0634fe22.jpg

chrome.exe

Remote address:

104.18.87.42:443

Request

GET /logos/7439b2e3-651f-4211-a0ed-68c232ec3332/96ef4ee5-50d8-4ced-8132-812f1e8a1270/e864d848-1fa5-4d51-81fc-a91c6faa9dab/314132f6-8524-4d25-8270-fa5d0634fe22.jpg HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:28:46 GMT
content-type: image/svg+xml
content-md5: Y+c301RBZNK39PvKQWrIBw==
last-modified: Thu, 31 Oct 2024 19:22:08 GMT
x-ms-request-id: 111021d1-001e-0043-5a82-2cb963000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 75819
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 8dc4d01f2c019445-LHR
content-encoding: gzip
GET

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

chrome.exe

Remote address:

104.18.87.42:443

Request

GET /logos/static/powered_by_logo.svg HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:28:46 GMT
content-type: image/jpeg
content-length: 40230
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cf-bgj: h2pri
content-md5: YsHke3mEaEabOPpBvc9q9g==
etag: 0x8DBAB02308896A1
last-modified: Fri, 01 Sep 2023 15:43:29 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 4cec3ad1-d01e-003c-3708-7c1044000000
x-ms-version: 2009-09-19
cache-control: max-age=86400
cf-cache-status: HIT
age: 29682
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8dc4d01f1c009445-LHR
GET

https://cdn.cookielaw.org/consent/e3da808f-4b57-47db-af1e-f01683d7a52a/e3da808f-4b57-47db-af1e-f01683d7a52a.json

chrome.exe

Remote address:

104.18.87.42:443

Request

GET /consent/e3da808f-4b57-47db-af1e-f01683d7a52a/e3da808f-4b57-47db-af1e-f01683d7a52a.json HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.winzip.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:28:46 GMT
content-type: application/json
content-length: 1850
cf-ray: 8dc4d01b497a652f-LHR
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 44875
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC399FC14B752E
expires: Sun, 03 Nov 2024 14:28:45 GMT
last-modified: Fri, 01 Mar 2024 03:29:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: vFibws9BPKYhMCHiKVnzRg==
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: e2f25584-501e-0014-3ba5-2950ee000000
x-ms-version: 2009-09-19
cross-origin-resource-policy: cross-origin
server: cloudflare
GET

https://cdn.cookielaw.org/consent/e3da808f-4b57-47db-af1e-f01683d7a52a/018df7a8-d9c5-735e-92b7-076de9497467/en.json

chrome.exe

Remote address:

104.18.87.42:443

Request

GET /consent/e3da808f-4b57-47db-af1e-f01683d7a52a/018df7a8-d9c5-735e-92b7-076de9497467/en.json HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.winzip.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:28:46 GMT
content-type: application/json
content-length: 18190
cf-ray: 8dc4d01dbcc9652f-LHR
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 27429
cache-control: public, max-age=86400
content-encoding: gzip
etag: 0x8DC399FCA820C2D
expires: Sun, 03 Nov 2024 14:28:46 GMT
last-modified: Fri, 01 Mar 2024 03:29:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: MlPLThMN9uFyUjcithyJfg==
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 8549a282-101e-00b9-39f3-2c7084000000
x-ms-version: 2009-09-19
cross-origin-resource-policy: cross-origin
server: cloudflare
GET

https://cdn.cookielaw.org/scripttemplates/202402.1.0/assets/otFlat.json

chrome.exe

Remote address:

104.18.87.42:443

Request

GET /scripttemplates/202402.1.0/assets/otFlat.json HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.winzip.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:28:46 GMT
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cf-bgj: minify
cf-polished: origSize=21778
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
last-modified: Tue, 16 Jul 2024 21:32:07 GMT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 4a81185b-001e-0103-2204-d8d6d8000000
x-ms-version: 2009-09-19
cache-control: max-age=86400
cf-cache-status: HIT
age: 25985
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 8dc4d01e7e08652f-LHR
content-encoding: gzip
GET

https://cdn.cookielaw.org/scripttemplates/202402.1.0/assets/v2/otPcCenter.json

chrome.exe

Remote address:

104.18.87.42:443

Request

GET /scripttemplates/202402.1.0/assets/v2/otPcCenter.json HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.winzip.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:28:46 GMT
content-type: application/json
content-length: 12808
content-encoding: gzip
content-md5: JaQINgYe3a7s6zMdoyk38Q==
last-modified: Tue, 16 Jul 2024 21:31:57 GMT
etag: 0x8DCA5DEB83DC8A4
x-ms-request-id: ef83d6b1-001e-00e2-1217-2077f8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 58393
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 8dc4d01e7e07652f-LHR
GET

https://cdn.cookielaw.org/scripttemplates/202402.1.0/assets/otCommonStyles.css

chrome.exe

Remote address:

104.18.87.42:443

Request

GET /scripttemplates/202402.1.0/assets/otCommonStyles.css HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.winzip.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:28:46 GMT
content-type: application/json
content-length: 3041
content-encoding: gzip
content-md5: Rtw1HeKUT+s7FdllH11+Yg==
last-modified: Tue, 16 Jul 2024 21:31:54 GMT
etag: 0x8DCA5DEB6E44F68
x-ms-request-id: 41eed6c5-e01e-00ca-3268-d80047000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 76415
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 8dc4d01e7e05652f-LHR
GET

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

chrome.exe

Remote address:

104.18.87.42:443

Request

GET /logos/static/ot_guard_logo.svg HTTP/2.0
host: cdn.cookielaw.org
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.winzip.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:28:46 GMT
content-type: image/svg+xml
content-md5: tXyZydHjxQshFMbbBT1/8A==
last-modified: Sat, 02 Nov 2024 02:18:37 GMT
x-ms-request-id: d64ff6fd-201e-00f5-45d6-2cb79b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 39813
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 8dc4d01efec9652f-LHR
content-encoding: gzip
DNS

geolocation.onetrust.com

chrome.exe

Remote address:

8.8.8.8:53

Request

geolocation.onetrust.com

IN A

Response

geolocation.onetrust.com

IN A

104.18.32.137

geolocation.onetrust.com

IN A

172.64.155.119
GET

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

chrome.exe

Remote address:

104.18.32.137:443

Request

GET /cookieconsentpub/v1/geo/location HTTP/2.0
host: geolocation.onetrust.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept: application/json
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
origin: https://www.winzip.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:28:46 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8dc4d01cb9df531d-LHR
content-encoding: gzip
DNS

42.87.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

42.87.18.104.in-addr.arpa

IN PTR

Response
DNS

137.32.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

137.32.18.104.in-addr.arpa

IN PTR

Response
GET

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQkMuc7htNtgKBIFDaWTNiQhdyrudYZ0ujY=?alt=proto

chrome.exe

Remote address:

142.250.200.42:443

Request

GET /v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQkMuc7htNtgKBIFDaWTNiQhdyrudYZ0ujY=?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CNr0ygE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

privacyportal.onetrust.com

chrome.exe

Remote address:

8.8.8.8:53

Request

privacyportal.onetrust.com

IN A

Response

privacyportal.onetrust.com

IN A

172.64.155.119

privacyportal.onetrust.com

IN A

104.18.32.137
POST

https://privacyportal.onetrust.com/request/v1/consentreceipts

chrome.exe

Remote address:

172.64.155.119:443

Request

POST /request/v1/consentreceipts HTTP/2.0
host: privacyportal.onetrust.com
content-length: 11058
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://www.winzip.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.winzip.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 201

date: Sat, 02 Nov 2024 14:28:47 GMT
content-length: 0
vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
access-control-allow-origin: *
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8dc4d021afbb6316-LHR
DNS

119.155.64.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

119.155.64.172.in-addr.arpa

IN PTR

Response
DNS

encrypted-tbn0.gstatic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

encrypted-tbn0.gstatic.com

IN A

Response

encrypted-tbn0.gstatic.com

IN A

142.250.200.46
GET

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQk9iVgGX9zISp_HJcFJ72B7r9GbnMM4HVGuijh2ESifGcoXeNRjNFl&usqp=CAE&s

chrome.exe

Remote address:

142.250.200.46:443

Request

GET /images?q=tbn:ANd9GcQk9iVgGX9zISp_HJcFJ72B7r9GbnMM4HVGuijh2ESifGcoXeNRjNFl&usqp=CAE&s HTTP/2.0
host: encrypted-tbn0.gstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
x-client-data: CNr0ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
GET

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTEQ740YCEp8_fMA6zjw9ZwS_ad-ScK2L8M3ZZ7QoqghPWwWxBMgZfQ&usqp=CAE&s

chrome.exe

Remote address:

142.250.200.46:443

Request

GET /images?q=tbn:ANd9GcTEQ740YCEp8_fMA6zjw9ZwS_ad-ScK2L8M3ZZ7QoqghPWwWxBMgZfQ&usqp=CAE&s HTTP/2.0
host: encrypted-tbn0.gstatic.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
x-client-data: CNr0ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

46.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

46.200.250.142.in-addr.arpa

IN PTR

Response

46.200.250.142.in-addr.arpa

IN PTR

lhr48s30-in-f141e100net
DNS

lh5.googleusercontent.com

chrome.exe

Remote address:

8.8.8.8:53

Request

lh5.googleusercontent.com

IN A

Response

lh5.googleusercontent.com

IN CNAME

googlehosted.l.googleusercontent.com

googlehosted.l.googleusercontent.com

IN A

216.58.213.1
DNS

id.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

id.google.com

IN A

Response

id.google.com

IN A

216.58.213.3
GET

https://id.google.com/verify/AHEVGRybCFvx25OmNg-hMYiLgcdrJwviqo21tSpoRgeoA_0KGWV3cdaBL60MVibuMxD9i0LFNcz0brwZFhY_3xgxKbRn1HRm_rKu_mY2ImtsNYHM

chrome.exe

Remote address:

216.58.213.3:443

Request

GET /verify/AHEVGRybCFvx25OmNg-hMYiLgcdrJwviqo21tSpoRgeoA_0KGWV3cdaBL60MVibuMxD9i0LFNcz0brwZFhY_3xgxKbRn1HRm_rKu_mY2ImtsNYHM HTTP/2.0
host: id.google.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
x-client-data: CNr0ygE=
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: AEC=AVYB7cq9hX-YiT5p5Ou1eLBX2PDyuwqaSu-j2dma_oUfj8WTQVintBG3K7A
cookie: GOOGLE_ABUSE_EXEMPTION=ID=2ae47df7a9220d60:TM=1730557704:C=r:IP=138.199.29.44-:S=y8TxzKCmZmsi36X_H-er7SY
cookie: SOCS=CAISHAgCEhJnd3NfMjAyNDEwMjktMF9SQzIaAmVuIAEaBgiA15W5Bg
cookie: NID=518=B6QfvtDqCo1IUMP4wzHrO5S4pW3hV7oNvpT7fAc-0qnZX4vYoPop8t0PRF7znsEzNuOhcLibPyo9Xd_Wx1tIr2afUOYDB319bfaYZybEsLbsgl5xuouBrYvAjSqSWDtTb38bpM36Oz5y3xHGm9gdeOfWxjGTEf3717sSghD6nZYcwJA5Gii8Ox68Scn0zudJtjBFExVEFULHhxwq1TI7ji9--Xmd4wj2QQ
CONNECT

chrome.exe

Remote address:

216.239.34.157:443

Request

CONNECT HTTP/2.0
host: www.win-rar.com:443
chrome-tunnel: key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response

HTTP/2.0 200

content-type: text/plain; charset=utf-8
date: Sat, 02 Nov 2024 14:28:56 GMT
CONNECT

chrome.exe

Remote address:

216.239.34.157:443

Request

CONNECT HTTP/2.0
host: www.rarlab.com:443
chrome-tunnel: key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response

