Analysis

  • max time kernel
    299s
  • max time network
    294s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    03-12-2024 00:40

General

  • Target

    https://drive.google.com/file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs
  • Drops file in Windows directory 1 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://drive.google.com/file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D
    1⤵
    • Drops file in Windows directory
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:1096
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff967ccc40,0x7fff967ccc4c,0x7fff967ccc58
      2⤵
        PID:2932
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1804,i,1044659866991569953,13647721893887086286,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1800 /prefetch:2
        2⤵
          PID:888
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2068,i,1044659866991569953,13647721893887086286,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2092 /prefetch:3
          2⤵
            PID:4956
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2152,i,1044659866991569953,13647721893887086286,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2352 /prefetch:8
            2⤵
              PID:3592
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3068,i,1044659866991569953,13647721893887086286,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3104 /prefetch:1
              2⤵
                PID:4040
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3096,i,1044659866991569953,13647721893887086286,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3140 /prefetch:1
                2⤵
                  PID:1332
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4328,i,1044659866991569953,13647721893887086286,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4432 /prefetch:1
                  2⤵
                    PID:656
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4560,i,1044659866991569953,13647721893887086286,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4596 /prefetch:8
                    2⤵
                      PID:2736
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4572,i,1044659866991569953,13647721893887086286,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4740 /prefetch:8
                      2⤵
                      • Modifies registry class
                      PID:780
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5180,i,1044659866991569953,13647721893887086286,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5196 /prefetch:8
                      2⤵
                        PID:4532
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=740,i,1044659866991569953,13647721893887086286,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5056 /prefetch:8
                        2⤵
                        • Suspicious behavior: EnumeratesProcesses
                        PID:3756
                    • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                      "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                      1⤵
                        PID:2992
                      • C:\Windows\system32\svchost.exe
                        C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                        1⤵
                          PID:3860

                        Network

                        • flag-us
                          DNS
                          drive.google.com
                          chrome.exe
                          Remote address:
                          8.8.8.8:53
                          Request
                          drive.google.com
                          IN A
                          Response
                          drive.google.com
                          IN A
                          142.250.180.14
                        • flag-us
                          DNS
                          74.204.58.216.in-addr.arpa
                          chrome.exe
                          Remote address:
                          8.8.8.8:53
                          Request
                          74.204.58.216.in-addr.arpa
                          IN PTR
                          Response
                          74.204.58.216.in-addr.arpa
                          IN PTR
                          lhr48s49-in-f101e100net
                          74.204.58.216.in-addr.arpa
                          IN PTR
                          lhr25s13-in-f74�H
                          74.204.58.216.in-addr.arpa
                          IN PTR
                          lhr25s13-in-f10�H
                        • flag-us
                          DNS
                          84.206.125.74.in-addr.arpa
                          chrome.exe
                          Remote address:
                          8.8.8.8:53
                          Request
                          84.206.125.74.in-addr.arpa
                          IN PTR
                          Response
                          84.206.125.74.in-addr.arpa
                          IN PTR
                          wk-in-f841e100net
                        • flag-us
                          DNS
                          fonts.gstatic.com
                          chrome.exe
                          Remote address:
                          8.8.8.8:53
                          Request
                          fonts.gstatic.com
                          IN A
                          Response
                          fonts.gstatic.com
                          IN A
                          172.217.16.227
                        • flag-us
                          DNS
                          accounts.youtube.com
                          chrome.exe
                          Remote address:
                          8.8.8.8:53
                          Request
                          accounts.youtube.com
                          IN A
                          Response
                          accounts.youtube.com
                          IN CNAME
                          www3.l.google.com
                          www3.l.google.com
                          IN A
                          142.250.200.14
                        • flag-us
                          DNS
                          www.google.com
                          chrome.exe
                          Remote address:
                          8.8.8.8:53
                          Request
                          www.google.com
                          IN A
                          Response
                          www.google.com
                          IN A
                          172.217.16.228
                        • flag-us
                          DNS
                          228.16.217.172.in-addr.arpa
                          chrome.exe
                          Remote address:
                          8.8.8.8:53
                          Request
                          228.16.217.172.in-addr.arpa
                          IN PTR
                          Response
                          228.16.217.172.in-addr.arpa
                          IN PTR
                          mad08s04-in-f41e100net
                          228.16.217.172.in-addr.arpa
                          IN PTR
                          lhr48s28-in-f4�H
                        • flag-us
                          DNS
                          66.112.168.52.in-addr.arpa
                          chrome.exe
                          Remote address:
                          8.8.8.8:53
                          Request
                          66.112.168.52.in-addr.arpa
                          IN PTR
                          Response
                        • flag-gb
                          GET
                          https://drive.google.com/file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D
                          chrome.exe
                          Remote address:
                          142.250.180.14:443
                          Request
                          GET /file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D HTTP/2.0
                          host: drive.google.com
                          sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                          sec-ch-ua-mobile: ?0
                          sec-ch-ua-platform: "Windows"
                          upgrade-insecure-requests: 1
                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                          accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                          sec-ch-ua-arch: "x86"
                          sec-ch-ua-platform-version: "14.0.0"
                          sec-ch-ua-model: ""
                          sec-ch-ua-bitness: "64"
                          sec-ch-ua-wow64: ?0
                          sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                          x-client-data: CPKVywE=
                          sec-fetch-site: none
                          sec-fetch-mode: navigate
                          sec-fetch-user: ?1
                          sec-fetch-dest: document
                          accept-encoding: gzip, deflate, br, zstd
                          accept-language: en-US,en;q=0.9
                          cookie: __Secure-ENID=22.SE=g9jdGAQsIpxxNrp1Y1WZ9H0P3US4drlfzZ1zxW0MBZyUyeT8PBd-sLOv-qNef1W6AUhopwMpKXvrY5FsL_58R5gQJ-BT0XVt55XiFpRE0IVyz_rCyOP5UfqhXHQ7uRNtqCpUQlK7cnh195tAtzwd6cWbJHaezli24AYAX8opQlJo9ULAo7Z78lkHYOHabz-nhac
                        • flag-gb
                          GET
                          https://drive.google.com/file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D/
                          chrome.exe
                          Remote address:
                          142.250.180.14:443
                          Request
                          GET /file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D/ HTTP/2.0
                          host: drive.google.com
                          upgrade-insecure-requests: 1
                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                          accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                          sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                          sec-ch-ua-mobile: ?0
                          sec-ch-ua-platform: "Windows"
                          sec-ch-ua-arch: "x86"
                          sec-ch-ua-platform-version: "14.0.0"
                          sec-ch-ua-model: ""
                          sec-ch-ua-bitness: "64"
                          sec-ch-ua-wow64: ?0
                          sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                          x-client-data: CPKVywE=
                          sec-fetch-site: none
                          sec-fetch-mode: navigate
                          sec-fetch-user: ?1
                          sec-fetch-dest: document
                          accept-encoding: gzip, deflate, br, zstd
                          accept-language: en-US,en;q=0.9
                          cookie: __Secure-ENID=22.SE=g9jdGAQsIpxxNrp1Y1WZ9H0P3US4drlfzZ1zxW0MBZyUyeT8PBd-sLOv-qNef1W6AUhopwMpKXvrY5FsL_58R5gQJ-BT0XVt55XiFpRE0IVyz_rCyOP5UfqhXHQ7uRNtqCpUQlK7cnh195tAtzwd6cWbJHaezli24AYAX8opQlJo9ULAo7Z78lkHYOHabz-nhac
                          cookie: NID=519=l6NPE7uU5KbBxg_By9viuIczxX0LWR7KPjvZ3dCw_yGX0W2zHu8CAjBpIa9zs0YZ8LogeI7mpOcqVuEglaXZVFmGmUFewdxpAqFwwG_DqUkiNVzRTvum53zIvt_RnMdFj77aQZbHesR5fO8H5gmKvRwZXCQcT1QXGtNMWtvqX4LaqAM
                        • flag-be
                          GET
                          https://accounts.google.com/ServiceLogin?service=wise&passive=1209600&osid=1&continue=https://drive.google.com/file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D/edit&followup=https://drive.google.com/file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D/edit
                          chrome.exe
                          Remote address:
                          74.125.206.84:443
                          Request
                          GET /ServiceLogin?service=wise&passive=1209600&osid=1&continue=https://drive.google.com/file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D/edit&followup=https://drive.google.com/file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D/edit HTTP/2.0
                          host: accounts.google.com
                          upgrade-insecure-requests: 1
                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                          accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                          sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                          sec-ch-ua-mobile: ?0
                          sec-ch-ua-platform: "Windows"
                          sec-ch-ua-arch: "x86"
                          sec-ch-ua-platform-version: "14.0.0"
                          sec-ch-ua-model: ""
                          sec-ch-ua-bitness: "64"
                          sec-ch-ua-wow64: ?0
                          sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                          x-client-data: CPKVywE=
                          sec-fetch-site: none
                          sec-fetch-mode: navigate
                          sec-fetch-user: ?1
                          sec-fetch-dest: document
                          accept-encoding: gzip, deflate, br, zstd
                          accept-language: en-US,en;q=0.9
                          cookie: __Secure-ENID=22.SE=g9jdGAQsIpxxNrp1Y1WZ9H0P3US4drlfzZ1zxW0MBZyUyeT8PBd-sLOv-qNef1W6AUhopwMpKXvrY5FsL_58R5gQJ-BT0XVt55XiFpRE0IVyz_rCyOP5UfqhXHQ7uRNtqCpUQlK7cnh195tAtzwd6cWbJHaezli24AYAX8opQlJo9ULAo7Z78lkHYOHabz-nhac