HTTP/2.0 200

content-type: text/plain; charset=utf-8
date: Sat, 02 Nov 2024 14:28:57 GMT
DNS

www.win-rar.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.win-rar.com

IN A

Response

www.win-rar.com

IN A

51.195.68.163
GET

https://www.win-rar.com/

chrome.exe

Remote address:

51.195.68.163:443

Request

GET / HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://www.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Sat, 02 Nov 2024 14:29:00 GMT
server: Apache
location: /start.html?&L=0
content-type: text/html;charset=utf-8
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/start.html?&L=0

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /start.html?&L=0 HTTP/2.0
host: www.win-rar.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://www.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:00 GMT
server: Apache
vary: Accept-Encoding
content-encoding: gzip
content-length: 7611
content-type: text/html;charset=utf-8
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/templates/style.css?1704275748

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/templates/style.css?1704275748 HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.win-rar.com/start.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:00 GMT
server: Apache
last-modified: Wed, 03 Jan 2024 09:55:48 GMT
etag: "1416-60e079e9a0889-gzip"
accept-ranges: bytes
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:01 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1611
content-type: text/css
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/typo3temp/stylesheet_5d370599a3.css?1630582047

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /typo3temp/stylesheet_5d370599a3.css?1630582047 HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.win-rar.com/start.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:00 GMT
server: Apache
last-modified: Thu, 02 Sep 2021 11:27:27 GMT
etag: "1711-5cb0177b83a1f-gzip"
accept-ranges: bytes
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:01 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1179
content-type: text/css
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/templates/images.css?1627980766

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/templates/images.css?1627980766 HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.win-rar.com/start.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:00 GMT
server: Apache
last-modified: Tue, 03 Aug 2021 08:52:46 GMT
etag: "73e-5c8a3cf5032e6-gzip"
accept-ranges: bytes
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:01 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 401
content-type: text/css
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/templates/footer.css?1675426476

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/templates/footer.css?1675426476 HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.win-rar.com/start.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:00 GMT
server: Apache
last-modified: Fri, 03 Feb 2023 12:14:36 GMT
etag: "a51-5f3ca9ffe72da-gzip"
accept-ranges: bytes
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:01 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 688
content-type: text/css
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/templates/formhandler/jquery-3.7.1.slim.min.js

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/templates/formhandler/jquery-3.7.1.slim.min.js HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.win-rar.com/start.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:00 GMT
server: Apache
last-modified: Mon, 20 Dec 2021 11:56:51 GMT
etag: "1b0b-5d392958c6c4a"
accept-ranges: bytes
content-length: 6923
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:01 GMT
content-type: image/png
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/templates/logo-winrar.png

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/templates/logo-winrar.png HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.win-rar.com/start.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:00 GMT
server: Apache
last-modified: Wed, 28 Feb 2024 08:39:38 GMT
etag: "21da-6126d15566163"
accept-ranges: bytes
content-length: 8666
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:01 GMT
content-type: image/png
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/uploads/pics/rar-archive-8_d8215f_10.png

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /uploads/pics/rar-archive-8_d8215f_10.png HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.win-rar.com/start.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:00 GMT
server: Apache
last-modified: Tue, 17 Sep 2024 11:12:30 GMT
etag: "11278-6224ec3f1e72e-gzip"
accept-ranges: bytes
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:01 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 24084
content-type: application/javascript
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/images/awards/award-moosoft-winrar.png

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/images/awards/award-moosoft-winrar.png HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.win-rar.com/start.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:01 GMT
server: Apache
last-modified: Wed, 10 Apr 2024 07:24:04 GMT
etag: "1839-615b8ec5e750d"
accept-ranges: bytes
content-length: 6201
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:02 GMT
content-type: image/png
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/images/icons/fb.svg

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/images/icons/fb.svg HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.win-rar.com/start.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:01 GMT
server: Apache
last-modified: Tue, 05 Oct 2021 09:06:04 GMT
etag: "31d-5cd9756de4101"
accept-ranges: bytes
content-length: 797
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:02 GMT
vary: Accept-Encoding
content-type: image/svg+xml
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/images/icons/tw.svg

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/images/icons/tw.svg HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.win-rar.com/start.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:01 GMT
server: Apache
last-modified: Wed, 13 Mar 2024 13:17:27 GMT
etag: "186-6138a989b8250"
accept-ranges: bytes
content-length: 390
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:02 GMT
vary: Accept-Encoding
content-type: image/svg+xml
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/images/icons/yt.svg

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/images/icons/yt.svg HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.win-rar.com/start.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:01 GMT
server: Apache
last-modified: Tue, 05 Oct 2021 09:06:04 GMT
etag: "254-5cd9756de8f21"
accept-ranges: bytes
content-length: 596
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:02 GMT
vary: Accept-Encoding
content-type: image/svg+xml
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/templates/formhandler/ckrule.js

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/templates/formhandler/ckrule.js HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.win-rar.com/start.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:01 GMT
server: Apache
last-modified: Wed, 03 Jan 2024 10:17:46 GMT
etag: "404-60e07ed288df7-gzip"
accept-ranges: bytes
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:02 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 436
content-type: text/css
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/templates/style-mx.css?1704277066

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/templates/style-mx.css?1704277066 HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.win-rar.com/start.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:01 GMT
server: Apache
last-modified: Mon, 06 Sep 2021 08:31:34 GMT
etag: "3d5f-5cb4f7a1525c0-gzip"
accept-ranges: bytes
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:02 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 4056
content-type: application/javascript
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/templates/footer-mx.css?1661158051

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/templates/footer-mx.css?1661158051 HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.win-rar.com/start.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:01 GMT
server: Apache
last-modified: Mon, 22 Aug 2022 08:47:31 GMT
etag: "46f-5e6d07f9a3140-gzip"
accept-ranges: bytes
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:02 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 356
content-type: text/css
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/images/buttons/button_buy_blank.png

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/images/buttons/button_buy_blank.png HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.win-rar.com/fileadmin/templates/images.css?1627980766
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:01 GMT
server: Apache
last-modified: Thu, 04 Nov 2010 16:33:01 GMT
etag: "867-4943cb61ac940"
accept-ranges: bytes
content-length: 2151
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:02 GMT
content-type: image/png
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/images/buttons/button_download_blank.png

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/images/buttons/button_download_blank.png HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.win-rar.com/fileadmin/templates/images.css?1627980766
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:01 GMT
server: Apache
last-modified: Thu, 04 Nov 2010 16:33:28 GMT
etag: "6d4-4943cb7b6c600"
accept-ranges: bytes
content-length: 1748
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:02 GMT
content-type: image/png
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/images/common/favicon.ico

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/images/common/favicon.ico HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.win-rar.com/start.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: cookieDisclaimer=0

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:01 GMT
server: Apache
last-modified: Wed, 21 Mar 2018 10:53:34 GMT
etag: "9f6-567ea00a03eba"
accept-ranges: bytes
content-length: 2550
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:02 GMT
content-type: image/vnd.microsoft.icon
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
DNS

163.68.195.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

163.68.195.51.in-addr.arpa

IN PTR

Response

163.68.195.51.in-addr.arpa

IN PTR

wwwwin-rarcom
GET

https://www.win-rar.com/predownload.html?&L=0

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /predownload.html?&L=0 HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://www.win-rar.com/start.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: cookieDisclaimer=0

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:03 GMT
server: Apache
vary: Accept-Encoding
content-encoding: gzip
content-length: 4814
content-type: text/html;charset=utf-8
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/templates/defaultStyle.css?1627021175

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/templates/defaultStyle.css?1627021175 HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.win-rar.com/predownload.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: cookieDisclaimer=0

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:03 GMT
server: Apache
last-modified: Tue, 04 May 2021 15:58:53 GMT
etag: "2b-5c18327a2ef4a"
accept-ranges: bytes
content-length: 43
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:04 GMT
vary: Accept-Encoding
content-type: text/css
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/typo3temp/stylesheet_3af1ea9423.css?1620143933

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /typo3temp/stylesheet_3af1ea9423.css?1620143933 HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.win-rar.com/predownload.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: cookieDisclaimer=0

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:03 GMT
server: Apache
last-modified: Mon, 27 Apr 2020 09:13:50 GMT
etag: "5846-5a442221b2999"
accept-ranges: bytes
content-length: 22598
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:04 GMT
content-type: image/png
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/images/winrar-archive.png

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/images/winrar-archive.png HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.win-rar.com/predownload.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: cookieDisclaimer=0

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:03 GMT
server: Apache
last-modified: Wed, 31 Aug 2011 08:57:14 GMT
etag: "e0f-4abc9507d2e80"
accept-ranges: bytes
content-length: 3599
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:04 GMT
content-type: image/jpeg
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/images/buttons/button_buy_en.jpg

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/images/buttons/button_buy_en.jpg HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.win-rar.com/predownload.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: cookieDisclaimer=0

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:03 GMT
server: Apache
last-modified: Fri, 23 Jul 2021 06:19:35 GMT
etag: "1801-5c7c4632efbb1-gzip"
accept-ranges: bytes
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:04 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1828
content-type: text/css
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/templates/defaultstyle-mx.css?1661155123

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/templates/defaultstyle-mx.css?1661155123 HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.win-rar.com/predownload.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: cookieDisclaimer=0

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:03 GMT
server: Apache
last-modified: Mon, 22 Aug 2022 07:58:43 GMT
etag: "2fb-5e6cfd10dcb57-gzip"
accept-ranges: bytes
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:04 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 401
content-type: text/css
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/images/boxshots/checkgreen.jpg

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/images/boxshots/checkgreen.jpg HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.win-rar.com/fileadmin/templates/defaultStyle.css?1627021175
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: cookieDisclaimer=0

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:03 GMT
server: Apache
last-modified: Wed, 06 Jun 2012 16:33:48 GMT
etag: "21f-4c1d054dd7300"
accept-ranges: bytes
content-length: 543
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:04 GMT
content-type: image/jpeg
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/postdownload.html?&L=0

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /postdownload.html?&L=0 HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://www.win-rar.com/predownload.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: cookieDisclaimer=0

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:06 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=b8ghs05ahnsgpgtali32gv0s72; path=/; samesite=Strict; domain=.win-rar.com; secure; HttpOnly
vary: Accept-Encoding
content-encoding: gzip
content-length: 8471
content-type: text/html;charset=utf-8
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/scripts/captcha/captcha.php?RELOAD=

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/scripts/captcha/captcha.php?RELOAD= HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.win-rar.com/postdownload.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: cookieDisclaimer=0
cookie: PHPSESSID=b8ghs05ahnsgpgtali32gv0s72

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:07 GMT
server: Apache
expires: Mon, 26 Jul 1990 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Sat, 02 Nov 2024 14:29:07 GMT
content-type: image/png
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/templates/formhandler/apphelp-min.js

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/templates/formhandler/apphelp-min.js HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.win-rar.com/postdownload.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: cookieDisclaimer=0
cookie: PHPSESSID=b8ghs05ahnsgpgtali32gv0s72

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:07 GMT
server: Apache
last-modified: Tue, 23 Aug 2022 07:37:00 GMT
etag: "3212-5e6e3a134d14b-gzip"
accept-ranges: bytes
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:08 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2980
content-type: application/javascript
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/templates/style_max640.css?1660814472

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/templates/style_max640.css?1660814472 HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.win-rar.com/postdownload.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: cookieDisclaimer=0
cookie: PHPSESSID=b8ghs05ahnsgpgtali32gv0s72

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:07 GMT
server: Apache
last-modified: Thu, 18 Aug 2022 09:21:12 GMT
etag: "14f6-5e68080a80730-gzip"
accept-ranges: bytes
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:08 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1655
content-type: text/css
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/winrar-versions/winrar/winrar-x64-701.exe

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/winrar-versions/winrar/winrar-x64-701.exe HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.win-rar.com/postdownload.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: cookieDisclaimer=0
cookie: PHPSESSID=b8ghs05ahnsgpgtali32gv0s72

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:08 GMT
server: Apache
last-modified: Wed, 15 May 2024 07:43:28 GMT
etag: "3c3e58-61879463c588a"
accept-ranges: bytes
content-length: 3948120
cache-control: max-age=5184000
expires: Wed, 01 Jan 2025 14:29:08 GMT
content-type: application/octet-stream
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/images/helper/winrar-download-chrome.png

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/images/helper/winrar-download-chrome.png HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.win-rar.com/postdownload.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: cookieDisclaimer=0
cookie: PHPSESSID=b8ghs05ahnsgpgtali32gv0s72

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:11 GMT
server: Apache
last-modified: Wed, 22 Jul 2020 12:17:11 GMT
etag: "828-5ab06b82aedfc"
accept-ranges: bytes
content-length: 2088
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:12 GMT
content-type: image/png
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/images/helper/user_account_control.png

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/images/helper/user_account_control.png HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.win-rar.com/postdownload.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: cookieDisclaimer=0
cookie: PHPSESSID=b8ghs05ahnsgpgtali32gv0s72

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:11 GMT
server: Apache
last-modified: Mon, 09 Aug 2021 07:32:13 GMT
etag: "2906-5c91b624a792d"
accept-ranges: bytes
content-length: 10502
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:12 GMT
content-type: image/png
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/images/help/winrar-installation-step-1.png

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/images/help/winrar-installation-step-1.png HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.win-rar.com/postdownload.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: cookieDisclaimer=0
cookie: PHPSESSID=b8ghs05ahnsgpgtali32gv0s72

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:11 GMT
server: Apache
last-modified: Mon, 09 Aug 2021 07:32:59 GMT
etag: "e766-5c91b650115a3"
accept-ranges: bytes
content-length: 59238
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:12 GMT
content-type: image/png
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/images/help/winrar-installation-step-2.png

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/images/help/winrar-installation-step-2.png HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.win-rar.com/postdownload.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: cookieDisclaimer=0
cookie: PHPSESSID=b8ghs05ahnsgpgtali32gv0s72

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:11 GMT
server: Apache
last-modified: Mon, 09 Aug 2021 07:32:59 GMT
etag: "acec-5c91b65014c53"
accept-ranges: bytes
content-length: 44268
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:12 GMT
content-type: image/png
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://www.win-rar.com/fileadmin/images/help/winrar-installation-step-3.png

chrome.exe

Remote address:

51.195.68.163:443

Request

GET /fileadmin/images/help/winrar-installation-step-3.png HTTP/2.0
host: www.win-rar.com
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.win-rar.com/postdownload.html?&L=0
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
cookie: cookieDisclaimer=0
cookie: PHPSESSID=b8ghs05ahnsgpgtali32gv0s72

Response

HTTP/2.0 200

date: Sat, 02 Nov 2024 14:29:11 GMT
server: Apache
last-modified: Mon, 09 Aug 2021 07:32:59 GMT
etag: "ed35-5c91b6500eaab"
accept-ranges: bytes
content-length: 60725
cache-control: max-age=172801
expires: Mon, 04 Nov 2024 14:29:12 GMT
content-type: image/png
x-frame-options: DENY
x-xss-protection: 1;mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: frame-ancestors 'none';
GET

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSJwnWoa3M2k6_-BIFDd-_eKsSBQ3MyiRgEgUNg6hbPSFiMwkme6VkSw==?alt=proto

chrome.exe

Remote address:

142.250.200.42:443

Request

GET /v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSJwnWoa3M2k6_-BIFDd-_eKsSBQ3MyiRgEgUNg6hbPSFiMwkme6VkSw==?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CNr0ygE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

google.com

IN A

Response

google.com

IN A

142.250.200.14
POST

https://google.com/domainreliability/upload

chrome.exe

Remote address:

142.250.200.14:443

Request

POST /domainreliability/upload HTTP/2.0
host: google.com
content-length: 268
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
POST

https://accounts.google.com/domainreliability/upload

chrome.exe

Remote address:

108.177.15.84:443

Request

POST /domainreliability/upload HTTP/2.0
host: accounts.google.com
content-length: 882
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

e2c64.gcp.gvt2.com

chrome.exe

Remote address:

8.8.8.8:53

Request

e2c64.gcp.gvt2.com

IN A

Response

e2c64.gcp.gvt2.com

IN A

34.162.18.59
POST

https://e2c64.gcp.gvt2.com/nel/

chrome.exe

Remote address:

34.162.18.59:443

Request

POST /nel/ HTTP/2.0
host: e2c64.gcp.gvt2.com
content-length: 268
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Sat, 02 Nov 2024 14:29:31 GMT
DNS

14.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.200.250.142.in-addr.arpa

IN PTR

Response

14.200.250.142.in-addr.arpa

IN PTR

lhr48s29-in-f141e100net
DNS

59.18.162.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

59.18.162.34.in-addr.arpa

IN PTR

Response

59.18.162.34.in-addr.arpa

IN PTR

591816234bcgoogleusercontentcom
DNS

drive.usercontent.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

drive.usercontent.google.com

IN A

Response

drive.usercontent.google.com

IN A

172.217.16.225
OPTIONS

https://drive.usercontent.google.com/uc?id=1fKKzbwkdZ1NgzVKVzAzaYKLxkdhkedsP&authuser=0&export=download

chrome.exe

Remote address:

172.217.16.225:443

Request

OPTIONS /uc?id=1fKKzbwkdZ1NgzVKVzAzaYKLxkdhkedsP&authuser=0&export=download HTTP/2.0
host: drive.usercontent.google.com
accept: */*
access-control-request-method: POST
access-control-request-headers: x-drive-first-party,x-json-requested
origin: https://drive.google.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: same-site
sec-fetch-dest: empty
referer: https://drive.google.com/
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9
DNS

225.16.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

225.16.217.172.in-addr.arpa

IN PTR

Response

225.16.217.172.in-addr.arpa

IN PTR

mad08s04-in-f11e100net

225.16.217.172.in-addr.arpa

IN PTR

lhr48s28-in-f1�H
POST

https://beacons.gcp.gvt2.com/domainreliability/upload

chrome.exe

Remote address:

216.58.213.3:443

Request

POST /domainreliability/upload HTTP/2.0
host: beacons.gcp.gvt2.com
content-length: 279
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br, zstd
accept-language: en-US,en;q=0.9

142.250.187.206:443

https://drive.google.com/drive/folders/1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf

tls, http2

chrome.exe

4.2kB
81.9kB
49
80

HTTP Request

GET https://drive.google.com/drive/u/1/folders/1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf

HTTP Request

GET https://drive.google.com/drive/folders/1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf
216.58.201.110:443

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0?le=scs

tls, http2

chrome.exe

4.5kB
128.2kB
62
105

HTTP Request

GET https://apis.google.com/js/api.js

HTTP Request

GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0?le=scs
216.58.204.67:443

https://ssl.gstatic.com/docs/common/cleardot.gif?zx=clmt231rwvcp

tls, http2

chrome.exe

2.5kB
10.4kB
22
23

HTTP Request

GET https://ssl.gstatic.com/images/branding/product/1x/drive_2020q4_48dp.png

HTTP Request

GET https://ssl.gstatic.com/docs/doclist/images/empty_state_empty_folder.svg

HTTP Request

GET https://ssl.gstatic.com/docs/common/cleardot.gif?zx=o08vbva75ldy

HTTP Request

GET https://ssl.gstatic.com/docs/common/cleardot.gif?zx=clmt231rwvcp
216.58.204.67:443

ssl.gstatic.com

tls, http2

chrome.exe

1.0kB
5.6kB
9
8
142.250.187.202:443

drivefrontend-pa.clients6.google.com

tls

chrome.exe

1.0kB
10.3kB
10
11
142.250.187.202:443

https://drivefrontend-pa.clients6.google.com/v1/items:list?key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE

tls, http2

chrome.exe

4.1kB
14.2kB
36
39

HTTP Request

OPTIONS https://drivefrontend-pa.clients6.google.com/v1/items:get?ids=1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE

HTTP Request

OPTIONS https://drivefrontend-pa.clients6.google.com/v1/items:get?ids=1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE

HTTP Request

OPTIONS https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData

HTTP Request

OPTIONS https://drivefrontend-pa.clients6.google.com/v1/items:get?ids=1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE

HTTP Request

OPTIONS https://drivefrontend-pa.clients6.google.com/v1/items:get?ids=1Wa5d6JKZ1IjnpwNuS1L_9yh4iQiQcAcf&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE

HTTP Request

POST https://ogads-pa.googleapis.com/$rpc/google.internal.onegoogle.asyncdata.v1.AsyncDataService/GetAsyncData

HTTP Request

OPTIONS https://drivefrontend-pa.clients6.google.com/v1/items:list?key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE
142.250.200.42:443

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQkknWfFho4pVhIFDct1Jj0hRj-GrNHOsN4=?alt=proto

tls, http2

chrome.exe

1.9kB
6.8kB
15
16

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQkknWfFho4pVhIFDct1Jj0hRj-GrNHOsN4=?alt=proto
172.217.169.10:443

https://people-pa.clients6.google.com/batch?%24ct=multipart%2Fmixed%3B%20boundary%3D%22%3D%3D%3D%3D%3D2kzyscmsrho1%3D%3D%3D%3D%3D%22&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE

tls, http2

chrome.exe

3.1kB
12.9kB
18
19

HTTP Request

POST https://people-pa.clients6.google.com/batch?%24ct=multipart%2Fmixed%3B%20boundary%3D%22%3D%3D%3D%3D%3D2kzyscmsrho1%3D%3D%3D%3D%3D%22&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE
142.250.180.4:443

www.google.com

tls

chrome.exe

970 B
4.6kB
8
9
172.217.16.238:443

https://consent.google.com/save?continue=https://www.google.com/search?q%3Dwinzip%26oq%3Dwinzip%26gs_lcrp%3DEgZjaHJvbWUyBggAEEUYOdIBCDEyMTZqMGo3qAIAsAIA%26sourceid%3Dchrome%26ie%3DUTF-8&gl=UK&m=0&pc=srp&x=5&src=2&hl=en&bl=gws_20241029-0_RC2&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true

tls, http2

chrome.exe

15.4kB
12.8kB
35
39

HTTP Request

POST https://play.google.com/log?format=json&hasfast=true

HTTP Request

POST https://play.google.com/log?format=json&hasfast=true&authuser=0

HTTP Request

POST https://play.google.com/log?format=json&hasfast=true&authuser=0

HTTP Request

POST https://consent.google.com/save?continue=https://www.google.com/search?q%3Dwinzip%26oq%3Dwinzip%26gs_lcrp%3DEgZjaHJvbWUyBggAEEUYOdIBCDEyMTZqMGo3qAIAsAIA%26sourceid%3Dchrome%26ie%3DUTF-8&gl=UK&m=0&pc=srp&x=5&src=2&hl=en&bl=gws_20241029-0_RC2&uxe=none&cm=2&set_eom=false&set_aps=true&set_sc=true
216.58.201.110:443

https://contacts.google.com/widget/hovercard/v/2?origin=https%3A%2F%2Fdrive.google.com&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.SGzW6IeCawI.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw%2Fm%3D__features__

tls, http2

chrome.exe

3.0kB
19.8kB
27
26

HTTP Request

GET https://contacts.google.com/widget/hovercard/v/2?origin=https%3A%2F%2Fdrive.google.com&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.SGzW6IeCawI.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw%2Fm%3D__features__
216.58.213.1:443

https://drive-thirdparty.googleusercontent.com/16/type/application/octet-stream

tls, http2

chrome.exe

2.2kB
12.2kB
18
17

HTTP Request

GET https://drive-thirdparty.googleusercontent.com/16/type/application/x-rar

HTTP Request

GET https://drive-thirdparty.googleusercontent.com/16/type/application/octet-stream
216.58.213.1:443

drive-thirdparty.googleusercontent.com

tls

chrome.exe

1.1kB
9.8kB
12
10
216.58.213.3:443

https://beacons.gcp.gvt2.com/domainreliability/upload

tls, http2

chrome.exe

4.8kB
7.0kB
26
19

HTTP Request

POST https://beacons.gcp.gvt2.com/domainreliability/upload

HTTP Request

POST https://beacons.gcp.gvt2.com/domainreliability/upload

HTTP Request

POST https://beacons.gcp.gvt2.com/domainreliability/upload
142.250.178.14:443

https://clients6.google.com/drive/v2beta/files/1fKKzbwkdZ1NgzVKVzAzaYKLxkdhkedsP?fields=preview%2Ckind&supportsTeamDrives=true&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE

tls, http2

chrome.exe

4.1kB
11.3kB
19
22

HTTP Request

GET https://clients6.google.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.SGzW6IeCawI.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw%2Fm%3D__features__