                          cookie: NID=519=l6NPE7uU5KbBxg_By9viuIczxX0LWR7KPjvZ3dCw_yGX0W2zHu8CAjBpIa9zs0YZ8LogeI7mpOcqVuEglaXZVFmGmUFewdxpAqFwwG_DqUkiNVzRTvum53zIvt_RnMdFj77aQZbHesR5fO8H5gmKvRwZXCQcT1QXGtNMWtvqX4LaqAM
                        • flag-be
                          GET
                          https://accounts.google.com/InteractiveLogin?continue=https://drive.google.com/file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D/edit&followup=https://drive.google.com/file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D/edit&osid=1&passive=1209600&service=wise&ifkv=AcMMx-farTMtnlT0A-s9eWfNuQYFL_7-ycwZ1_vyolTZgvunLZ89yUv2KK1ksLE9f4i1BQHiRNmPnQ
                          chrome.exe
                          Remote address:
                          74.125.206.84:443
                          Request
                          GET /InteractiveLogin?continue=https://drive.google.com/file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D/edit&followup=https://drive.google.com/file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D/edit&osid=1&passive=1209600&service=wise&ifkv=AcMMx-farTMtnlT0A-s9eWfNuQYFL_7-ycwZ1_vyolTZgvunLZ89yUv2KK1ksLE9f4i1BQHiRNmPnQ HTTP/2.0
                          host: accounts.google.com
                          upgrade-insecure-requests: 1
                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                          accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                          x-client-data: CPKVywE=
                          sec-fetch-site: none
                          sec-fetch-mode: navigate
                          sec-fetch-user: ?1
                          sec-fetch-dest: document
                          sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                          sec-ch-ua-mobile: ?0
                          sec-ch-ua-full-version: "123.0.6312.123"
                          sec-ch-ua-arch: "x86"
                          sec-ch-ua-platform: "Windows"
                          sec-ch-ua-platform-version: "14.0.0"
                          sec-ch-ua-model: ""
                          sec-ch-ua-bitness: "64"
                          sec-ch-ua-wow64: ?0
                          sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                          accept-encoding: gzip, deflate, br, zstd
                          accept-language: en-US,en;q=0.9
                          cookie: __Secure-ENID=22.SE=g9jdGAQsIpxxNrp1Y1WZ9H0P3US4drlfzZ1zxW0MBZyUyeT8PBd-sLOv-qNef1W6AUhopwMpKXvrY5FsL_58R5gQJ-BT0XVt55XiFpRE0IVyz_rCyOP5UfqhXHQ7uRNtqCpUQlK7cnh195tAtzwd6cWbJHaezli24AYAX8opQlJo9ULAo7Z78lkHYOHabz-nhac
                          cookie: NID=519=l6NPE7uU5KbBxg_By9viuIczxX0LWR7KPjvZ3dCw_yGX0W2zHu8CAjBpIa9zs0YZ8LogeI7mpOcqVuEglaXZVFmGmUFewdxpAqFwwG_DqUkiNVzRTvum53zIvt_RnMdFj77aQZbHesR5fO8H5gmKvRwZXCQcT1QXGtNMWtvqX4LaqAM
                          cookie: __Host-GAPS=1:NgLpPJPfmIjqKJ7AeX9xaDk-gvBv_Q:dg_uXastdE0HaCy0
                        • flag-be
                          GET
                          https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Ffile%2Fd%2F1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D%2Fedit&followup=https%3A%2F%2Fdrive.google.com%2Ffile%2Fd%2F1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D%2Fedit&ifkv=AcMMx-fhAwKAR06mDlclQpf1z8hvC6oK1fLiHBRPgNYyaGqy0_qa3dGLxwsDJcVDNkYJ9025M0T7hg&osid=1&passive=1209600&service=wise&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S33688829%3A1733186428578898&ddm=1
                          chrome.exe
                          Remote address:
                          74.125.206.84:443
                          Request
                          GET /v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Ffile%2Fd%2F1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D%2Fedit&followup=https%3A%2F%2Fdrive.google.com%2Ffile%2Fd%2F1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D%2Fedit&ifkv=AcMMx-fhAwKAR06mDlclQpf1z8hvC6oK1fLiHBRPgNYyaGqy0_qa3dGLxwsDJcVDNkYJ9025M0T7hg&osid=1&passive=1209600&service=wise&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S33688829%3A1733186428578898&ddm=1 HTTP/2.0
                          host: accounts.google.com
                          upgrade-insecure-requests: 1
                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                          accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                          x-client-data: CPKVywE=
                          sec-fetch-site: none
                          sec-fetch-mode: navigate
                          sec-fetch-user: ?1
                          sec-fetch-dest: document
                          sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                          sec-ch-ua-mobile: ?0
                          sec-ch-ua-full-version: "123.0.6312.123"
                          sec-ch-ua-arch: "x86"
                          sec-ch-ua-platform: "Windows"
                          sec-ch-ua-platform-version: "14.0.0"
                          sec-ch-ua-model: ""
                          sec-ch-ua-bitness: "64"
                          sec-ch-ua-wow64: ?0
                          sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                          accept-encoding: gzip, deflate, br, zstd
                          accept-language: en-US,en;q=0.9
                          cookie: __Secure-ENID=22.SE=g9jdGAQsIpxxNrp1Y1WZ9H0P3US4drlfzZ1zxW0MBZyUyeT8PBd-sLOv-qNef1W6AUhopwMpKXvrY5FsL_58R5gQJ-BT0XVt55XiFpRE0IVyz_rCyOP5UfqhXHQ7uRNtqCpUQlK7cnh195tAtzwd6cWbJHaezli24AYAX8opQlJo9ULAo7Z78lkHYOHabz-nhac
                          cookie: NID=519=l6NPE7uU5KbBxg_By9viuIczxX0LWR7KPjvZ3dCw_yGX0W2zHu8CAjBpIa9zs0YZ8LogeI7mpOcqVuEglaXZVFmGmUFewdxpAqFwwG_DqUkiNVzRTvum53zIvt_RnMdFj77aQZbHesR5fO8H5gmKvRwZXCQcT1QXGtNMWtvqX4LaqAM
                          cookie: __Host-GAPS=1:NgLpPJPfmIjqKJ7AeX9xaDk-gvBv_Q:dg_uXastdE0HaCy0
                        • flag-gb
                          GET
                          https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSJwmA6QC9dWevzxIFDRkBE_oSBQ3oIX6GEgUN05ioByHKFf2CpcjaZw==?alt=proto
                          chrome.exe
                          Remote address:
                          216.58.201.106:443
                          Request
                          GET /v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSJwmA6QC9dWevzxIFDRkBE_oSBQ3oIX6GEgUN05ioByHKFf2CpcjaZw==?alt=proto HTTP/2.0
                          host: content-autofill.googleapis.com
                          x-goog-encode-response-if-executable: base64
                          x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                          x-client-data: CPKVywE=
                          sec-fetch-site: none
                          sec-fetch-mode: no-cors
                          sec-fetch-dest: empty
                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                          accept-encoding: gzip, deflate, br, zstd
                          accept-language: en-US,en;q=0.9
                        • flag-gb
                          GET
                          https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQlxVucfMIxJFxIFDVNaR8UhtOKNO-OttAs=?alt=proto
                          chrome.exe
                          Remote address:
                          216.58.201.106:443
                          Request
                          GET /v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQlxVucfMIxJFxIFDVNaR8UhtOKNO-OttAs=?alt=proto HTTP/2.0
                          host: content-autofill.googleapis.com
                          x-goog-encode-response-if-executable: base64
                          x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                          x-client-data: CPKVywE=
                          sec-fetch-site: none
                          sec-fetch-mode: no-cors
                          sec-fetch-dest: empty
                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                          accept-encoding: gzip, deflate, br, zstd
                          accept-language: en-US,en;q=0.9
                        • flag-gb
                          GET
                          https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=-191473461&timestamp=1733186428271
                          chrome.exe
                          Remote address:
                          142.250.200.14:443
                          Request
                          GET /accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=-191473461&timestamp=1733186428271 HTTP/2.0
                          host: accounts.youtube.com
                          sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                          sec-ch-ua-mobile: ?0
                          sec-ch-ua-full-version: "123.0.6312.123"
                          sec-ch-ua-arch: "x86"
                          sec-ch-ua-platform: "Windows"
                          sec-ch-ua-platform-version: "14.0.0"
                          sec-ch-ua-model: ""
                          sec-ch-ua-bitness: "64"
                          sec-ch-ua-wow64: ?0
                          sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                          upgrade-insecure-requests: 1
                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                          accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                          x-client-data: CPKVywE=
                          sec-fetch-site: cross-site
                          sec-fetch-mode: navigate
                          sec-fetch-dest: iframe
                          referer: https://accounts.google.com/
                          accept-encoding: gzip, deflate, br, zstd
                          accept-language: en-US,en;q=0.9
                        • flag-gb
                          OPTIONS
                          https://play.google.com/log?format=json&hasfast=true&authuser=0
                          chrome.exe
                          Remote address:
                          142.250.187.206:443
                          Request
                          OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/2.0
                          host: play.google.com
                          accept: */*
                          access-control-request-method: POST
                          access-control-request-headers: x-goog-authuser