HTTP Request

GET https://clients6.google.com/drive/v2beta/files/1fKKzbwkdZ1NgzVKVzAzaYKLxkdhkedsP?fields=alternateLink%2CcopyRequiresWriterPermission%2CcreatedDate%2Cdescription%2CdriveId%2CfileSize%2CiconLink%2Cid%2Clabels(starred%2C%20trashed)%2ClastViewedByMeDate%2CmodifiedDate%2Cshared%2CteamDriveId%2CabuseNoticeReason%2CrestrictionVisualizationCallouts%2ClabelInfo%2CuserPermission(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cpermissions(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cparents(id)%2Ccapabilities(canMoveItemWithinDrive%2CcanMoveItemOutOfDrive%2CcanMoveItemOutOfTeamDrive%2CcanAddChildren%2CcanDownload%2CcanComment%2CcanEdit%2CcanInitiateEsignature%2CcanMoveChildrenWithinDrive%2CcanMoveItemIntoTeamDrive%2CcanRename%2CcanRemoveChildren)%2Ckind&supportsTeamDrives=true&includeBadgedLabels=true&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE

HTTP Request

GET https://clients6.google.com/drive/v2beta/files/1fKKzbwkdZ1NgzVKVzAzaYKLxkdhkedsP?fields=preview%2Ckind&supportsTeamDrives=true&key=AIzaSyC1qbk75NzWBvSaDh6KnsjjA9pIrP4lYIE
142.250.187.234:443

https://blobcomments-pa.clients6.google.com/v1/metadata?docId=1fKKzbwkdZ1NgzVKVzAzaYKLxkdhkedsP&revisionId&userLocale=en-GB&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&populateExperimentConfig=true&key=AIzaSyD_InbmSFufIEps5UAt2NmB_3LvBH3Sz_8&%24unique=gc797

tls, http2

chrome.exe

3.0kB
14.7kB
19
24

HTTP Request

OPTIONS https://blobcomments-pa.clients6.google.com/v1/metadata?docId=1fKKzbwkdZ1NgzVKVzAzaYKLxkdhkedsP&revisionId&userLocale=en-GB&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&populateExperimentConfig=true&key=AIzaSyD_InbmSFufIEps5UAt2NmB_3LvBH3Sz_8&%24unique=gc797

HTTP Request

GET https://blobcomments-pa.clients6.google.com/v1/metadata?docId=1fKKzbwkdZ1NgzVKVzAzaYKLxkdhkedsP&revisionId&userLocale=en-GB&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&populateExperimentConfig=true&key=AIzaSyD_InbmSFufIEps5UAt2NmB_3LvBH3Sz_8&%24unique=gc797
172.217.16.238:443

play.google.com

tls, http2

chrome.exe

1.1kB
7.7kB
11
11
216.239.34.157:443

tunnel.googlezip.net

tls, http2

chrome.exe

4.0kB
27.9kB
33
39

HTTP Request

CONNECT

HTTP Response

200
216.239.34.157:443

tunnel.googlezip.net

tls, http2

chrome.exe

6.1kB
116.2kB
71
101

HTTP Request

CONNECT

HTTP Response

200
72.246.149.172:443

https://www.winzip.com/static/wz/images/favicon.ico

tls, http2

chrome.exe

18.0kB
452.7kB
254
373

HTTP Request

GET https://www.winzip.com/en/pages/download/winzip-v1/?x-target=ppc&promo=ppc&utm_source=google&utm_medium=cpc&utm_campaign=wz-dd-all-adwordsppc&utm_content=153948320389&utm_term=winzip&utm_id=20624671898&gad_source=1&gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE

HTTP Response

200

HTTP Request

GET https://www.winzip.com/static/common/fonts/nbinternationalproreg-webfont.woff2

HTTP Request

GET https://www.winzip.com/static/common/fonts/nbinternationalpromed-webfont.woff2

HTTP Request

GET https://www.winzip.com/static/common/css/bootstrap-5/bootstrap.defer.min.css

HTTP Request

GET https://www.winzip.com/static/wz/css/global.defer.css?v=1

HTTP Request

GET https://www.winzip.com/static/wz/css/pages/download/winzip-v1/styles.css

HTTP Request

GET https://www.winzip.com/static/common/scripts/gtm/gtm-container.min.js

HTTP Request

GET https://www.winzip.com/static/common/scripts/jquery-3.6.0.min.js

HTTP Request

GET https://www.winzip.com/static/common/scripts/dynamic-pricing/dynamic-pricing-promotions.min.js

HTTP Request

GET https://www.winzip.com/static/wz/images/logo-winzip.png

HTTP Request

GET https://www.winzip.com/static/wz/images/pages/download/boxshots/boxshot-standard-download-en.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.winzip.com/static/wz/css/global.defer.css?v=1

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.winzip.com/static/wz/images/pages/cnet-rating.png

HTTP Request

GET https://www.winzip.com/static/common/scripts/_common-footer-scripts.min.js

HTTP Request

GET https://www.winzip.com/static/wz/data/price_data.json?callback=price_data

HTTP Request

GET https://www.winzip.com/static/wz/data/promo_data.json?callback=promo_data

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.winzip.com/static/common/scripts/jquery.lazyloadxt.extra.min.js

HTTP Request

GET https://www.winzip.com/static/common/scripts/jquery.magnific-popup.min.js

HTTP Request

GET https://www.winzip.com/static/wz/images/downloadhelper/test/chrome.png

HTTP Request

GET https://www.winzip.com/static/wz/images/downloadhelper/test/step2.jpg

HTTP Request

GET https://www.winzip.com/static/wz/scripts/downloadtrial.js

HTTP Request

GET https://www.winzip.com/static/wz/scripts/trial-installer.js

HTTP Request

GET https://www.winzip.com/static/wz/scripts/x-target.js

HTTP Request

GET https://www.winzip.com/static/wz/scripts/ua-parser.min.js

HTTP Request

GET https://www.winzip.com/static/wz/images/pages/check-mark.png

HTTP Request

GET https://www.winzip.com/static/wz/images/winzip-logo-white.svg

HTTP Request

GET https://www.winzip.com/static/common/images/logo/logo-alludo-fw.svg

HTTP Request

GET https://www.winzip.com/static/common/scripts/_common-footer-scripts-async.min.js

HTTP Request

GET https://www.winzip.com/static/common/scripts/dynamic-pricing/dynamic-pricing.optinmonster.min.js

HTTP Request

GET https://www.winzip.com/static/wz/images/downloadhelper/test/step3.jpg

HTTP Request

GET https://www.winzip.com/static/common/css/bootstrap-5/bootstrap.min.css

HTTP Request

GET https://www.winzip.com/static/common/css/bootstrap-5/bootstrap-ie11.min.css

HTTP Request

GET https://www.winzip.com/static/wz/images/icons/download-01.svg

HTTP Request

GET https://www.winzip.com/static/wz/css/pages/download/images/win-fastest-bg.jpg

HTTP Request

GET https://www.winzip.com/static/common/icons/bootstrap-5/globe2.svg

HTTP Request

GET https://www.winzip.com/static/common/icons/bootstrap-5/chevron-up.svg

HTTP Request

GET https://www.winzip.com/static/common/fonts/nbinternationalproita-webfont.woff2

HTTP Request

GET https://www.winzip.com/static/common/fonts/nbinternationalprobol-webfont.woff2

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.winzip.com/static/common/scripts/bootstrap-5/bootstrap.bundle.min.js

HTTP Response

200

HTTP Response

200

HTTP Response

404

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.winzip.com/geolookup.html?_=1730557722275

HTTP Response

200

HTTP Request

GET https://www.winzip.com/static/wz/data/x-target_data.json?_=1730557722276

HTTP Request

GET https://www.winzip.com/static/wz/images/pages/download/ico_comma_up.png

HTTP Request

GET https://www.winzip.com/static/wz/images/pages/download/ico_comma_dwn.png

HTTP Request

GET https://www.winzip.com/static/wz/images/pages/convert-to-pdf/ppc-compression.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.winzip.com/static/wz/images/favicon.ico

HTTP Response

200

HTTP Response

200
72.246.149.172:443

www.winzip.com

tls, http2

chrome.exe

1.1kB
5.2kB
9
12
104.18.65.57:443

https://cdn.optimizely.com/js/26811070246.js

tls, http2

chrome.exe

4.6kB
93.6kB
77
76

HTTP Request

GET https://cdn.optimizely.com/js/26811070246.js

HTTP Response

200
104.18.65.57:443

https://a25968344087.cdn.optimizely.com/client_storage/a25968344087.html

tls, http2

chrome.exe

1.8kB
4.8kB
12
11

HTTP Request

GET https://a25968344087.cdn.optimizely.com/client_storage/a25968344087.html

HTTP Response

200
104.17.249.203:443

https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

tls, http2

chrome.exe

2.0kB
7.8kB
17
19

HTTP Request

GET https://unpkg.com/web-vitals/dist/web-vitals.iife.js

HTTP Response

302

HTTP Request

GET https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

HTTP Response

200
216.239.34.36:443

https://region1.google-analytics.com/g/collect?v=2&tid=G-73J027E48R&gtm=45je4au0v894478962z8892103069za200zb892103069&_p=1730557722246&gcs=G100&gcd=13p3p3p3p5l1&npa=1&dma_cps=-&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=60364287.1730557723&ul=en-us&sr=1280x720&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&_s=2&sid=1730557722&sct=1&seg=0&dl=https%3A%2F%2Fwww.winzip.com%2Fen%2Fpages%2Fdownload%2Fwinzip-v1%2F%3Fx-target%3Dppc%26promo%3Dppc%26utm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Dwz-dd-all-adwordsppc%26utm_content%3D153948320389%26utm_term%3Dwinzip%26utm_id%3D20624671898%26gad_source%3D1%26gclid%3DEAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE&dr=https%3A%2F%2Fwww.google.com%2F&dt=Download%20WinZip&en=exception&ep.gtm_container_env=GTM-565KQNW%20-%20&ep.url_gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE&ep.url_utm_source=google&ep.url_utm_medium=cpc&ep.url_utm_campaign=wz-dd-all-adwordsppc&ep.url_utm_term=winzip&ep.url_utm_content=153948320389&ep.url_utm_id=20624671898&ep.alludo_id=alid.585797545.1730557722&ep.description=37%20%7C%20Message%3AUncaught%20TypeError%3A%20Cannot%20read%20properties%20of%20undefined%20(reading%20%27search%27)%20%7C%20URL%3Ahttps%3A%2F%2Fwww.winzip.com%2Fstatic%2Fwz%2Fscripts%2Ftrial-installer.js&_et=93&tfd=3442

tls, http2

chrome.exe

4.0kB
7.3kB
16
15

HTTP Request

POST https://region1.google-analytics.com/g/collect?v=2&tid=G-73J027E48R&gtm=45je4au0v894478962z8892103069za200zb892103069&_p=1730557722246&gcs=G100&gcd=13p3p3p3p5l1&npa=1&dma_cps=-&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=60364287.1730557723&ul=en-us&sr=1280x720&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&_s=1&sid=1730557722&sct=1&seg=0&dl=https%3A%2F%2Fwww.winzip.com%2Fen%2Fpages%2Fdownload%2Fwinzip-v1%2F%3Fx-target%3Dppc%26promo%3Dppc%26utm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Dwz-dd-all-adwordsppc%26utm_content%3D153948320389%26utm_term%3Dwinzip%26utm_id%3D20624671898%26gad_source%3D1%26gclid%3DEAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE&dr=https%3A%2F%2Fwww.google.com%2F&dt=Download%20WinZip&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_container_env=GTM-565KQNW%20-%20&ep.url_gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE&ep.url_utm_source=google&ep.url_utm_medium=cpc&ep.url_utm_campaign=wz-dd-all-adwordsppc&ep.url_utm_term=winzip&ep.url_utm_content=153948320389&ep.url_utm_id=20624671898&ep.alludo_id=alid.585797545.1730557722&tfd=1566

HTTP Request

POST https://region1.google-analytics.com/g/collect?v=2&tid=G-73J027E48R&gtm=45je4au0v894478962z8892103069za200zb892103069&_p=1730557722246&gcs=G100&gcd=13p3p3p3p5l1&npa=1&dma_cps=-&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=60364287.1730557723&ul=en-us&sr=1280x720&lps=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.123%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.123&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&_s=2&sid=1730557722&sct=1&seg=0&dl=https%3A%2F%2Fwww.winzip.com%2Fen%2Fpages%2Fdownload%2Fwinzip-v1%2F%3Fx-target%3Dppc%26promo%3Dppc%26utm_source%3Dgoogle%26utm_medium%3Dcpc%26utm_campaign%3Dwz-dd-all-adwordsppc%26utm_content%3D153948320389%26utm_term%3Dwinzip%26utm_id%3D20624671898%26gad_source%3D1%26gclid%3DEAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE&dr=https%3A%2F%2Fwww.google.com%2F&dt=Download%20WinZip&en=exception&ep.gtm_container_env=GTM-565KQNW%20-%20&ep.url_gclid=EAIaIQobChMI6JLF7-29iQMVHpRQBh1mHyEJEAAYASAAEgLbpvD_BwE&ep.url_utm_source=google&ep.url_utm_medium=cpc&ep.url_utm_campaign=wz-dd-all-adwordsppc&ep.url_utm_term=winzip&ep.url_utm_content=153948320389&ep.url_utm_id=20624671898&ep.alludo_id=alid.585797545.1730557722&ep.description=37%20%7C%20Message%3AUncaught%20TypeError%3A%20Cannot%20read%20properties%20of%20undefined%20(reading%20%27search%27)%20%7C%20URL%3Ahttps%3A%2F%2Fwww.winzip.com%2Fstatic%2Fwz%2Fscripts%2Ftrial-installer.js&_et=93&tfd=3442
72.246.149.172:443

https://www.corel.com/geolookup.html

tls, http2

chrome.exe

1.8kB
5.9kB
13
18

HTTP Request

GET https://www.corel.com/geolookup.html

HTTP Response

200
104.18.87.42:443

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

tls, http2

chrome.exe

5.6kB
169.0kB
89
156

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

HTTP Response

200

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/202402.1.0/otBannerSdk.js

HTTP Response

200

HTTP Request

GET https://cdn.cookielaw.org/logos/static/ot_close.svg

HTTP Request

GET https://cdn.cookielaw.org/logos/7439b2e3-651f-4211-a0ed-68c232ec3332/96ef4ee5-50d8-4ced-8132-812f1e8a1270/e864d848-1fa5-4d51-81fc-a91c6faa9dab/314132f6-8524-4d25-8270-fa5d0634fe22.jpg

HTTP Request

GET https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

HTTP Response

200

HTTP Response

200

HTTP Response

200
104.18.87.42:443

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

tls, http2

chrome.exe

3.6kB
48.1kB
44
63

HTTP Request

GET https://cdn.cookielaw.org/consent/e3da808f-4b57-47db-af1e-f01683d7a52a/e3da808f-4b57-47db-af1e-f01683d7a52a.json

HTTP Response

200

HTTP Request

GET https://cdn.cookielaw.org/consent/e3da808f-4b57-47db-af1e-f01683d7a52a/018df7a8-d9c5-735e-92b7-076de9497467/en.json

HTTP Response

200

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/202402.1.0/assets/otFlat.json

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/202402.1.0/assets/v2/otPcCenter.json

HTTP Request

GET https://cdn.cookielaw.org/scripttemplates/202402.1.0/assets/otCommonStyles.css

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

HTTP Response

200
104.18.32.137:443

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

tls, http2

chrome.exe

1.7kB
3.8kB
13
12

HTTP Request

GET https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

HTTP Response

200
142.250.200.42:443

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQkMuc7htNtgKBIFDaWTNiQhdyrudYZ0ujY=?alt=proto

tls, http2

chrome.exe

1.8kB
6.6kB
14
13

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQkMuc7htNtgKBIFDaWTNiQhdyrudYZ0ujY=?alt=proto
172.64.155.119:443

https://privacyportal.onetrust.com/request/v1/consentreceipts

tls, http2

chrome.exe

13.1kB
3.7kB
20
13

HTTP Request

POST https://privacyportal.onetrust.com/request/v1/consentreceipts

HTTP Response

201
142.250.200.46:443

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTEQ740YCEp8_fMA6zjw9ZwS_ad-ScK2L8M3ZZ7QoqghPWwWxBMgZfQ&usqp=CAE&s

tls, http2

chrome.exe

2.2kB
10.3kB
17
17

HTTP Request

GET https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQk9iVgGX9zISp_HJcFJ72B7r9GbnMM4HVGuijh2ESifGcoXeNRjNFl&usqp=CAE&s

HTTP Request

GET https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTEQ740YCEp8_fMA6zjw9ZwS_ad-ScK2L8M3ZZ7QoqghPWwWxBMgZfQ&usqp=CAE&s
216.58.213.3:443

https://id.google.com/verify/AHEVGRybCFvx25OmNg-hMYiLgcdrJwviqo21tSpoRgeoA_0KGWV3cdaBL60MVibuMxD9i0LFNcz0brwZFhY_3xgxKbRn1HRm_rKu_mY2ImtsNYHM

tls, http2

chrome.exe

2.2kB
9.5kB
13
15

HTTP Request

GET https://id.google.com/verify/AHEVGRybCFvx25OmNg-hMYiLgcdrJwviqo21tSpoRgeoA_0KGWV3cdaBL60MVibuMxD9i0LFNcz0brwZFhY_3xgxKbRn1HRm_rKu_mY2ImtsNYHM
216.239.34.157:443

tunnel.googlezip.net

tls, http2

chrome.exe

4.4kB
40.7kB
43
46

HTTP Request

CONNECT

HTTP Response

200
216.239.34.157:443

tunnel.googlezip.net

tls, http2

chrome.exe

3.4kB
14.4kB
24
29

HTTP Request

CONNECT

HTTP Response

200
51.195.68.163:443

https://www.win-rar.com/fileadmin/images/common/favicon.ico

tls, http2

chrome.exe

7.6kB
116.4kB
101
133

HTTP Request

GET https://www.win-rar.com/

HTTP Response

302

HTTP Request

GET https://www.win-rar.com/start.html?&L=0

HTTP Response

200

HTTP Request

GET https://www.win-rar.com/fileadmin/templates/style.css?1704275748

HTTP Request

GET https://www.win-rar.com/typo3temp/stylesheet_5d370599a3.css?1630582047

HTTP Request

GET https://www.win-rar.com/fileadmin/templates/images.css?1627980766

HTTP Request

GET https://www.win-rar.com/fileadmin/templates/footer.css?1675426476

HTTP Request

GET https://www.win-rar.com/fileadmin/templates/formhandler/jquery-3.7.1.slim.min.js

HTTP Request

GET https://www.win-rar.com/fileadmin/templates/logo-winrar.png

HTTP Request

GET https://www.win-rar.com/uploads/pics/rar-archive-8_d8215f_10.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.win-rar.com/fileadmin/images/awards/award-moosoft-winrar.png

HTTP Request

GET https://www.win-rar.com/fileadmin/images/icons/fb.svg

HTTP Request

GET https://www.win-rar.com/fileadmin/images/icons/tw.svg

HTTP Request

GET https://www.win-rar.com/fileadmin/images/icons/yt.svg

HTTP Request

GET https://www.win-rar.com/fileadmin/templates/formhandler/ckrule.js

HTTP Request

GET https://www.win-rar.com/fileadmin/templates/style-mx.css?1704277066

HTTP Request

GET https://www.win-rar.com/fileadmin/templates/footer-mx.css?1661158051

HTTP Request

GET https://www.win-rar.com/fileadmin/images/buttons/button_buy_blank.png

HTTP Request

GET https://www.win-rar.com/fileadmin/images/buttons/button_download_blank.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.win-rar.com/fileadmin/images/common/favicon.ico

HTTP Response

200
51.195.68.163:443

www.win-rar.com

tls

chrome.exe

1.1kB
3.5kB
11
11
51.195.68.163:443

https://www.win-rar.com/fileadmin/images/boxshots/checkgreen.jpg

tls, http2

chrome.exe

3.5kB
39.2kB
32
48

HTTP Request

GET https://www.win-rar.com/predownload.html?&L=0

HTTP Response

200

HTTP Request

GET https://www.win-rar.com/fileadmin/templates/defaultStyle.css?1627021175

HTTP Request

GET https://www.win-rar.com/typo3temp/stylesheet_3af1ea9423.css?1620143933

HTTP Request

GET https://www.win-rar.com/fileadmin/images/winrar-archive.png

HTTP Request

GET https://www.win-rar.com/fileadmin/images/buttons/button_buy_en.jpg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.win-rar.com/fileadmin/templates/defaultstyle-mx.css?1661155123

HTTP Request

GET https://www.win-rar.com/fileadmin/images/boxshots/checkgreen.jpg

HTTP Response

200

HTTP Response

200
51.195.68.163:443

https://www.win-rar.com/fileadmin/images/help/winrar-installation-step-3.png

tls, http2

chrome.exe

88.1kB
4.3MB
1792
3134

HTTP Request

GET https://www.win-rar.com/postdownload.html?&L=0

HTTP Response

200

HTTP Request

GET https://www.win-rar.com/fileadmin/scripts/captcha/captcha.php?RELOAD=

HTTP Request

GET https://www.win-rar.com/fileadmin/templates/formhandler/apphelp-min.js

HTTP Request

GET https://www.win-rar.com/fileadmin/templates/style_max640.css?1660814472

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.win-rar.com/fileadmin/winrar-versions/winrar/winrar-x64-701.exe

HTTP Response

200

HTTP Request

GET https://www.win-rar.com/fileadmin/images/helper/winrar-download-chrome.png

HTTP Request

GET https://www.win-rar.com/fileadmin/images/helper/user_account_control.png

HTTP Request

GET https://www.win-rar.com/fileadmin/images/help/winrar-installation-step-1.png

HTTP Request

GET https://www.win-rar.com/fileadmin/images/help/winrar-installation-step-2.png

HTTP Request

GET https://www.win-rar.com/fileadmin/images/help/winrar-installation-step-3.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
142.250.200.42:443