                          origin: https://accounts.google.com
                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                          sec-fetch-mode: cors
                          sec-fetch-site: same-site
                          sec-fetch-dest: empty
                          referer: https://accounts.google.com/
                          accept-encoding: gzip, deflate, br, zstd
                          accept-language: en-US,en;q=0.9
                        • flag-gb
                          OPTIONS
                          https://play.google.com/log?format=json&hasfast=true&authuser=0
                          chrome.exe
                          Remote address:
                          142.250.187.206:443
                          Request
                          OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/2.0
                          host: play.google.com
                          accept: */*
                          access-control-request-method: POST
                          access-control-request-headers: x-goog-authuser
                          origin: https://accounts.google.com
                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                          sec-fetch-mode: cors
                          sec-fetch-site: same-site
                          sec-fetch-dest: empty
                          referer: https://accounts.google.com/
                          accept-encoding: gzip, deflate, br, zstd
                          accept-language: en-US,en;q=0.9
                        • flag-us
                          DNS
                          106.201.58.216.in-addr.arpa
                          Remote address:
                          8.8.8.8:53
                          Request
                          106.201.58.216.in-addr.arpa
                          IN PTR
                          Response
                          106.201.58.216.in-addr.arpa
                          IN PTR
                          prg03s02-in-f1061e100net
                          106.201.58.216.in-addr.arpa
                          IN PTR
                          lhr48s48-in-f10�J
                          106.201.58.216.in-addr.arpa
                          IN PTR
                          prg03s02-in-f10�J
                        • flag-us
                          DNS
                          beacons.gcp.gvt2.com
                          Remote address:
                          8.8.8.8:53
                          Request
                          beacons.gcp.gvt2.com
                          IN A
                          Response
                          beacons.gcp.gvt2.com
                          IN CNAME
                          beacons-handoff.gcp.gvt2.com
                          beacons-handoff.gcp.gvt2.com
                          IN A
                          172.217.16.227
                        • flag-us
                          DNS
                          14.200.250.142.in-addr.arpa
                          Remote address:
                          8.8.8.8:53
                          Request
                          14.200.250.142.in-addr.arpa
                          IN PTR
                          Response
                          14.200.250.142.in-addr.arpa
                          IN PTR
                          lhr48s29-in-f141e100net
                        • flag-us
                          DNS
                          self.events.data.microsoft.com
                          Remote address:
                          8.8.8.8:53
                          Request
                          self.events.data.microsoft.com
                          IN A
                          Response
                          self.events.data.microsoft.com
                          IN CNAME
                          self-events-data.trafficmanager.net
                          self-events-data.trafficmanager.net
                          IN CNAME
                          onedscolprdeus01.eastus.cloudapp.azure.com
                          onedscolprdeus01.eastus.cloudapp.azure.com
                          IN A
                          52.168.112.66
                        • flag-us
                          DNS
                          227.16.217.172.in-addr.arpa
                          Remote address:
                          8.8.8.8:53
                          Request
                          227.16.217.172.in-addr.arpa
                          IN PTR
                          Response
                          227.16.217.172.in-addr.arpa
                          IN PTR
                          mad08s04-in-f31e100net
                          227.16.217.172.in-addr.arpa
                          IN PTR
                          lhr48s28-in-f3�H
                        • flag-us
                          DNS
                          19.229.111.52.in-addr.arpa
                          Remote address:
                          8.8.8.8:53
                          Request
                          19.229.111.52.in-addr.arpa
                          IN PTR
                          Response
                        • flag-us
                          DNS
                          206.187.250.142.in-addr.arpa
                          Remote address:
                          8.8.8.8:53
                          Request
                          206.187.250.142.in-addr.arpa
                          IN PTR
                          Response
                          206.187.250.142.in-addr.arpa
                          IN PTR
                          lhr25s33-in-f141e100net
                        • flag-us
                          DNS
                          accounts.google.com
                          Remote address:
                          8.8.8.8:53
                          Request
                          accounts.google.com
                          IN A
                          Response
                          accounts.google.com
                          IN A
                          74.125.206.84
                        • flag-gb
                          GET
                          https://www.google.com/favicon.ico
                          chrome.exe
                          Remote address:
                          172.217.16.228:443
                          Request
                          GET /favicon.ico HTTP/2.0
                          host: www.google.com
                          sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                          sec-ch-ua-mobile: ?0
                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                          sec-ch-ua-arch: "x86"
                          sec-ch-ua-full-version: "123.0.6312.123"
                          sec-ch-ua-platform-version: "14.0.0"
                          sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                          sec-ch-ua-bitness: "64"
                          sec-ch-ua-model: ""
                          sec-ch-ua-wow64: ?0
                          sec-ch-ua-platform: "Windows"
                          accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                          x-client-data: CPKVywE=
                          sec-fetch-site: same-site
                          sec-fetch-mode: no-cors
                          sec-fetch-dest: image
                          referer: https://accounts.google.com/
                          accept-encoding: gzip, deflate, br, zstd
                          accept-language: en-US,en;q=0.9
                          cookie: __Secure-ENID=22.SE=g9jdGAQsIpxxNrp1Y1WZ9H0P3US4drlfzZ1zxW0MBZyUyeT8PBd-sLOv-qNef1W6AUhopwMpKXvrY5FsL_58R5gQJ-BT0XVt55XiFpRE0IVyz_rCyOP5UfqhXHQ7uRNtqCpUQlK7cnh195tAtzwd6cWbJHaezli24AYAX8opQlJo9ULAo7Z78lkHYOHabz-nhac
                          cookie: NID=519=l6NPE7uU5KbBxg_By9viuIczxX0LWR7KPjvZ3dCw_yGX0W2zHu8CAjBpIa9zs0YZ8LogeI7mpOcqVuEglaXZVFmGmUFewdxpAqFwwG_DqUkiNVzRTvum53zIvt_RnMdFj77aQZbHesR5fO8H5gmKvRwZXCQcT1QXGtNMWtvqX4LaqAM
                        • flag-gb
                          GET
                          https://www.google.com/recaptcha/api.js?render=explicit&trustedtypes=true
                          chrome.exe
                          Remote address:
                          172.217.16.228:443
                          Request
                          GET /recaptcha/api.js?render=explicit&trustedtypes=true HTTP/2.0
                          host: www.google.com
                          sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                          sec-ch-ua-mobile: ?0
                          user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                          sec-ch-ua-arch: "x86"
                          sec-ch-ua-full-version: "123.0.6312.123"
                          sec-ch-ua-platform-version: "14.0.0"
                          sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                          sec-ch-ua-bitness: "64"
                          sec-ch-ua-model: ""
                          sec-ch-ua-wow64: ?0
                          sec-ch-ua-platform: "Windows"
                          accept: */*
                          x-client-data: CPKVywE=
                          sec-fetch-site: same-site
                          sec-fetch-mode: no-cors
                          sec-fetch-dest: script
                          referer: https://accounts.google.com/
                          accept-encoding: gzip, deflate, br, zstd
                          accept-language: en-US,en;q=0.9
                          cookie: NID=519=CcW7c62HtABsgIATLrstiO_0_LoTcPEYK4-Ayh62cHeyF6WBxFHHbkXcWjXVmor9NFsn41N8OzSu5n0gJJn5_biQzsHG3U6lGgThzXYven1pCi80C2_0A3x4AQBL2Nm96Cr3l1PzSL0rcEk7B8fOO8PZHZeEvgQguGcLg5WGaug6Q1rhPluEeBs
                          cookie: __Secure-ENID=24.SE=ppfbyJY9sW-chssSHmoNO2_ciVhRF_uDthTsc-zcCK9NCHtMubke2RoSR24b7iE4MznE-G8MWFz6KLMCrb4jReb-f_EIy617yp9gvWppAku5AVyWp5L6sJcqhRMmnAa5uGcIKXF7UrAsuBUgO0QnCWMoI7DhzRz3XNxfQBxq3FCFzo38-dJU16uHUkKjApu89jhY94bNLg
                        • 142.250.180.14:443
                          https://drive.google.com/file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D/
                          tls, http2
                          chrome.exe
                          3.1kB
                          11.0kB
                          26
                          30

                          HTTP Request

                          GET https://drive.google.com/file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D

                          HTTP Request

                          GET https://drive.google.com/file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D/
                        • 142.250.180.14:443
                          drive.google.com
                          tls, http2
                          chrome.exe
                          1.1kB
                          8.1kB
                          9
                          9
                        • 74.125.206.84:443
                          https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Ffile%2Fd%2F1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D%2Fedit&followup=https%3A%2F%2Fdrive.google.com%2Ffile%2Fd%2F1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D%2Fedit&ifkv=AcMMx-fhAwKAR06mDlclQpf1z8hvC6oK1fLiHBRPgNYyaGqy0_qa3dGLxwsDJcVDNkYJ9025M0T7hg&osid=1&passive=1209600&service=wise&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S33688829%3A1733186428578898&ddm=1
                          tls, http2
                          chrome.exe
                          6.7kB
                          174.0kB
                          86
                          148

                          HTTP Request

                          GET https://accounts.google.com/ServiceLogin?service=wise&passive=1209600&osid=1&continue=https://drive.google.com/file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D/edit&followup=https://drive.google.com/file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D/edit

                          HTTP Request

                          GET https://accounts.google.com/InteractiveLogin?continue=https://drive.google.com/file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D/edit&followup=https://drive.google.com/file/d/1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D/edit&osid=1&passive=1209600&service=wise&ifkv=AcMMx-farTMtnlT0A-s9eWfNuQYFL_7-ycwZ1_vyolTZgvunLZ89yUv2KK1ksLE9f4i1BQHiRNmPnQ

                          HTTP Request

                          GET https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Ffile%2Fd%2F1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D%2Fedit&followup=https%3A%2F%2Fdrive.google.com%2Ffile%2Fd%2F1mK8llt5rQZ7Y0SxguOsWqW3YSC4iO_1D%2Fedit&ifkv=AcMMx-fhAwKAR06mDlclQpf1z8hvC6oK1fLiHBRPgNYyaGqy0_qa3dGLxwsDJcVDNkYJ9025M0T7hg&osid=1&passive=1209600&service=wise&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S33688829%3A1733186428578898&ddm=1
                        • 216.58.201.106:443
                          https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQlxVucfMIxJFxIFDVNaR8UhtOKNO-OttAs=?alt=proto
                          tls, http2
                          chrome.exe
                          2.6kB
                          7.6kB
                          26
                          28

                          HTTP Request

                          GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSJwmA6QC9dWevzxIFDRkBE_oSBQ3oIX6GEgUN05ioByHKFf2CpcjaZw==?alt=proto

                          HTTP Request

                          GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQlxVucfMIxJFxIFDVNaR8UhtOKNO-OttAs=?alt=proto
                        • 142.250.200.14:443
                          https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=-191473461&timestamp=1733186428271
                          tls, http2
                          chrome.exe
                          2.9kB
                          24.5kB
                          29
                          31

                          HTTP Request

                          GET https://accounts.youtube.com/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.google.com&v=-191473461&timestamp=1733186428271
                        • 142.250.187.206:443
                          play.google.com
                          tls, http2
                          chrome.exe
                          1.0kB
                          7.6kB
                          9
                          9
                        • 142.250.187.206:443
                          https://play.google.com/log?format=json&hasfast=true&authuser=0
                          tls, http2
                          chrome.exe
                          2.2kB
                          8.8kB
                          22
                          24

                          HTTP Request

                          OPTIONS https://play.google.com/log?format=json&hasfast=true&authuser=0

                          HTTP Request

                          OPTIONS https://play.google.com/log?format=json&hasfast=true&authuser=0
                        • 172.217.16.228:443
                          https://www.google.com/recaptcha/api.js?render=explicit&trustedtypes=true
                          tls, http2
                          chrome.exe
                          3.4kB
                          10.3kB
                          26
                          27

                          HTTP Request

                          GET https://www.google.com/favicon.ico

                          HTTP Request

                          GET https://www.google.com/recaptcha/api.js?render=explicit&trustedtypes=true
                        • 74.125.206.84:443
                          accounts.google.com
                          tls, http2
                          chrome.exe
                          1.2kB
                          5.8kB
                          12
                          12
                        • 8.8.8.8:53
                          drive.google.com
                          dns
                          chrome.exe
                          540 B
                          905 B
                          8
                          8

                          DNS Request

                          drive.google.com

                          DNS Response

                          142.250.180.14

                          DNS Request

                          74.204.58.216.in-addr.arpa

                          DNS Request

                          84.206.125.74.in-addr.arpa

                          DNS Request

                          fonts.gstatic.com

                          DNS Response

                          172.217.16.227

                          DNS Request

                          accounts.youtube.com

                          DNS Response

                          142.250.200.14

                          DNS Request

                          www.google.com

                          DNS Response

                          172.217.16.228

                          DNS Request

                          228.16.217.172.in-addr.arpa

                          DNS Request

                          66.112.168.52.in-addr.arpa

                        • 142.250.180.14:443
                          drive.google.com
                          https
                          chrome.exe
                          4.2kB
                          8.5kB
                          10
                          13
                        • 74.125.206.84:443
                          accounts.google.com
                          https
                          chrome.exe
                          18.9kB
                          14.4kB
                          47
                          48
                        • 8.8.8.8:53
                          106.201.58.216.in-addr.arpa
                          dns
                          139 B
                          285 B
                          2
                          2

                          DNS Request

                          106.201.58.216.in-addr.arpa

                          DNS Request

                          beacons.gcp.gvt2.com

                          DNS Response

                          172.217.16.227

                        • 8.8.8.8:53
                          14.200.250.142.in-addr.arpa
                          dns
                          149 B
                          306 B
                          2
                          2

                          DNS Request

                          14.200.250.142.in-addr.arpa

                          DNS Request

                          self.events.data.microsoft.com

                          DNS Response

                          52.168.112.66

                        • 8.8.8.8:53
                          227.16.217.172.in-addr.arpa
                          dns
                          145 B
                          298 B
                          2
                          2