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSJwnWoa3M2k6_-BIFDd-_eKsSBQ3MyiRgEgUNg6hbPSFiMwkme6VkSw==?alt=proto

tls, http2

chrome.exe

1.8kB
6.7kB
13
13

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSJwnWoa3M2k6_-BIFDd-_eKsSBQ3MyiRgEgUNg6hbPSFiMwkme6VkSw==?alt=proto
142.250.200.14:443

https://google.com/domainreliability/upload

tls, http2

chrome.exe

2.5kB
9.1kB
16
16

HTTP Request

POST https://google.com/domainreliability/upload
108.177.15.84:443

https://accounts.google.com/domainreliability/upload

tls, http2

chrome.exe

2.7kB
6.5kB
15
13

HTTP Request

POST https://accounts.google.com/domainreliability/upload
34.162.18.59:443

https://e2c64.gcp.gvt2.com/nel/

tls, http2

chrome.exe

1.9kB
5.7kB
16
16

HTTP Request

POST https://e2c64.gcp.gvt2.com/nel/

HTTP Response

204
172.217.16.225:443

https://drive.usercontent.google.com/uc?id=1fKKzbwkdZ1NgzVKVzAzaYKLxkdhkedsP&authuser=0&export=download

tls, http2

chrome.exe

1.8kB
6.6kB
13
14

HTTP Request

OPTIONS https://drive.usercontent.google.com/uc?id=1fKKzbwkdZ1NgzVKVzAzaYKLxkdhkedsP&authuser=0&export=download
216.58.213.3:443

https://beacons.gcp.gvt2.com/domainreliability/upload

tls, http2

chrome.exe

2.1kB
6.5kB
15
14

HTTP Request

POST https://beacons.gcp.gvt2.com/domainreliability/upload

8.8.8.8:53

drive.google.com

dns

chrome.exe

62 B
78 B
1
1

DNS Request

drive.google.com

DNS Response

142.250.187.206
142.250.187.206:443

drive.google.com

https

chrome.exe

38.1kB
2.2MB
337
1835
8.8.8.8:53

172.214.232.199.in-addr.arpa

dns

74 B
128 B
1
1

DNS Request

172.214.232.199.in-addr.arpa
8.8.8.8:53

74.169.217.172.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

74.169.217.172.in-addr.arpa
8.8.8.8:53

104.219.191.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

104.219.191.52.in-addr.arpa
8.8.8.8:53

apis.google.com

dns

chrome.exe

61 B
98 B
1
1

DNS Request

apis.google.com

DNS Response

216.58.201.110
8.8.8.8:53

ssl.gstatic.com

dns

chrome.exe

61 B
77 B
1
1

DNS Request

ssl.gstatic.com

DNS Response

216.58.204.67
216.58.201.110:443

apis.google.com

https

chrome.exe

11.3kB
388.2kB
89
316
216.58.204.67:443

ssl.gstatic.com

https

chrome.exe

9.9kB
68.3kB
91
112
8.8.8.8:53

drivefrontend-pa.clients6.google.com

dns

chrome.exe

82 B
98 B
1
1

DNS Request

drivefrontend-pa.clients6.google.com

DNS Response

142.250.187.202
8.8.8.8:53

content-autofill.googleapis.com

dns

chrome.exe

77 B
301 B
1
1

DNS Request

content-autofill.googleapis.com

DNS Response

142.250.200.42

216.58.213.10

172.217.169.74

142.250.180.10

172.217.16.234

142.250.179.234

142.250.178.10

216.58.212.202

142.250.187.202

216.58.204.74

216.58.201.106

172.217.169.42

142.250.200.10

142.250.187.234
8.8.8.8:53

68.32.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

68.32.126.40.in-addr.arpa
8.8.8.8:53

10.178.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

10.178.250.142.in-addr.arpa
8.8.8.8:53

110.201.58.216.in-addr.arpa

dns

73 B
173 B
1
1

DNS Request

110.201.58.216.in-addr.arpa
8.8.8.8:53

67.204.58.216.in-addr.arpa

dns

72 B
169 B
1
1

DNS Request

67.204.58.216.in-addr.arpa
8.8.8.8:53

95.221.229.192.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

95.221.229.192.in-addr.arpa
8.8.8.8:53

35.200.250.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

35.200.250.142.in-addr.arpa
8.8.8.8:53

227.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

227.187.250.142.in-addr.arpa
8.8.8.8:53

ogads-pa.googleapis.com

dns

chrome.exe

69 B
309 B
1
1

DNS Request

ogads-pa.googleapis.com

DNS Response

142.250.178.10

142.250.179.234

142.250.180.10

172.217.169.42

172.217.169.10

142.250.187.202

216.58.213.10

216.58.212.202

142.250.187.234

142.250.200.10

216.58.201.106

172.217.169.74

216.58.204.74

172.217.16.234

142.250.200.42
142.250.187.202:443

ogads-pa.googleapis.com

https

chrome.exe

6.4kB
10.7kB
26
27
8.8.8.8:53

people-pa.clients6.google.com

dns

chrome.exe

75 B
91 B
1
1

DNS Request

people-pa.clients6.google.com

DNS Response

172.217.169.10
8.8.8.8:53

www.google.com

dns

chrome.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.180.4
142.250.180.4:443