                          DNS Request

                          227.16.217.172.in-addr.arpa

                          DNS Request

                          19.229.111.52.in-addr.arpa

                        • 8.8.8.8:53
                          206.187.250.142.in-addr.arpa
                          dns
                          139 B
                          194 B
                          2
                          2

                          DNS Request

                          206.187.250.142.in-addr.arpa

                          DNS Request

                          accounts.google.com

                          DNS Response

                          74.125.206.84

                        • 142.250.187.206:443
                          play.google.com
                          https
                          chrome.exe
                          13.3kB
                          11.8kB
                          35
                          36
                        • 224.0.0.251:5353
                          chrome.exe
                          204 B
                          3
                        • 172.217.16.228:443
                          www.google.com
                          https
                          chrome.exe
                          90.8kB
                          644.5kB
                          215
                          583
                        • 216.58.201.106:443
                          content-autofill.googleapis.com
                          https
                          chrome.exe
                          2.9kB
                          6.5kB
                          5
                          8
                        • 74.125.206.84:443
                          accounts.google.com
                          https
                          chrome.exe
                          3.3kB
                          3.9kB
                          9
                          10
                        • 74.125.206.84:443
                          accounts.google.com
                          https
                          chrome.exe
                          2.8kB
                          7.8kB
                          7
                          11
                        • 142.250.187.206:443
                          play.google.com
                          https
                          chrome.exe
                          4.2kB
                          3.2kB
                          12
                          12
                        • 142.250.187.206:443
                          play.google.com
                          https
                          chrome.exe
                          3.4kB
                          2.9kB
                          9
                          9
                        • 74.125.206.84:443
                          accounts.google.com
                          https
                          chrome.exe
                          2.4kB
                          3.3kB
                          8
                          9

                        MITRE ATT&CK Enterprise v15

                        Replay Monitor

                        Loading Replay Monitor...

                        Downloads

                        • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

                          Filesize

                          64KB

                          MD5

                          b5ad5caaaee00cb8cf445427975ae66c

                          SHA1

                          dcde6527290a326e048f9c3a85280d3fa71e1e22

                          SHA256

                          b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8

                          SHA512

                          92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

                        • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

                          Filesize

                          4B

                          MD5

                          f49655f856acb8884cc0ace29216f511

                          SHA1

                          cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

                          SHA256

                          7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

                          SHA512

                          599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

                        • C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

                          Filesize

                          1008B

                          MD5

                          d222b77a61527f2c177b0869e7babc24

                          SHA1

                          3f23acb984307a4aeba41ebbb70439c97ad1f268

                          SHA256

                          80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747

                          SHA512

                          d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\69bffdeb-3130-4b9e-a4aa-a6a46ed5443c.tmp

                          Filesize

                          9KB

                          MD5

                          27d834ee0b050c5087c0a6643b07183c

                          SHA1

                          bde68bd42f0279fbe865e2b85db19729373a036b

                          SHA256

                          6459beb61305f6b66120eb90774470128f348ea7af713f0b3372f071bcc44d83

                          SHA512

                          5b034e70382e7549b9d2a5982f964f3ec84a6a971ecaf31505ef8098780c1620966821a99b0925c079161812e240536779a89a531baa836d906ca9af1078c8fc

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                          Filesize

                          649B

                          MD5

                          2eeecb2e4d8d3225034a545caf14bba3

                          SHA1

                          d58ea5f5855b9c47fae789bcce350303550c1430

                          SHA256

                          009132b1e4c29e7430dbf0b64777ea1e3bca5aae804670aee18fdca7e1cfb072

                          SHA512

                          ea42cb8f932456ebaac6ad9260fba101ff8aa5ab058f1680609104b88bf80dc91466b30638c9fb2afb838454aa9f9f599c7d05e81acff3c8c56b055039533e2e

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

                          Filesize

                          215KB

                          MD5

                          2be38925751dc3580e84c3af3a87f98d

                          SHA1

                          8a390d24e6588bef5da1d3db713784c11ca58921

                          SHA256

                          1412046f2516b688d644ff26b6c7ef2275b6c8f132eb809bd32e118208a4ec1b

                          SHA512

                          1341ffc84f16c1247eb0e9baacd26a70c6b9ee904bc2861e55b092263613c0f09072efd174b3e649a347ef3192ae92d7807cc4f5782f8fd07389703d75c4c4e2

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                          Filesize

                          552B

                          MD5

                          ee24acc22ca7d0b8aab9e0f85d93876e

                          SHA1

                          236610dea70c485d195920bab74beeb28b203e6c

                          SHA256

                          c484d439d1357bd5e5700b5c511a47f17798c177daa1f9ad35206fd077afeba9

                          SHA512

                          fef94fefe612b66022fa8c8d5686b371fb5acf78820087e55b33fac96b65c40ab73ef8dde23a9d35bb41de5df4efdeb3acef4b172c1cebdcacb8a08f9d98fab7

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                          Filesize

                          552B

                          MD5

                          1b451c0422bc460ac3843ceaff2ed09b

                          SHA1

                          7adb5b1e908582bd47bd188ec2e4728aa71bb2c9

                          SHA256

                          ffafce79cd69bb9f7f1f50c97d139cd5a58fe9101bb04f44a654e028d7e446f0

                          SHA512

                          3b1b0422a22bedd3ccff6aed8360aa986d0911ece28e61c3fce55b55be5e6a624c4261494a332d01f04b0e7cfe274dda4b5abe7eb3be943285910e72a31cb3d4

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                          Filesize

                          552B

                          MD5

                          a6553b5118aecd31abaffc2f6cc9be79

                          SHA1

                          2142deb81939a658af16c6696c9a2443ad2ca72e

                          SHA256

                          f5d0c8a29e43b9050a6c0f3d71116953b9633e92ce34147d60f3ac8bd1c08b3f

                          SHA512

                          47d8d6d231c78bca89c7383862cf0138bcfff4e0f690edc7ecff9db74c4ff9755c6035ff0f57a8ecf4291ee070288650537f20fae9e456f39ff6be953a1fc749

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                          Filesize

                          3KB

                          MD5

                          bdbfe9d16b910a25f73a74247707f1ff

                          SHA1

                          fa7c003d369588c41e39cf71cd24ebb383d1f832

                          SHA256

                          59b1f0b1574eafd21195c531c5ef080956c5acee47b13ec907e88c49b3a18c2d

                          SHA512

                          6c972e946fb5acb1b82513387e67369216915abb898fddc0ceb4cc7f00e138586210e26613d8baebba166e34d4a9108f612b72f94b79234f43de27df4b239e41

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                          Filesize

                          3KB

                          MD5

                          f579f497092d60478e033d57f6415d07

                          SHA1

                          e72df40cbf396cf9e51f1e595462c656e3d1799a

                          SHA256

                          103b8a9d3d2197826d045039b3e7015f110efe138c5d839d3504889a077bcd20

                          SHA512

                          5f2567614398e34f8e61143865da2b1811fd8ac50967bce02ec48a88df0229ff1abe169e52dd6d4b2f497bcb065ac4f485d9a45653fb402b8d732c721951637e

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                          Filesize

                          3KB

                          MD5

                          5cb84ad8a0c0cd35ffb3d7e2d1a81ad0

                          SHA1

                          82e76c9562877f87ce8b77f95c338184a4ae04ac

                          SHA256

                          2acdde5b8dd99b41e1aa4617fc90e9dec79f95fa8d7f4f3f7179c2f7be5afb49

                          SHA512

                          f21d8fbeea80e6fa3563f398d5aeca4ae99fcc377c95104c15a4d2b33d2bb40630a5fbc80b2c6e65bb89ee0b4ff08eafdd54040fd73d5939f42461d907aebf1e

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                          Filesize

                          2B

                          MD5

                          d751713988987e9331980363e24189ce

                          SHA1

                          97d170e1550eee4afc0af065b78cda302a97674c

                          SHA256

                          4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                          SHA512

                          b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                          Filesize

                          356B

                          MD5

                          7bba8627c535a6d395e694cea3e9b20e

                          SHA1

                          c37c6b79bad9e8b40be67c7ced10ee83792c6b2f

                          SHA256

                          d727968b6ecbe1771f5c1fb22c5e0eb33634ef1fba16b261d7833d884ee044af

                          SHA512

                          2d41544fdcbad79a68bcaa59c3b84e8085cef7ac952252ef1204d68d15627e49a48d90d7a36a1025f985c0db04d09bb16cda89b06d73ff7a1a05efcdb627e8c1

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                          Filesize

                          356B

                          MD5

                          a7e9e6eb7b5d81801a1acc62e067637e

                          SHA1

                          44c3caf31338cc21fd866526ee7f3e2bc7a149b8

                          SHA256

                          fe040aad19499520e171e16e541c61c0b4d68ecdb16050f4491634f3f8372e62

                          SHA512

                          c6259abd0a57286428672846bb6afa419fc7b185cf4e7170e2557b5da3f98fb04ef9cbf863d512667ae0d72f7b5111dfbcc2051fef93094205ca8014500466f2

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                          Filesize

                          356B

                          MD5

                          2a539d46e8741e1593bbe22338e2d1cc

                          SHA1

                          b3f58cb90f71dcf44b8812357941f2bf8b6f5184

                          SHA256

                          e367d2fd887c55586a585dab36c8abd443dfd664f36b5bd883e922327f03b550

                          SHA512

                          f36346ab42b7d4686058419dd6ac717185dc793e80fa68704f89f87130cf4c3b995a892f6c5320fea89e4f8aecb51f44acfd8e8f69462ccda312715f11a03d56

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          9KB

                          MD5

                          147788c1fc81f9a34e83e4c3af227b8c

                          SHA1

                          a59f71bfd9295fda9a2de3b20587b71e2fae4c12

                          SHA256

                          edeeeee4f34ab93a8122fa6879bda382638716314cf6ecca830e50aff0e5bddf

                          SHA512

                          84ded8cef59ebecbc46df5235d379ab2089dfa4c156fffc6595bc48a65d4b26ba69bafb9913ba18d35e882111338110751a5a993fb6fd0625e67daa8f18a7c67

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          9KB

                          MD5

                          6d5ec28e07c9c4c1864e107896fff1a8

                          SHA1

                          6c73ce74295c8b78973de24971cb87d4bfba59c0

                          SHA256

                          98c914888108715f1d753f16f7c9c938f4a8e31db41a17f0df0ae654054e0fde

                          SHA512

                          d00a790570698ee9426f0904d0b928b9fd78a3f4184991b734d3e20b5af613bad069cfcbf7967bcf11b714dbec2dd9212f233dffbc63442b1de4e7fd371ab1a0

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          9KB

                          MD5

                          d6133200d5f3ccd4387d44da6d19fb02

                          SHA1

                          0bdf120ef90a5d4f0d054a1d2d03e1dedb06b298

                          SHA256

                          cd84a4794a161ee9be7840de62a889d531ff45738d6a05346d2c555627716058

                          SHA512

                          06c15a14fe67e5d8ec69d80cabb015ee5986f2e1df3a5fc54c016658a7346f3a4310f262966521b6b2b3fcd9d11493ea03c3c0b2948c80c6112ab7b7d175f440

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          9KB

                          MD5

                          5cb8b5945994458eeb5727a08cb45c97

                          SHA1

                          c8e4f7aeaf0e3fec618d7f6546e37fd7be2ffdf5

                          SHA256

                          4bae1a7cca3bc066a0c712a74706015814057bd00cac802e28c011fef9012dbd

                          SHA512

                          fc9e39249670adccab864d117ebc56ac68fc8cc03eea50656de1f29d64c9c425db683e7685ff6635be22a9a99d133688a91ac852d4067b4cab0889472a4a742d

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          9KB

                          MD5

                          58646439c6657da47ed66a457863bd19

                          SHA1

                          cbfcc509c4beced2ce0a42f9853b2204c7ec6c4d

                          SHA256

                          462438ea9df249409baf82510f98f62c222e1c6d24921d7f4c214aedfd4bc63e

                          SHA512

                          ece775416949661f6166ca4369e84fbf8ad49571e65d83436d677dcf65884c79aa0aa07e73bbf394556615adaefd0ccdc18df03eeb82b0ac44264907281533da

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          9KB

                          MD5

                          34c3fb0f4bf5859ca765e76e0b1a1607

                          SHA1

                          9c55af8a39fc49fad704154200cc3e36c53dcbb4

                          SHA256

                          c5e78816bc7f6e8c65bc57a767baa8e56e49cc90228c0b469ae1a80b22617e19

                          SHA512

                          e6b412477712166d83418794138cdc1c25cbe1e3b31d78107644e9661a8d5e9f2efa8b51999ac104ed5d822de7858b983190011abee8ef7de3ae4ab9062fb23a

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          9KB

                          MD5

                          c1ff50a7e4b683cffe320e1b81808772

                          SHA1

                          81aa1649b9254e31ea6d41937db02822a748e300

                          SHA256

                          3b17c528c8ba5cb457251d0a83c63332585e29d45a70c4226e471fdd11f9b11a

                          SHA512

                          6fdea61f6970136d478153740da2215a1fda59b92a9f077ce0908c9860fadbc5c2789551f8e0bea3e4c1684390da5bf0b73a0f110f6fdd905ff4c923ea5f5567