www.google.com

https

chrome.exe

3.9kB
7.7kB
10
11
8.8.8.8:53

202.187.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

202.187.250.142.in-addr.arpa
8.8.8.8:53

42.200.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

42.200.250.142.in-addr.arpa
8.8.8.8:53

10.169.217.172.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

10.169.217.172.in-addr.arpa
8.8.8.8:53

4.180.250.142.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

4.180.250.142.in-addr.arpa
8.8.8.8:53

play.google.com

dns

chrome.exe

61 B
77 B
1
1

DNS Request

play.google.com

DNS Response

172.217.16.238
8.8.8.8:53

238.16.217.172.in-addr.arpa

dns

73 B
142 B
1
1

DNS Request

238.16.217.172.in-addr.arpa
172.217.16.238:443

play.google.com

https

chrome.exe

3.5kB
7.2kB
10
13
172.217.16.238:443

play.google.com

https

chrome.exe

12.5kB
8.6kB
19
20
8.8.8.8:53

contacts.google.com

dns

chrome.exe

65 B
102 B
1
1

DNS Request

contacts.google.com

DNS Response

216.58.201.110
224.0.0.251:5353

chrome.exe

204 B
3
142.250.187.202:443

ogads-pa.googleapis.com

https

chrome.exe

3.4kB
8.5kB
9
12
8.8.8.8:53

drive-thirdparty.googleusercontent.com

dns

chrome.exe

84 B
129 B
1
1

DNS Request

drive-thirdparty.googleusercontent.com

DNS Response

216.58.213.1
8.8.8.8:53

1.213.58.216.in-addr.arpa

dns

71 B
138 B
1
1

DNS Request

1.213.58.216.in-addr.arpa
8.8.8.8:53

197.87.175.4.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

197.87.175.4.in-addr.arpa
8.8.8.8:53

18.31.95.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

18.31.95.13.in-addr.arpa
142.250.187.206:443

drive.google.com

https

chrome.exe

76.1kB
241.4kB
127
248
8.8.8.8:53

beacons.gcp.gvt2.com

dns

chrome.exe

66 B
112 B
1
1

DNS Request

beacons.gcp.gvt2.com

DNS Response

216.58.213.3
8.8.8.8:53

3.213.58.216.in-addr.arpa

dns

71 B
138 B
1
1

DNS Request

3.213.58.216.in-addr.arpa
172.217.16.238:443

play.google.com

https

chrome.exe

11.9kB
2.4kB
16
7
172.217.16.238:443

play.google.com

https

chrome.exe

30.5kB
7.2kB
49
44
216.58.213.3:443

beacons.gcp.gvt2.com

https

chrome.exe

1.6kB
6.3kB
4
7
8.8.8.8:53

clients6.google.com

dns

chrome.exe

65 B
105 B
1
1

DNS Request

clients6.google.com

DNS Response

142.250.178.14
8.8.8.8:53

blobcomments-pa.clients6.google.com

dns

chrome.exe

81 B
97 B
1
1

DNS Request

blobcomments-pa.clients6.google.com

DNS Response

142.250.187.234
8.8.8.8:53

accounts.google.com

dns

chrome.exe

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

108.177.15.84
108.177.15.84:443

accounts.google.com

https

chrome.exe

4.4kB
13.7kB
17
22
216.58.201.110:443

contacts.google.com

https

chrome.exe

3.6kB
37.2kB
24
38
142.250.187.234:443

blobcomments-pa.clients6.google.com

https

chrome.exe

1.6kB
7.0kB
4
8
142.250.178.14:443

clients6.google.com

https

chrome.exe

2.9kB
7.1kB
5
8
142.250.180.4:443

www.google.com

https

chrome.exe

92.0kB
1.8MB
496
1704
8.8.8.8:53

234.187.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

234.187.250.142.in-addr.arpa
8.8.8.8:53

14.178.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

14.178.250.142.in-addr.arpa
8.8.8.8:53

84.15.177.108.in-addr.arpa

dns

72 B
105 B
1
1

DNS Request

84.15.177.108.in-addr.arpa
8.8.8.8:53

peoplestackwebexperiments-pa.clients6.google.com

dns

chrome.exe

94 B
110 B
1
1

DNS Request

peoplestackwebexperiments-pa.clients6.google.com

DNS Response

142.250.178.10
172.217.16.238:443

play.google.com

https

chrome.exe

4.0kB
7.6kB
8
11
8.8.8.8:53

13.227.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

13.227.111.52.in-addr.arpa
8.8.8.8:53

dns-tunnel-check.googlezip.net

dns

chrome.exe

76 B
92 B
1
1

DNS Request

dns-tunnel-check.googlezip.net

DNS Response

216.239.34.159
8.8.8.8:53

tunnel.googlezip.net

dns

chrome.exe

66 B
82 B
1
1

DNS Request

tunnel.googlezip.net

DNS Response

216.239.34.157
8.8.8.8:53

194.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

194.187.250.142.in-addr.arpa
8.8.8.8:53

157.34.239.216.in-addr.arpa

dns

73 B
133 B
1
1

DNS Request

157.34.239.216.in-addr.arpa
8.8.8.8:53

consent.google.com

dns

chrome.exe

64 B
80 B
1
1

DNS Request

consent.google.com

DNS Response

172.217.16.238
8.8.8.8:53

www.winzip.com

dns

chrome.exe

60 B
148 B
1
1

DNS Request

www.winzip.com

DNS Response

72.246.149.172
8.8.8.8:53

cdn.optimizely.com

dns

chrome.exe

64 B
96 B
1
1

DNS Request

cdn.optimizely.com

DNS Response

104.18.65.57

104.18.66.57
8.8.8.8:53

a25968344087.cdn.optimizely.com

dns

chrome.exe

77 B
109 B
1
1

DNS Request

a25968344087.cdn.optimizely.com

DNS Response

104.18.65.57

104.18.66.57
8.8.8.8:53

unpkg.com

dns

chrome.exe

55 B
135 B
1
1

DNS Request

unpkg.com

DNS Response

104.17.249.203

104.17.246.203

104.17.245.203

104.17.247.203

104.17.248.203
8.8.8.8:53

172.149.246.72.in-addr.arpa

dns

73 B
139 B
1
1

DNS Request

172.149.246.72.in-addr.arpa
8.8.8.8:53

200.187.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

200.187.250.142.in-addr.arpa
8.8.8.8:53

57.65.18.104.in-addr.arpa

dns

142 B
133 B
2
1

DNS Request

57.65.18.104.in-addr.arpa

DNS Request

57.65.18.104.in-addr.arpa
8.8.8.8:53

region1.google-analytics.com

dns

chrome.exe

74 B
106 B
1
1

DNS Request

region1.google-analytics.com

DNS Response

216.239.34.36

216.239.32.36
8.8.8.8:53

203.249.17.104.in-addr.arpa

dns

146 B
135 B
2
1

DNS Request

203.249.17.104.in-addr.arpa

DNS Request

203.249.17.104.in-addr.arpa
8.8.8.8:53

34.200.250.142.in-addr.arpa

dns

146 B
111 B
2
1

DNS Request

34.200.250.142.in-addr.arpa

DNS Request

34.200.250.142.in-addr.arpa
8.8.8.8:53

36.34.239.216.in-addr.arpa

dns

144 B
132 B
2
1

DNS Request

36.34.239.216.in-addr.arpa

DNS Request

36.34.239.216.in-addr.arpa
8.8.8.8:53

www.corel.com

dns

chrome.exe

59 B
150 B
1
1

DNS Request

www.corel.com

DNS Response

72.246.149.172
8.8.8.8:53

cdn.cookielaw.org

dns

chrome.exe

63 B
95 B
1
1

DNS Request

cdn.cookielaw.org

DNS Response

104.18.87.42

104.18.86.42
8.8.8.8:53

geolocation.onetrust.com

dns

chrome.exe

70 B
102 B
1
1

DNS Request

geolocation.onetrust.com

DNS Response

104.18.32.137

172.64.155.119
8.8.8.8:53

42.87.18.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

42.87.18.104.in-addr.arpa
8.8.8.8:53

137.32.18.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

137.32.18.104.in-addr.arpa
216.239.34.36:443

region1.google-analytics.com

https

chrome.exe

4.4kB
7.2kB
9
12
8.8.8.8:53

privacyportal.onetrust.com

dns

chrome.exe

72 B
104 B
1
1

DNS Request

privacyportal.onetrust.com

DNS Response

172.64.155.119

104.18.32.137
8.8.8.8:53

119.155.64.172.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

119.155.64.172.in-addr.arpa
8.8.8.8:53

encrypted-tbn0.gstatic.com

dns

chrome.exe

72 B
88 B
1
1

DNS Request

encrypted-tbn0.gstatic.com

DNS Response

142.250.200.46
8.8.8.8:53

46.200.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

46.200.250.142.in-addr.arpa
142.250.200.46:443

encrypted-tbn0.gstatic.com

https

chrome.exe

3.8kB
10.1kB
11
15
216.58.213.3:443

beacons.gcp.gvt2.com

https

chrome.exe

3.0kB
3.3kB
8
9
8.8.8.8:53

lh5.googleusercontent.com

dns

chrome.exe

71 B
116 B
1
1

DNS Request

lh5.googleusercontent.com

DNS Response

216.58.213.1
216.58.213.1:443

lh5.googleusercontent.com

https

chrome.exe

2.6kB
23.5kB
14
22
8.8.8.8:53

id.google.com

dns

chrome.exe

59 B
75 B
1
1

DNS Request

id.google.com

DNS Response

216.58.213.3
142.250.187.206:443

drive.google.com

https

chrome.exe

12.0kB
3.9kB
16
15
8.8.8.8:53

www.win-rar.com

dns

chrome.exe

61 B
77 B
1
1

DNS Request

www.win-rar.com

DNS Response

51.195.68.163
8.8.8.8:53

163.68.195.51.in-addr.arpa

dns

72 B
101 B
1
1

DNS Request

163.68.195.51.in-addr.arpa
172.217.16.238:443

consent.google.com

https

chrome.exe

19.0kB
4.5kB
25
21
216.58.213.3:443

id.google.com

https

chrome.exe

8.3kB
4.3kB
23
26
8.8.8.8:53

google.com

dns

chrome.exe

56 B
72 B
1
1

DNS Request

google.com

DNS Response

142.250.200.14
108.177.15.84:443

accounts.google.com

https

chrome.exe

5.4kB
6.0kB
6
6
8.8.8.8:53

e2c64.gcp.gvt2.com

dns

chrome.exe

64 B
80 B
1
1

DNS Request

e2c64.gcp.gvt2.com

DNS Response

34.162.18.59
8.8.8.8:53

14.200.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

14.200.250.142.in-addr.arpa
8.8.8.8:53

59.18.162.34.in-addr.arpa

dns

71 B
122 B
1
1

DNS Request

59.18.162.34.in-addr.arpa
142.250.187.206:443

drive.google.com

https

chrome.exe

12.5kB
23.7kB
29
34
142.250.178.14:443

clients6.google.com

https

chrome.exe

4.0kB
3.3kB
11
9
108.177.15.84:443

accounts.google.com

https

chrome.exe

4.7kB
7.9kB
20
17
8.8.8.8:53

drive.usercontent.google.com

dns

chrome.exe

74 B
90 B
1
1

DNS Request

drive.usercontent.google.com

DNS Response

172.217.16.225
172.217.16.225:443

drive.usercontent.google.com

https

chrome.exe

2.2MB
250.4MB
26010
197822
8.8.8.8:53

225.16.217.172.in-addr.arpa

dns

73 B
140 B
1
1

DNS Request

225.16.217.172.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\35bb20bd-56c9-4350-b0a6-f6f136397776.tmp

Filesize
118KB

MD5
d971892f7822d9656753c959f6ea4d2e

SHA1
b946589da001091433c8454190b706f42ec20410

SHA256
20923a201ac1eb7452ae67bace062de9fed0427d0d8336760b3596bfcc0c1487

SHA512
6ca352fbbb3d3463a41deee8b32d7a6b15412b51ac837bf06f8d8b64f0c636efdf7cef2b88156586e8a136c69328c92a12a21a0d627e63d4d8610514c1fc21b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
6f818538adfa716dca58f5fda7fd19fb

SHA1
3d06e33b9ec421556df2c6a4afad3c0d20e42ae3

SHA256
d9e1ff8709659850b5dc1d0196180a63b98bc4fe8f656ee0d1c9fb9986069bf9

SHA512
af42d9b9246b4f31fab20ec29e326f7244a47c72f5726f37e8894b56a5c174d400312c606da4e0cf3f7a858dcfd8f6de38b5b9cd72ef46abee60234f05b6f9fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

Filesize
25KB

MD5
9222217ea98c35e71acd00dfe056b030

SHA1
42fc786d7b865bdba84117ff15357fada69d3b35

SHA256
1bbd4cf227b3645dccb3d9e3e03736d4e7612326ef09126cf18fccf00b1aac4f

SHA512
7aaaa2031579bdbc89a31201613e26f4a1b67998cafc0d2372438beb22f11ba0bcc13d41c6d6e074b3e5a8d87a15dee42747b796c92d619549e83bb117362780

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
215KB

MD5
e579aca9a74ae76669750d8879e16bf3

SHA1
0b8f462b46ec2b2dbaa728bea79d611411bae752

SHA256
6e51c7866705bf0098febfaf05cf4652f96e69ac806c837bfb1199b6e21e6aaf

SHA512
df22f1dff74631bc14433499d1f61609de71e425410067fd08ec193d100b70d98672228906081c309a06bcba03c097ace885240a3ce71e0da4fdb8a022fc9640

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
936B

MD5
f516254095a2f44511c7cfc23b2ceab4

SHA1
62f4fe98e7b6c59a810836d946df51201c36a822

SHA256
37b7f30f84eae137f4c78e6bfd66447cb3b95f3d7def4698cc831761a3cb6d26

SHA512
d5c643b838ed297cb20610b4c9f9212faa678a33745e7b3b3cdea29520a9f93ac37ba23c8b2163654e337f6de89c89689592f0b3c2adb22695b130083aa2fdce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
960B

MD5
31d916228781f6b58322f6d5175de65b

SHA1
a2200bf69374865318c88976a729be0d23d7a025

SHA256
1308cf623ed4359f5bd7d288021770004cac5e01da17cb6ba688a6131eb70b4a

SHA512
0e8919f7c5e3acc86a1f1262e3f99ac8617074e88c60ba1f713cbc4456d2ad10bb4bba940b4439066df2deafcf8d4b5939f9dbb8d92353f2b616590fa6e1df49

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
cc46b1899dbfd3515360c9a63eed2a41

SHA1
4cc34cb43f8d5aa2dfcde519e4003126bd4fc571

SHA256
4cbcf635241d6d4a707348f1bbb00749b93c6711cfef68f4a85f8b0e775bda32

SHA512
a7ae5bfc034721af7ac5bc7ff938795889add751eb47e253d17b858955482024f24ef53a6c5095f837b4233e86c86b3248da9ce874405f9e9834e905ea243997

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
2KB

MD5
815474578850051e758ee4304bc3be0a

SHA1
455a31909eb4eaaa66b333c87dac5a215dcc1bc3

SHA256
5644295b4cedc390ac5be2277721a991bb61af3dc8d585723cc1825d34f6c964

SHA512
40aa013a4d493a79aecc6670036d950d48f7830ab8dbf7cf09e299d4de2d70f89ecbea7a8c6fbe08ca879af3f530faa78a825546c3c367d5e3c336716def97f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
5KB

MD5
9038ab88a5a214935e41f8a865b398f4

SHA1
cf66b0eefac911dfe9f23a681dcabe7d61358a4a

SHA256
2cc693527ec659391977894b3633a08e30ccde89e42b255d4b4448a5d910cf9d

SHA512
f3f825cf04a5f440f6e707862db5888143a463f1ed5ef0358b5a405f288db6520f1306e5809061b676f2fb2f359d10c581a2e6f763842c7112e7a03a6e6bf74a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
6cb36cb020a480b542acb1bd26954893

SHA1
d8a817d7ce21eac101b16e9c26b28c580287f097

SHA256
4b20e8d1cf8e0e870c03b8bcaec6ea67c119d3eb60fe52231fa35aa6f87a8375

SHA512
8ac5e9a53ea0ba239342d6ba99e51dcb20c17d99edb4f055cd1e5ac2b31c9cd57668ab1d24882fe75bd3ef94e9f686daf9988f3838f669a1f4fd6c570afa2fa8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
11KB

MD5
e2e8385a1b7b2405a44694c8a61f134b

SHA1
53ba7bc895047615fe51d5a607e4dce986998938

SHA256
a6fa2189d2e596189568952fe0f77753dfb54bcf00ce9c4a918888d7266d7162

SHA512
4c4f95755a229058b0aeb61b99a592bc1f40acbe7d0d3e18bc0764433208447b2c4369b12e98b199779af3018391bd1bd799fafe84c479fe163e17af2f9905ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
809b08548fb9a4ec3f4c4f15fe9a9c54

SHA1
55db9d37d9fbada4bbf9161efc5d602dedfb1797

SHA256
d75066ed5e84e039ebc8f33331237caf3e1043aa2468d80f0051e58e3641f677

SHA512
9fe04b713580df96a4e01499c61fc5a52c7068dc4cb7291728e85de942729d3fbd583a2121b890acc0553b68ede0c1e3ce402c8cf817ee4b39148f7342726e5f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
a6575ddc4a35e5b78bfdea72c265937d

SHA1
08b8ebb191dc15ba6bed272fff6d6ec0b9796ec5

SHA256
e0b07595685e021d395770e21a987d3f94e04b2e6ebf72b157738897f614fe9e

SHA512
3f0bae8411434aff1d22b16fea26aa4e00ff28abbf96949e273f6ad3849a78756dcea4a98926c3b8606f174870fd0c715468b8e8d79790c793c71c7e825d9ec4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
be1f58468f4730be27605a42c2150121

SHA1
5cff4c0b3dba5bcec68b1d5f11a72eb77a5a8695

SHA256
f04d4242d5f2c0ef1027c5d2366024184a23385f699e0e52e906ff5ee8eae83c

SHA512
d5f95c608a93edc1163f19cef1c2e36278d93dd457062e62af43f9829bea55498571a4dd296e618d6a1482c46a8ea86b6078d37874b7146b299828107cafa1b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
acbcefe7ccc6a0154c13488dd83fe8a1