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          9KB

                          MD5

                          678ad8a4d3e794254824d46ab482122e

                          SHA1

                          4127d7aab2eb74a411b47f4da577cca4f9908576

                          SHA256

                          4695fba5b4319596156343a6e9504cadc133a53f33e3e438dca0bb7b318f15c7

                          SHA512

                          ee331a4c2ad37cf93ad7bb6731cc439eb7675bd13a5c5803545c71ab7c16da26dc9438865d5280b92524cbe6113d692a3e9bb5467fe8404619f253d1dff56fb9

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          9KB

                          MD5

                          e1fba9588504b6570dc1629947c7ce27

                          SHA1

                          36d4dede6e9bbc049eda07cfd765dfcb07bd238e

                          SHA256

                          aa204aac4bff55d56cdcb8c247f37be7859f5b559c9989afaa36873b81dffa20

                          SHA512

                          e005c17f42cc75883aed69692dc1824649dfea6520f85c60023b44528871fe05dedd29e5d520baba2ee31e1e1bb2027dee087d280c8f032b00c9505315257ba1

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          9KB

                          MD5

                          6717311161f1a6c76337e46db092b684

                          SHA1

                          310bdf7ec1d9aa1954269d30942a961132218e8d

                          SHA256

                          768e72266fdc595f964415a1d6c90cc89505530d080f4c4dba94551135395be9

                          SHA512

                          d224dd573590c2139356f9204fc5c08222a85b07bf44eec712176b02e970fcd0b84c6e8a0c7e15812faf90d7e07eef8df1d1493d58fb86b8cb3acdf512cfb993

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          9KB

                          MD5

                          1fd6a5ccb1eec42f59f8996878e4fb04

                          SHA1

                          e53c9ea09c8955a67ae7e0bf76e5a1eb84a0ac2f

                          SHA256

                          58b18ab349eeaf1a0072ab652562cfe4f389992fe35ec750889e0843ba622fb6

                          SHA512

                          30df03af7c70ec83376ca971f7a115a834e0bbe80581b0ba5ae9f9a3c679b7edfe0721cd96d0dec7aaf192cf6ad5e154a749e56118b46aa64c52f4a4d7896ec3

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          9KB

                          MD5

                          5c97799dc8a6ce4d939b3a7d387506ad

                          SHA1

                          e6ce1d5e2d7e5160ff24f52cdbe884e538970b0f

                          SHA256

                          0d9d6287de37fe1e5a27683a7f690b892884acf995e4c0a0a9cc57653c28aed3

                          SHA512

                          a5cb89978be829c6fc1257cd91525dbdf37c5946118712c384270db115f40e26054a702766dd1f63af77c9c593d16974b69ed7f7d78d5ed7276cb4c3d238c0bf

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          9KB

                          MD5

                          4cc00121d9b96478467d9536762fdf41

                          SHA1

                          8d124e9e6c13c3cd73e39cd2ef30d15c78e997fa

                          SHA256

                          d8e62ed47c50a24ff8d62f4d40aa3786efedc5a35807b01025ea71db8d86a5c0

                          SHA512

                          fb4bbc29013a04c8ac73f3cb0d1cc8acb939be5cc454a8cf2e276d0c5cadf396b2f0504de0811355997493a76d64469faa19529b26ae7bedd505a9a39b23a28a

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          9KB

                          MD5

                          ce3c36ca0aa72c4414559028047821c0

                          SHA1

                          f1583064bd69e1d337adf22952d9f83e95dff9c9

                          SHA256

                          fae28f4c5535d9acbb737ef6c557910e2175cfd8db613d93a5885cee3572115f

                          SHA512

                          a302fb0c00ef7f126b683342306610b1ab2c645e7c5ee00308d8d7966b53bcf6d1ba23b0b2df65afe43c656f63a5d37e413b29b6aa2893328c954851878e38be

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          9KB

                          MD5

                          1848397f9776bb8240cf5ec3c3bb3680

                          SHA1

                          2a20a9795dc21838d62871753e0b4601eedcd985

                          SHA256

                          fa4cd3f2f670b23e1cc6bcd09357e5817c7bd7dcba4f33560be7a4693f47a2ed

                          SHA512

                          b411a7240b8e3ff96a6ff8c22b7729214d7fb0b52b33b91f535e694c65a6f024ad49c05a9153cbb6ded7c3b7f39484decb1d7f6693b777a9b1e5fdcdfc0fe945

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          9KB

                          MD5

                          629105a3193f00bf4cd01e23c8c46fc2

                          SHA1

                          c466690983aca31a2c22a34a4517469f50c1f6ad

                          SHA256

                          f3e54a0c786d4ae5306b46789dcf850a53fb69d5ac9e44da5d1d41ed64a62c12

                          SHA512

                          631f3e4878e62103a91e7986d6b6f01cf2eea4a85c94865eea3f19d1cc7867d88290e2ee0212b522f4f5eef8efc96928d22cccbfec728c30b39671ea9a061084

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                          Filesize

                          9KB

                          MD5

                          2fefbedd8a72951da9f4882b72efad99

                          SHA1

                          dfb2ed2b30ffd0f62935490c663ec3fb05971ba5

                          SHA256

                          96b9896acb3b450a057e966a4056e19e5c31865159e0c8004f5a29698e345816

                          SHA512

                          6a8642d0ac41b8805fa0cb541907079f4dd9a4aa62085fb627c213639ec9ee7b6f4a654176520c765e6a567c8b01d8a97c03f61744e891fe9951d2a0be4c34c2

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                          Filesize

                          116KB

                          MD5

                          5932a491649b8377ad489c82d0c9683d

                          SHA1

                          3baedbc8f5075da382bafc6f681d35f14505f7cc

                          SHA256

                          f3bf0d0c786bc8e0712470764ecf3bb6c354e0cb7ede7ee5fe308f453c3afbb3

                          SHA512

                          95d15a2a2dc15cfa4f8548bef373cbcc4de32b0c4c6dcf9cc5a172a351f9b3a4562e5eb211838e40839a2eba9ac97f42e1b0266c05babb92c3cc8148c5835a46

                        • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                          Filesize

                          116KB

                          MD5

                          d27d81cc2e55c99e88bcddf70bba03d7

                          SHA1

                          7489f900f058988b00ddc331516e8edf926b4793

                          SHA256

                          594b4ab05a307cea13be7a1320cd180dc7125ccaf6b376123317bf7821ca10b3

                          SHA512

                          fd7f163a0a17ee536eabc4b7f523c7857a5b2262295d368b0be7d6136cf4fe5e7f7eedaebbecf519f18b087f1b610073f8b81fc1318a063151d6b658f101fe0b

                        We care about your privacy.

                        This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.