SHA1
7d4c050400404b8cf139dfe26a4dd77426f4cb97

SHA256
100d5219e7ab06f6dbdbfa8b680f014803296c9fe78dc48fc06e02f9e2389103

SHA512
0fd2941f3b77bc1f7422a6f4a9601ac0bdc3321ff14eba7a488b08e9f228da918222278dc73b4c1a6b57b049081c57ec63b6724e6ba378965764cbd08b32fd3a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
7ef2443b3c172eb4b8aa2e4ca96ec7e3

SHA1
fd2a29a4e5c8155eb42fb4876fb5213b7594673b

SHA256
e58e68f6c30ce8cba9d6d3b2751ce7d74a088745b9797525b2dc29ed162c4fae

SHA512
50dcf3f931c6144b0c29613eab629859f05bd824ec772a2bd18fc607b2926eb55a83f7f3e37bfa708d3d9e9dccb1f90e8a4fe8c2bc73577dd4ce3f540d6e56b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
c74f620fea19168dca4db0feeb7914b0

SHA1
3dc8dfe59cb0d477cbbf586ff74ca0a3686b035d

SHA256
8075a2348b2c981ed0b9ffcf564e0745474ed03203adf0bba58ccec9c25a67f1

SHA512
a8bd338ace20f22723c1acdf02b014b65a03d7d49e822b7036bd3675882b4b427bd08456e466e1946677f239f76f3f8dfb2653cab439a21cec86a2c0e932cbb1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
df3d3828fa021cf55712e2e9e2ce5e09

SHA1
a23e2db3d16aea42fa2f530078005ac66bd26afb

SHA256
8f176cb8c5298b99694365564dc61588b8db3a400e83834cbb78f0ba0edc3461

SHA512
f84b4a67d121e829b896dc6505ad62dfa6389d488bf50741816167f591448d000d5c4af009a942eedca128324cd7d1f145ee1aedda283b02bfeb986900b45bf9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
faac18bda90c3b0fddfc5c45ebb51ce6

SHA1
8f2f30abc53065d97ee88539e0767606bd5c17af

SHA256
ac9e18f7cb51411f6e5112d257de5361debe265152fb38bdf446dd73c5ed2560

SHA512
6f68d8e2e0ea7e153e99d79f06aa36015edc6805838b628b48560020777a5f14fc81929c0461c177482776cc0dc2298cfb60fd9d3d73f36f3283b6361e13b0dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
b6338c2d8750a35f4a62db02c320d9b5

SHA1
24f969988ab8a134f17279b0ccb29a794c83e9fd

SHA256
0156ac7e06d85138216c739f7bc5ba15fb40b4ebac9ff725994e571e2dee5a5f

SHA512
957715d99b09cfe3597df3a350b976e4152392be2d6db7d05b4ef0e4cbd4746ae718ffbe6230b537c593f3782dc2d239af0cd82d71c93981968d64051be26471

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
2f18402cd306e65a22c0442cd5b7605e

SHA1
ee9433a6c2e30e1893ba6a8df86fe835a5ff4bbf

SHA256
52c0125f5a29ded5e9640c4a6dac6d5c1ccb3c8333830d106c372b4520b5fcd9

SHA512
462ab23bd518da0fe490c918b550019ecfeba58911c0e5895c0e4fbe29045615dadbc1b0260601b751844c2814ffa0d59067ee173c0556c6c9503b8cfa35c3d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
17e36c5c583ecf645caaf807f4ac8930

SHA1
0da6b11579051d075d474499f6d5e485d5d17c3a

SHA256
53785c74ba707d4a91cdba9d5242c75f8f406cc5387c9e39cc391aac06e533ed

SHA512
cbbc702c498522e8847de348be1bc7a91e393d49d86c9609826d498f773edd4c4be4d8c8bb75966aa5705ad2d52962a628dba1cc812a3526aa7cf19eb9516ed7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
6433e90d2b7bffec4688d893e6f8d01b

SHA1
bced7c9a9757db4adab72a9e0f539b040f04e078

SHA256
b2720a131a49fb9be3750fa0b7cf453c1161ac28054585bffbc759b80c29b6b0

SHA512
29bacbd61ed730b031d1129a0f639452e4b0aa0caadf0e4edd99bcdeb0036dc1b1536698c58a83d1a77ef5cc5e345842cf85f75d1fafe7fa734cae59dd7fd2a6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
6f8cce78118e6972863703eb36ee8562

SHA1
e03a3fbe09672fede41fc0b6554cd005149a6c93

SHA256
1f0d726be0b73dc6e344c3457e44a04214c1e2ff7ff1b37855e51f41aee60547

SHA512
9ffa37e8ac3cb33486e72f688890a8bd1e68bf159448052923ed3a3ebef58ecc7bc5c0efba3135a62e839582c87871943de304338f28034a4acebf9280f6810c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
e3ba7caddd6c82d1399b88de5104a24c

SHA1
d08cd43e111098e0762b35143b2beba1de358050

SHA256
7dc9432346aed63f434cdce372566adece6d166e56dcf8877d40244154d74d82

SHA512
4ca60d7c54e4a74290100310a4c3abb5b8dcc8e87ae6380b860ac5c7cb1a51f7e2b50e29cea7d64e7f1c5c904ca502610e1027d3b527ffc6f3a7c2bc4a8347ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
3ea43219e169a15b820dd4f89ac67954

SHA1
4fdb3e852b89b22ecd63f98c61b0bc968d55daeb

SHA256
9a56ab6101bf69b6fc1b0aa0e44efbefea68ad9e3058615a9575e32e627c62b1

SHA512
509cd588ce36978731809335b93ae24fde1ad44a44e004bc700e4d907b32aab8f3211b27967f0998627ce307cb5f85332f6c4c980888e0d4ce98a3f013fd42c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
e5809a25aab1a60d4aec78abf32f792a

SHA1
dcd06d710af50edd66b2215f7270227e4489c6d1

SHA256
03627b03446f4916f94f060538bb8f045fd8cdca24ee64a51f37b6c4a6c5ec5d

SHA512
0c8c38dcb06467721fe4c9d89dd47e0bdf0d0a49a542779fc7b70917a69cc4c03f37eaf73ed4918ed16da4c9b5d9e08018bd647ef2fc0c8970c7b5f01a50273e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
c3af0d65574245bcafcfe043c8cf596b

SHA1
53ca7ffb2e3afe2133441abd8ac8d0e9259bc030

SHA256
4b663df99c68a7558afb05cc2abd330660d4e717e10996e86440e5af8cd4d983

SHA512
1505e6335d1ecd8be9631fe133c6ad2955d6df77eb048c3acaf8666aa7865c290908a74102263a567855fa45641ed18121b51d56a61505761821a3ca2af94feb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
86808f61ea897217a77ad129d1363ab6

SHA1
e91d9fb91cfe3cd91081f5eba423035e725535e1

SHA256
e490e5c641b6f8f432964c7b5a00c2c225f688c3a23c801f77a1965fd4aed052

SHA512
3310dc001765e4ad245bfe76b05225e6f1567da12b49de4207659c0da24c0cdb9ac92c31eeb916ab308b9c3c1dfedaa6490a465606548f31af247500e2725f67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
989969d8ec308ffaaf5ce5a2cf6a812a

SHA1
bef62eb61f2bd85494fae82a18c67b330584580f

SHA256
eebc770952047b76682857d5922e3bac1eaf2f1ce13a30f4eb847723848494c2

SHA512
fa1b4a5aa1ac52ef59ea3297c5b648257f206ee8ce6e4799b851ab6b6b14f15ba972756f0937ac51ba1443ed85424dbdc0561b837072ed9f449172764ee043cb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
2eb5de1e54df7f9857f3283bb7444bd9

SHA1
419ebc5768bdb328cbc47cf58045b0dea60edb84

SHA256
243b8b59773ba40fd4307f2305a049c802d276b16de76c2760f4041c7b981002

SHA512
a9a0549f75f0ee5fd5cb04c57d0854c5b3e953ac99ba03508ea4866bf60039f4c761e84a2bb01a0346328d7d041e946829f3b58471551313823cba1ca3510f04

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
90c54a5a2bd76ee24cac5c1da3399c59

SHA1
1e7221bd3cced7968693b4cf5544ef20384b86a1

SHA256
333cc7d26e30f2eb9b4618c18a2f05a2a1d3e69b9464c895572bb14c31ef347a

SHA512
87c6dd63907a5d2d809ffe173312e3c604379b801f160266270f9338bbc816e89e91564b9f9615633b89acb6c43de6f6c5a64a1e7d07b9c33ea9c769a2870fe2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
338a28346e12a8242f950fc9a7fcb545

SHA1
8ab0159ca8677ab912b46f079e56e19b73887a32

SHA256
181d24e080bea1d4f11e0570b9e76ea29d236cf123abb8b9d3d03c01ea4d180c

SHA512
ac56e46758b476699434611604db18b42e9167e0ab987a29347d8759d9a1ab50b577794ef04e86f2986860e3fc9da82ebb101db74951357023026de3f2e64dc8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
0dfca1f0b31b5839de989fdf41931fb6

SHA1
27d73f89c89c3719a613feca5da8ddcedf1cb9d0

SHA256
0a82e46cc4f422e31c5c9917b0b9050cffe496f14a9f1d633d637e826fe1ce39

SHA512
e4fdacdee71e6160922a10934467f15d1f6411f85109d5d4fdf58cb76f577897890de3765fb56a832c36150543fdd0372a166b557276fc9d2d6637bcfa9f5115

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
99ace6fb1807866a5362ca4e814e4f6b

SHA1
83d4612ffaea8e9b93416f310864308fc55f07eb

SHA256
965eca09e0e1c3e7c35a20227ca0d281bd376b8bc75bc0253eeb9a4011219d5b

SHA512
d590d487c85e7444c13d7bca64dcb022d3c93121e2cf051f4fe3580e23a8f410f6d0122c1caf3b6cbd84bb4d386d218804bea87b252c8a8d9f0ca381d46f3bf7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

Filesize
96B

MD5
c0adad78dad7940ba8c79e1f011bf2b4

SHA1
7c5697e257c6449831a04f180a4c94afa2e6c232

SHA256
67bb7d0c3a11897be4cb13f8a549eed1afbff54bdd92895262cebbadf8bab9ce

SHA512
2232eb6ae9b2403af320fae64785bc37e9cba5ec1e4acd251b2997a681cf2397b6c0c5837f0fb7e4069cb9543c9d4da04b3d0a32c30a4cf34c25659f6a94fdb5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
118KB

MD5
1207424adf15893bd397c23fca33ac4d

SHA1
fc68e8ce73f70913712ff489e447c9deeef5ccdd

SHA256
ad980b0cc84152f3165b40ea5fe1f370e22888578f25f97d9657265f968baeae

SHA512
127b7972b436455442a1fb0d301f1340000c8f529f9fe9060b66688eacf22519726065e2a321ab793654c90ff00fd7425e385aad66118e66e4a466ddc344ca94

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
118KB

MD5
410ce807f719407efc5a4ac379f33b41

SHA1
ac30b872c7704782ffdeaf6cf822fc6ce798532f

SHA256
309aa5074ec5f6401691bc6d7b1afc4792aa1eb70f7f6f4075aec0e6188db53d

SHA512
1b263ac69c52cbacfa7cf0c52d27f0b1e9f1170950a868986e60997cfb8fb56056c8e97d15af07d2a368a4ce6e5f6df37255fa6aeaa4f5e06124fe1810d37281

Download Submit
C:\Users\Admin\Downloads\winrar-x64-701.exe

Filesize
3.8MB

MD5
46c17c999744470b689331f41eab7df1

SHA1
b8a63127df6a87d333061c622220d6d70ed80f7c

SHA256
c5b5def1c8882b702b6b25cbd94461c737bc151366d2d9eba5006c04886bfc9a

SHA512
4b02a3e85b699f62df1b4fe752c4dee08cfabc9b8bb316bc39b854bd5187fc602943a95788ec680c7d3dc2c26ad882e69c0740294bd6cb3b32cdcd165a9441b6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request